On Sun, 2008-09-14 at 13:26 -0600, Stephen John Smoogen wrote: > On Sat, Sep 13, 2008 at 6:58 AM, Seth Vidal <skvidal@xxxxxxxxxxxxxxxxx> wrote: > > On Sat, 2008-09-13 at 08:06 -0400, Matthew Miller wrote: > >> On Sat, Sep 13, 2008 at 02:02:12PM +0200, Thorsten Leemhuis wrote: > >> > But a checkbox with a text "User is the sysadmin for this system" might > >> > makes sense in firstboot -- that checkbox could not only configure sudo > >> > and/or PolicyKit access but also do other things like setting up a alias to > >> > /etc/aliases to make sure the user in question retrieves the mail send to > >> > root. > >> > >> If we do this (and I'm for it), we should make this work by uncommenting the > >> wheel group in /etc/sudoers, and having said checkbox add the user to the > >> wheel group. > > > > I don't like the wheel group way into sudoers. Not the least of which > > because the wheel group, on systems which are using some other form of > > nss than local files, can be mucked with too easily. > > > > Any solution is going to be fragile in the case of a network'd > computer. Unix permission scheme was never designed with that in mind. > So > what is the 80% use solution? Of the fedora users, are 80% covered by > local files or using nss_XXX? I am not for wheel or against it.. I > just figure we should look at what is the majority use scheme and work > around it for the rest. > 80% is the entry gets added to /etc/sudoers by the user addition interface if 'make this user an admin' is checked. I think the entry would look like: username ALL=(ALL) ALL -sv -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
