On Sat, Sep 13, 2008 at 6:58 AM, Seth Vidal <skvidal(a)fedoraproject.org> wrote:
On Sat, 2008-09-13 at 08:06 -0400, Matthew Miller wrote:
> On Sat, Sep 13, 2008 at 02:02:12PM +0200, Thorsten Leemhuis wrote:
> > But a checkbox with a text "User is the sysadmin for this system"
might
> > makes sense in firstboot -- that checkbox could not only configure sudo
> > and/or PolicyKit access but also do other things like setting up a alias to
> > /etc/aliases to make sure the user in question retrieves the mail send to
> > root.
>
> If we do this (and I'm for it), we should make this work by uncommenting the
> wheel group in /etc/sudoers, and having said checkbox add the user to the
> wheel group.
I don't like the wheel group way into sudoers. Not the least of which
because the wheel group, on systems which are using some other form of
nss than local files, can be mucked with too easily.
Any solution is going to be fragile in the case of a network'd
computer. Unix permission scheme was never designed with that in mind.
So
what is the 80% use solution? Of the fedora users, are 80% covered by
local files or using nss_XXX? I am not for wheel or against it.. I
just figure we should look at what is the majority use scheme and work
around it for the rest.
--
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"