On Monday 18 May 2009 22:14:43 bn wrote: > > If you use Ubuntu, you've got to accept their eccentric & questionable > > attitude to passwords, esp that they don't have a separate root password. > > I find that a piece of cheap popularisation contrary to UNIX principles.
Huh? The package you are talking about is sudo. Might I add that sudo follows the grand time honoured tradition of the principle of least priviledge whereas su does not? su offers no means to selectively allow what a user may and may not be authorised to do. It's an all or nothing approach, much like running Windows as admin. A separate root password gives no real extra safety - the user becoming root still has to be in the wheel group, and still has to prove who they are by a process of authentication. For servers, this is brilliant. Log in with keys, sudo with a password (which you keep just as safe as a root password). > I found it very useful and it makes much sense in my opinion -so much > that I would like to know how to fully "ubuntize" my Gentoo in this > single respect. Easy peasy: emerge sudo sudoedit add desired users to wheel group [test] replace root password in shadow with "!" Please note that this is not an Ubuntu thing. It's simply using sudo in one of the ways sudo was specifically designed to be used. > I don't maybe like it's pulled down the throat of users, > but if they had the option to choose between both with,say,one > installation option click, it would be perfect. Even easier. As first user created (administrative user): sudo passwd [forget sudo exists] -- alan dot mckinnon at gmail dot com
