UPDATE: I don't recommend to follow the guide in this post any longer. It can lead to unwanted behaviour (regular users can't reboot or shut down the computer, only root can do so by using a console). A friend pointed out that as You are probably using Ubuntu as a desktop or laptop OS (There are way better distros to use as a server OS than Ubuntu!), the crucial data on the machine will probably be Your personal data (and not the system files). If someone cracks Your user account, You're screwed. If that person now gains root access by using Your user account, he doesn't gain anything.
Yay, f1rst post!
Ubuntu is quite a fine distribution, but I don't like their sudo policy. It's like Windows' administrator policy, giving a regular user full control of the system. Linux used to have a dedicated root user for changing the system's configuration. And I want it back that way.
If You think the same, there are basically 3 things You need to do to get the root user back in control:
- Give root a password.
- Change the sudoers file so
sudo <command> asks for the root password instead of the user's one.
Add the targetpw option to the Defaults line so it looks like this:
| Code: |
| Defaults env_reset,targetpw |
A side-effect of using targetpw instead of rootpw is that sudo -u <username> <command> asks for username's password instead of the root password.
You might also want to add timestamp_timeout=0, this option is described in the sudoers manpage. A tip: add insults for some extra fun!
In order to enable every user to use the sudo command (not without entering the root password, of course), You also need to change the user privilege specification.
Comment out the 2 lines beginning with %sudo and %admin and add the line:
to the end of the file
- Change gnome's gksu. You don't really have to do this, because entering the root password in the password dialogues of gnome will still launch Synaptic or whatever program we want to use, but this is more a decorational thing. gksudo asks for the user's password, although we need to enter the root password. gksu asks for the root password (and also has the ability to save the password for a short time).
Change Authentication mode from sudo to su.
That's it! You're done!
Posts
Keine Kommentare:
Kommentar veröffentlichen