Re: multiple root accounts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Craig White wrote:
> everyone else has suggested that you change the uid # in /etc/passwd to
> 0 which may very well do what you want but there is another mechanism in
> place...sudo which might be more in line with security...
> 
> an entry in /etc/sudoers like...
> 
> craig   ALL=(ALL) ALL
> 
> would do something similar but you would have to supply root password to
> have root privileges.
> 
> if you did something like this...
> 
> Cmnd_Alias IPOD=/sbin/modprobe -r sbp2
> Cmnd_Alias EJECT=/usr/bin/eject /dev/sda2,/usr/bin/eject /dev/sdb2
> 
> craig   ALL= NOPASSWD : IPOD, EJECT
> 
> then user 'craig' could do those specific commands without a password.
> Suit yourself, it's your system but I would ***heavily*** recommend
> against a real 'user' having a uid of "0"
> 
> Craig
> 
For added security, I would not use the NOPASSWD option. That way,
craig would have to supply his password (not root's password) when
he wants to run the commands. It gives added protection if you are
called away, and someone else tries to run the commands.

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux