On Thursday 09 December 2004 20:20, Matthew Miller wrote: > On Thu, Dec 09, 2004 at 04:19:25PM -0800, Rahul Sundaram wrote: > > how about encouraging that concept by default with a > > setup similar to Mac OS X or ubuntu. I have used both > > and it really makes sense for desktop users. since > > fedora isnt targetted towards mission critical > > environments its more likely used as a desktop > > Try this in FC3: > > 1) add yourself to the 'wheel' group > 2) add the line "UGROUPS=wheel" to each file in > /etc/sysconfig/console.apps > > Now, you have sudo-like access to all of these programs -- you need to > authenticate, but with your own password, not the root password. And for > sudo itself, of course, uncomment the "%wheel ALL=(ALL) ALL" line in > /etc/sudoers. This is a great idea. and I think it should be either implemented as the default. *or* a setting in sysconfig-securitylevel. > For BU Linux, we do this by default, and I've patched system-config-users > to include an easy way to add wheel group membership (and made it display > in its own column in the normal view, so it's obvious who's got it). > > When one logs in as root with the "Default" environment (instead of > explicitly picking Gnome or KDE), one gets a minimalist environment running > system-config-users, with instructions on how to create an admin user in > the wheel group. > > Furthermore, we set it up so all mail destined for root is sent to members > of 'wheel', to increase the chances of it actually being seen by a human. > > All or some of this may be good for Fedora Core. (Getting UGROUPS into > usermode was the first step -- cool.) > > Also, by the way, you can use the UGROUPS thing in a more fine-grained way, > too, if you want: you could make a "printadmin" group and use the line > "UGROUPS=printadmin" (or UGROUPS="wheel,printadmin", even). > > -- > Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> > Boston University Linux ------> <http://linux.bu.edu/> -- Public Key available Here: http://www.bravegnuworld.com/~rjune/pubkey.asc
Attachment:
pgpiM5QUA7eKK.pgp
Description: PGP signature
