Is it me or is it sudo?
Joel Rees
joel.rees at gmail.com
Fri Mar 30 11:51:12 UTC 2012
On Wed, Mar 28, 2012 at 10:48 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>
>
> Am 28.03.2012 15:43, schrieb suvayu ali:
>> On Wed, Mar 28, 2012 at 15:35, Reindl Harald <h.reindl at thelounge.net> wrote:
>>> Am 28.03.2012 15:26, schrieb suvayu ali:
>>>> On Wed, Mar 28, 2012 at 15:18, Mark Haney <markh at abemblem.com> wrote:
>>>>> markh ALL=(ALL) NOPASSWD: ALL
>>>>
>>>> This should be:
>>>>
>>>> %markh ALL=(ALL) NOPASSWD: ALL
>>>
>>> why? this would mean GROUP markh
>>> see examples in /etc/sudoers!
>>>
>>
>> Because I did _mean_ group markh. I had overlooked that you could
>> specify individual users too. Since by default all users belong to a
>> group named after itself, specifying as a group should work too.
>
> one of the odd defaults many are not using
>
> why should i have a group with the name of my user
> if it has only one user - or why should i put the
> user "caroline" in group "harry" except for chaos
>
> no idea who invented this silly default, however, do not
> assume all people are using defaults all the time
It was "invented" by a number of people who understood how to get
along without ACLs and capabilities and all the stupid machinery
necessary to support them.
Adding ACLs and capabilities to a *nix system is like giving the car
owner a rope to tie his car door shut when there's already a perfectly
good lock on the door. Or screen doors on a submarine, take your pick.
--
Joel Rees
More information about the users
mailing list