Package: sudo Version: 1.7.4p4-2 Severity: wishlist Hi,
the default sudoers configuration created by the postinst currently
contains these two entries:
root ALL=(ALL) ALL
%sudo ALL=(ALL) ALL
This allows any user in the sudo group and root to run any program as
any user. However if I want to change the GID (only) I get this:
$ sudo -g audio mplayer
Sorry, user alexander is not allowed to execute '/usr/bin/mplayer' as
alexander:audio on alexander.
I found the explanation for this here [1]. Given that it is trivial to
change the GID after becoming root I suggest to change the default
entries to this:
root ALL=(ALL:ALL) ALL
%sudo ALL=(ALL:ALL) ALL
This allows the user to change the UID and the GID to match what he or
she needs more precisely. In my case this allows me to *not* use root
privileges when all I really need is access to my audio devices.
Best regards
Alexander Kurtz
PS: If you decide to make that change, it would be uber-cool if this
would make it into squeeze ;-)
[1] http://serverfault.com/questions/166254/change-primary-group-with-sudo-u-g
signature.asc
Description: This is a digitally signed message part
