setting up sudo(was : RFC: root/non-root bash prompts different colours?)

Richard June rjune at bravegnuworld.com
Fri Dec 10 14:43:20 UTC 2004 

On Thursday 09 December 2004 20:20, Matthew Miller wrote:
> On Thu, Dec 09, 2004 at 04:19:25PM -0800, Rahul Sundaram wrote:
> > how about encouraging that concept by default with a
> > setup similar to Mac OS X or ubuntu. I have used both
> > and it really makes sense for desktop users. since
> > fedora isnt targetted towards mission critical
> > environments its more likely used as a desktop
>
> Try this in FC3:
>
> 1) add yourself to the 'wheel' group
> 2) add the line "UGROUPS=wheel" to each file in
>    /etc/sysconfig/console.apps
>
> Now, you have sudo-like access to all of these programs -- you need to
> authenticate, but with your own password, not the root password. And for
> sudo itself, of course, uncomment the "%wheel ALL=(ALL) ALL" line in
> /etc/sudoers.
This  is a great idea. and I think it should be either implemented as the 
default. *or* a setting in sysconfig-securitylevel.

> For BU Linux, we do this by default, and I've patched system-config-users
> to include an easy way to add wheel group membership (and made it display
> in its own column in the normal view, so it's obvious who's got it).
>
> When one logs in as root with the "Default" environment (instead of
> explicitly picking Gnome or KDE), one gets a minimalist environment running
> system-config-users, with instructions on how to create an admin user in
> the wheel group.
>
> Furthermore, we set it up so all mail destined for root is sent to members
> of 'wheel', to increase the chances of it actually being seen by a human.
>
> All or some of this may be good for Fedora Core. (Getting UGROUPS into
> usermode was the first step -- cool.)
>
> Also, by the way, you can use the UGROUPS thing in a more fine-grained way,
> too, if you want: you could make a "printadmin" group and use the line
> "UGROUPS=printadmin" (or UGROUPS="wheel,printadmin", even).
>
> --
> Matthew Miller           mattdm at mattdm.org        <http://www.mattdm.org/>
> Boston University Linux      ------>                <http://linux.bu.edu/>

-- 
Public Key available Here:
http://www.bravegnuworld.com/~rjune/pubkey.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20041210/7c9e5e33/attachment-0002.bin

More information about the devel mailing list