Re: sudo doesn't work, I'm not in sudoers file, but I am.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Saturday 12 January 2008, Craig White wrote:
>On Sat, 2008-01-12 at 23:20 -0500, Gene Heskett wrote:
>> On Saturday 12 January 2008, Mike Williams wrote:
>> >On Jan 12, 2008 5:53 PM, Gene Heskett <gene.heskett@xxxxxxxxxxx> wrote:
>> >> >From the sudoers file:
>> >>
>> >> [...]
>> >> ## Allow root to run any commands anywhere
>> >> root    ALL=(ALL)       ALL
>> >> gene    ALL=(ALL)       ALL
>> >
>> >Sure looks okay to me.  Note that you can also use:
>> >gene    ALL=(ALL)      NOPASSWD: ALL
>>
>> I'm not sure I'd want that.  While this house is secure, and dd-wrt is
>> between this box and the net, I think that might be trusting things a wee
>> bit much.
>>
>> In fact, my password, while longer than most, is about half the length of
>> roots, which is so long its not usable with ssh or samba.  For that
>> reason, I wouldn't mind being forced to use roots password to sudo.  Is
>> that possible?
>
>----
>I'm thinking that doesn't make much sense. What would make more sense is
>that if you don't trust yourself (or your password, like others know
>your password), create another user, give that user sudo power and
>simply su to that user instead.

_I_ trust me, and the missus is computer illiterate, but someone who knows a 
lot about me could probably find that pw given enough time.  ISTR I had John 
hammer on it for an hour or so a year back, so it isn't quite as easy as it 
looks I guess.  John The Ripper didn't find it in that time frame.

>There are some protections afforded to root that by default are not
>given to users (interactive rm for example) and vice versa. For that
>reason, I like to simply su to root when I need root privileges and stay
>as user when I don't.

I will keep that in mind, and have done so in the past when sudo didn't work.

>Craig

Thanks.

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
C for yourself.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux