l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 7: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2003 Nov 20 15:21

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] User with root privileges
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] User with root privileges



Assuming you have sudo installed, the safest way is to do a sloppy (in my
opinion) entry in /etc/sudoers that matches root's entry in that file.
'man sudo' for lots of good info...

A slightly better way is the way OS X does it. I've stolen this idea for a
couple Linux boxes.  Create an "admin" group, then add your user to the
admin group, and then give your admin group sudo privilages.

contents of /etc/sudoers:
# User privilege specification
root    ALL=(ALL) ALL
%admin  ALL=(ALL) ALL

This requires prepending 'sudo' to almost any root-only command, but
that's just a nice safety check anyway.  For commands I use alot, I add
the above to /etc/sudoers and then I put this is my .bashrc

alias ifconfig='sudo /sbin/ifconfig'
alias iwconfig='sudo /sbin/iwconfig'
alias cardctl='sudo /sbin/cardctl'
alias blah, blah, blah...

You get the idea.

"Tricking" the permission scheme by swapping UID's is gonna
seem like it worked until some shell script calls root by name later and
bombs (or something...I just think it will eventually break).

On Thu, 20 Nov 2003, Rob Rogers wrote:

> On Thu, 20 Nov 2003 13:13:49 -0800, Rod Roark <rod@sunsetsystems.com>
> wrote:
>
> > Having root privileges means your UID is 0 - i.e. you are
> > logged in as root.
> >
> > I have never tried this, but I suppose you could go into
> > /etc/passwd, etc/shadow and /etc/group and rename root to
> > some other name.
> >
> > But there is surely a better way to do whatever it is that
> > your friend wants to do.
>
> I'd suggest going with Tim's method. You can have multiple usernames with
> the same UID. The only confusion will be when programs will grab a name to
> match a UID, it will grab the first one, assuming there is no others. i.e.
> ls will show your files as belonging to root if your UID is 0 you're
> logged in under another name.
>
> I've seen the problem with renaming root... I had a friend who decided "I
> wonder what would happen if I renamed root to God" and all sorts of
> programs started getting confused. of course he may have just missed
> making the change in /etc/shadow or /etc/group, but I'm not sure I'd want
> to take the chance.
> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>

_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!