Mailinglist Archive: opensuse (3337 mails)

< Previous Next >
Re: [opensuse] My problems with makeSUSEdvd
  • From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
  • Date: Sun, 23 Apr 2006 16:58:10 +0200 (CEST)
  • Message-id: <Pine.LNX.4.61.0604231649240.1588@xxxxxxxxxxxxxxxx>
Hash: SHA1

The Sunday 2006-04-23 at 15:10 +0200, Christian Boltz wrote:

> It seems your sudo configuration differs from the current SUSE one.

It is probably inherited since 8.1 or there abouts. I never install anew,
but update.

> On my system, I have (unchanged according to rpm -V):
> # grep '^[^#]' /etc/sudoers
> Defaults always_set_home
> Defaults env_reset
> Defaults targetpw # ask for the password of the target user i.e. root
> ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults
> targetpw'!
> root ALL=(ALL) ALL

Mine is:

root ALL=(ALL) ALL
cer nimrodel= (root) /usr/sbin/checkinstall
husky nimrodel= (root) /usr/sbin/checkinstall
cer nimrodel= (root) /usr/sbin/iptraf
cer nimrodel= (root) /usr/X11R6/bin/ethereal
cer nimrodel= (root) /root/bin/killmails
cer nimrodel= (root) /usr/bin/fetchmail
cer nimrodel= (root) /etc/ppp/ip-up.local eth0
cer nimrodel= (root) /etc/ppp/ip-kill

Ie, I use explicit commands.

> It can be discussed if "Defaults targetpw" is a good idea (I don't
> believe so) - but most probably this setting won't be changed back.

That's something I will not set. If I want somebody to be able to use a
root command, I don't want him to know the rott password. If he does know
it, he doesn't need sudo in the first place, and if he wants to do do
something I don't want him to do, he will simply "su" and do it. Thus sudo
becomes useless.

Even if this is my home setup, I don't want to indulge in bad habits ;-)

> Houghi: maybe using "su" would be a better idea...
> > Is the opensuse link above correct, or has it got to be modified to
> > add the "sudo" instructions? I don't know what commands I need to add
> > to the sudo configuration,
> My guess: mount -o loop isofile mountpoint (and matching umount)

That at least. There are quite some appeareances of the sudo word, but I
don't know how it detects my password is incorrect, as it wants the root
password and then rejects it. Simply adding that command to sudoers will
not work.

- --
Carlos Robinson

Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76


< Previous Next >
Follow Ups