On 13/05/2018 18:48, Richard Owlett wrote:
The underlying problem is not understanding what I read concerning sudo
&/or /etc/sudoers (*INCLUDING* man pages).
Only *ONE* individual has physical access to my _personal_ machine.
Therefore, any distinction between 'richard' and 'root' is inherently
artificial.
The result I wish to achieve is to click on the icon for either GParted
or Synaptic *WITHOUT* being asked for a password (either root's or user's).
I've found vague hints that adding a line to my local /etc/sudoers file
such as
richard ALL = /usr/sbin/gparted , /usr/sbin/synaptic
would accomplish my goal.
Is that correct?
Also my reading suggested that adding myself to sudoers group would be
required.
This has an undesired side effect. I'm asked for my user password
instead of my root password. I currently have four different installs of
Debian each having an intentionally identical sets of UID, GID, and
passwords. No matter which install is active, if asked for an admin
password I want it to be the 'root password'
N.B.
My previous statement
The result I wish to achive is to click on the icon for either
GParted or Synaptic *WITHOUT* being asked for a password > (either
root's or user's).
would apply only to the install on this partition.
Hello, to grant yourself "sudo" usage you can add your user to "sudo"
group, or put this in your /etc/sudoers file:
$user ALL=(ALL:ALL) ALL
where you replace "$user" with your username.
To be granted password-less execution of a command you can use:
$user ALL=(ALL) NOPASSWD: /full/path/to/executable argument --option
The argument or options are of course optional, but for "NOPASSWD:" to
work the command in /etc/sudoers must be the same as the one invoked by
the user.
To be asked for root password all the time, use at the beginning of
/etc/sudoers the line:
Defaults rootpw
You may still experience a different behavior for applications using the
policykit framework.
It goes without saying that a specially crafted sudoers file can make
your system much less secure, but you are the only judge of that.
Hope it helps.
