sudo doesn't work, I'm not in sudoers file, but I am.

Gene Heskett gene.heskett at verizon.net
Sun Jan 13 04:38:53 UTC 2008


On Saturday 12 January 2008, Craig White wrote:
>On Sat, 2008-01-12 at 23:20 -0500, Gene Heskett wrote:
>> On Saturday 12 January 2008, Mike Williams wrote:
>> >On Jan 12, 2008 5:53 PM, Gene Heskett <gene.heskett at verizon.net> wrote:
>> >> >From the sudoers file:
>> >>
>> >> [...]
>> >> ## Allow root to run any commands anywhere
>> >> root    ALL=(ALL)       ALL
>> >> gene    ALL=(ALL)       ALL
>> >
>> >Sure looks okay to me.  Note that you can also use:
>> >gene    ALL=(ALL)      NOPASSWD: ALL
>>
>> I'm not sure I'd want that.  While this house is secure, and dd-wrt is
>> between this box and the net, I think that might be trusting things a wee
>> bit much.
>>
>> In fact, my password, while longer than most, is about half the length of
>> roots, which is so long its not usable with ssh or samba.  For that
>> reason, I wouldn't mind being forced to use roots password to sudo.  Is
>> that possible?
>
>----
>I'm thinking that doesn't make much sense. What would make more sense is
>that if you don't trust yourself (or your password, like others know
>your password), create another user, give that user sudo power and
>simply su to that user instead.

_I_ trust me, and the missus is computer illiterate, but someone who knows a 
lot about me could probably find that pw given enough time.  ISTR I had John 
hammer on it for an hour or so a year back, so it isn't quite as easy as it 
looks I guess.  John The Ripper didn't find it in that time frame.

>There are some protections afforded to root that by default are not
>given to users (interactive rm for example) and vice versa. For that
>reason, I like to simply su to root when I need root privileges and stay
>as user when I don't.

I will keep that in mind, and have done so in the past when sudo didn't work.

>Craig

Thanks.

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
C for yourself.




More information about the fedora-list mailing list