In many ways, the sudo and usermode programs are kludgy attempts to achieve what SE Linux does for real -- separate out root powers. Certain users can be delegated to run only certain programs with root privileges. Sudo also acts as the sysadmin's swiss army knife. Common practice here is to have all sysadmins use sudo for _anything_ that needs to be run as root. This has the advantage of documenting all actions (by agreement, not enforced, of course), and the convenience of not needing to actually know the root password. Likewise, the usermode program allows any user to provide the root password in order to run the various system-config-* programs. I have a patch (see <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=86188>) which allows members of a given group ("wheel", typically) to authenticate with their *own* credentials to gain access to these programs. (Other users are prompted for the root password.) There's an obvious security tradeoff, here: instead of needing to know two passwords, one only needs one's own. On the other hand, it removes the need to manage root passwords for desktop users or for large numbers of machines, and is an undeniable convenience. So, since I'm just diving into SE Linux -- how does this _work_ in the Brave New World? Is sudo obsolete? Is my usermode patch now pointless? Can this be accomplished another way? *Should* it be accomplished at all? Thanks! -- Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/>
