On Tue, Sep 11, 2012 at 11:51:30PM +0100, Neil Bothwick wrote
> It's the idea of leaving a root console open for all to access that is
> the issue, not the commands you run in it.
Fully agree that's a bad idea. My system uses sudoers. I.e. in
/etc/sudoers.d/001 I have the lines...
user2 d531 = (root) NOPASSWD: /usr/local/bin/ux *
waltdnes d531 = (root) NOPASSWD: /usr/local/bin/ux *
...where /usr/local/bin/ux consists of...
#!/bin/busybox ash
pumount ${1}
...and in my home directory I have ~/bin/um which consists of...
#! /bin/busybox ash
sudo /usr/local/bin/ux ${1}
...So I can, as a regular user, execute at the commandline...
um sdb1
...and /media/sdb1 is unmounted. No need to log on as root or have a
root shell.
--
Walter Dnes <[email protected]>
I don't run "desktop environments"; I run useful applications
