setting up sudo(was : RFC: root/non-root bash prompts different colours?)
Matthew Miller
mattdm at mattdm.org
Fri Dec 10 01:20:36 UTC 2004
On Thu, Dec 09, 2004 at 04:19:25PM -0800, Rahul Sundaram wrote:
> how about encouraging that concept by default with a
> setup similar to Mac OS X or ubuntu. I have used both
> and it really makes sense for desktop users. since
> fedora isnt targetted towards mission critical
> environments its more likely used as a desktop
Try this in FC3:
1) add yourself to the 'wheel' group
2) add the line "UGROUPS=wheel" to each file in
/etc/sysconfig/console.apps
Now, you have sudo-like access to all of these programs -- you need to
authenticate, but with your own password, not the root password. And for
sudo itself, of course, uncomment the "%wheel ALL=(ALL) ALL" line in
/etc/sudoers.
For BU Linux, we do this by default, and I've patched system-config-users to
include an easy way to add wheel group membership (and made it display in
its own column in the normal view, so it's obvious who's got it).
When one logs in as root with the "Default" environment (instead of
explicitly picking Gnome or KDE), one gets a minimalist environment running
system-config-users, with instructions on how to create an admin user in the
wheel group.
Furthermore, we set it up so all mail destined for root is sent to members
of 'wheel', to increase the chances of it actually being seen by a human.
All or some of this may be good for Fedora Core. (Getting UGROUPS into
usermode was the first step -- cool.)
Also, by the way, you can use the UGROUPS thing in a more fine-grained way,
too, if you want: you could make a "printadmin" group and use the line
"UGROUPS=printadmin" (or UGROUPS="wheel,printadmin", even).
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the fedora-devel-list
mailing list