LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 01-18-2007, 01:18 PM   #1
hashess
LQ Newbie
 
Registered: Jan 2007
Posts: 7

Rep: Reputation: 0
sudo configuration


Hi all.

I installed sudo but i have a problem with it.
When i'm on my usual account (normal user), if i write "sudo /usr/sbin/visudo" it asks me a password and then nothing happened. If i write "sudo reboot -n" nothing happend. What do i have to do to be able to execute task... by using "sudo command_name"

Thanks a lot
 
Old 01-18-2007, 01:38 PM   #2
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301
I tried to configure sudo in the past, but failed. I did what it said and it just never worked. I don't really see any benefit to using sudo over su, so I gave up.
 
Old 01-18-2007, 01:41 PM   #3
hashess
LQ Newbie
 
Registered: Jan 2007
Posts: 7

Original Poster
Rep: Reputation: 0
yeah i know but in some case it's useful. It's the second time i try to configure it (previously on debian etch) but never suceeded. Does someone know how to do?

Thanks so much
 
Old 01-18-2007, 02:01 PM   #4
bsdunix
Senior Member
 
Registered: May 2006
Distribution: BeOS, BSD, Caldera, CTOS, Debian, LFS, Mac, Mandrake, Red Hat, Slackware, Solaris, SuSE
Posts: 1,761

Rep: Reputation: 80
Add your username to the wheel group in /etc/group file, example:

Code:
wheel::10:root,bsdunix
Then, uncomment the %wheel entry line in /etc/sudoers file (Note: you can fine tune which users are able to use what commands), example:

Code:
---snip---
# Uncomment to allow people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL
---snip---
"Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments."
http://www.gratisoft.us/sudo/intro.html
 
Old 01-18-2007, 02:34 PM   #5
/y0shi
Member
 
Registered: Jan 2006
Location: berlin, germany
Distribution: slackware 12.0
Posts: 58

Rep: Reputation: 17
if you just want this for some special commands you can edit the file /etc/sudoers as root into something like:

root ALL=(ALL) ALL
user darkstar=NOPASSWD:/usr/sbin/hddtemp

where user is your username and darkstar your hostname ...
in this example something like

user@darkstar:~$ sudo /usr/sbin/hddtemp /dev/hda

would be possible ...
 
Old 01-18-2007, 03:04 PM   #6
Tux-Slack
Member
 
Registered: Nov 2006
Location: Slovenia
Distribution: Slackware 13.37
Posts: 511

Rep: Reputation: 37
add your user the predefined group in sudoers
default group is wheel

why use sudo over su
because then you can remove roots password and replace it with *
so noone can login to root
you can only sudo -i to login to root only from a user who has wheel group added, or any other group defined in sudoers
 
Old 01-18-2007, 04:32 PM   #7
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301
Quote:
Originally Posted by Tux-Slack
add your user the predefined group in sudoers
default group is wheel

why use sudo over su
because then you can remove roots password and replace it with *
so noone can login to root
you can only sudo -i to login to root only from a user who has wheel group added, or any other group defined in sudoers
And how would that be more secure ? And, more importantly, what if you need root access at one point ? You'd have to use a user with root permissions ... kinda pointless.
 
Old 01-19-2007, 06:23 AM   #8
hashess
LQ Newbie
 
Registered: Jan 2007
Posts: 7

Original Poster
Rep: Reputation: 0
bsdunix I did what you told me to do but nothing changed
 
Old 01-19-2007, 07:00 AM   #9
musthafa
LQ Newbie
 
Registered: Jan 2007
Posts: 6

Rep: Reputation: 0
This is not the actual use of sudo utility. This will be useful if more than one person administering a Linux/Unix machine. The /var/log/messages (Linux) or /var/adm/messages (Solaris) will have the log of the user executed the super user privileged command(s). So we can track the person who did something abnormally.

We can hide/remove the root account from the machine with the help of sudo, but this is not the actual intention. We can simply remove the root entry from /etc/passwd and give the 0 (uid) and 0 (gid) values for a normal user so that he will act as a root user.

For ex: musthafa:x:0:0:root users:/root:/bin/ksh

Use the sudo utility in server(s) which are administered by more than one person. Using the root account by more than one admin is not advisable and it is very difficult to track the changes done by those admins.
 
Old 01-19-2007, 09:10 AM   #10
Tux-Slack
Member
 
Registered: Nov 2006
Location: Slovenia
Distribution: Slackware 13.37
Posts: 511

Rep: Reputation: 37
I would kindly copy you my /var/log/messages files
but i'm currently at work, and you can count how many times someone has tried to guess a root password on my server
and how many times they've tried to guess my user password

i guess it would be 500 to 0

so if root has no password, noone can log in directly to root, no mather what password they input
and u add a user named, i don't know stupiddog
and add the wheel group to it
now only you know the password to stupiddog and you can use sudo -i to gain root priviledge in other words log into root interactivly

and who would guess on a server with 100 users(i.e.)
that exactly stupiddog user has a group added in sudoers?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sudo help chud67 Linux - General 3 07-25-2007 04:05 AM
Restricting Editing in Sudo (Advanced Sudo Question) LinuxGeek Linux - Software 4 11-04-2006 03:20 PM
Sudo without having to type "sudo?" Mitch G Linux - Security 3 09-28-2006 02:16 PM
sudo configuration question jhigz Linux - Software 5 07-23-2005 08:23 AM
sudo cgammel Linux - Newbie 2 11-30-2003 09:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 08:40 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration