On 25/04/2019 09.58, Ludwig Nussel wrote:
Neal Gompa schrieb:
On Wed, Apr 24, 2019 at 4:31 PM Stasiek Michalski
wrote: [...] A lot of other (mainly RH based) distros still use wheel, it's an option in anaconda when installing the system (but anaconda also has seperate user and root passwords by default on the other hand).
Since when is "wheel" deprecated? I've never heard of this. In Debian systems, the wheel group was renamed to sudo, but in all other distro families, the wheel group exists and is properly configured by default (except of course, in openSUSE, where it's busted by design).
Do you have examples of that?
I would appreciate some documentation of how is "wheel" intended to be used, specially on openSUSE. What I found ages ago said something like wheel being fascist, and assumed everybody knew, so I did not investigate further ;-)
To the best of my knowledge adding meaning to the wheel group in SUSE distributions has always been left to the administrator. Ie the operating system creates the group but doesn't use it. So the wheel group could mean anything in production deployments.
One use case would be for example to only allow members of the wheel group to call setuid binaries like su/sudo either via file system permissions or by configuration, but still having to enter (means knowing) the root password. Another one would be to allow sudo without even having to enter the root password for members of the wheel group. Means accounts with the wheel group are basically root. That's a very important difference.
Or allow sudo with user password for those users in wheel group. That would suit me. -- Cheers / Saludos, Carlos E. R. (from openSUSE, Leap 15.1 x86_64 (ssd-test)) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org