Re: [opensuse] My problems with makeSUSEdvd

Sun, 23 Apr 2006 07:58:23 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The Sunday 2006-04-23 at 15:10 +0200, Christian Boltz wrote:

> It seems your sudo configuration differs from the current SUSE one.

It is probably inherited since 8.1 or there abouts. I never install anew, 
but update.

> On my system, I have (unchanged according to rpm -V):
> 
> # grep '^[^#]' /etc/sudoers
> Defaults always_set_home
> Defaults env_reset
> Defaults targetpw    # ask for the password of the target user i.e. root
> ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults 
> targetpw'!
> root    ALL=(ALL) ALL

Mine is:

root    ALL=(ALL) ALL
cer nimrodel= (root) /usr/sbin/checkinstall
husky nimrodel= (root) /usr/sbin/checkinstall
cer nimrodel= (root) /usr/sbin/iptraf
cer nimrodel= (root) /usr/X11R6/bin/ethereal
cer nimrodel= (root) /root/bin/killmails
cer nimrodel= (root) /usr/bin/fetchmail
cer nimrodel= (root) /etc/ppp/ip-up.local eth0
cer nimrodel= (root) /etc/ppp/ip-kill

Ie, I use explicit commands.

> It can be discussed if "Defaults targetpw" is a good idea (I don't 
> believe so) - but most probably this setting won't be changed back.

That's something I will not set. If I want somebody to be able to use a 
root command, I don't want him to know the rott password. If he does know 
it, he doesn't need sudo in the first place, and if he wants to do do 
something I don't want him to do, he will simply "su" and do it. Thus sudo 
becomes useless.

Even if this is my home setup, I don't want to indulge in bad habits ;-)


> Houghi: maybe using "su" would be a better idea...
> 
> > Is the opensuse link above correct, or has it got to be modified to
> > add the "sudo" instructions? I don't know what commands I need to add
> > to the sudo configuration, 
> 
> My guess:   mount -o loop isofile mountpoint   (and matching umount)

That at least. There are quite some appeareances of the sudo word, but I 
don't know how it detects my password is incorrect, as it wants the root 
password and then rejects it. Simply adding that command to sudoers will 
not work.

- -- 
Cheers,
       Carlos Robinson

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFES5YLtTMYHG2NR9URAifzAJ0beSZXzmgVjZYiJBDjcqbfAMRh/QCfcYDj
lDG5T6GVa21HdmbZIkD9gCE=
=kL2L
-----END PGP SIGNATURE-----


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to