[Linux] Ubuntu 7.10 and su or sudo
Lawrence Kagan
linux@flux.org
Sat, 12 Jan 2008 14:31:31 -0500
--Apple-Mail-4-668275587
Content-Type: text/plain;
charset=US-ASCII;
format=flowed;
delsp=yes
Content-Transfer-Encoding: 7bit
You can modify the sudoers file to have very granular control over who
can execute what commands. But if you just want to give a user full
sudo capability, add that user to the 'admin' group in the /etc/group
file. Append the name of the user to the group name as so:
admin:x:114:user1,user2,user3
User1 will be your normal username and should already be there. Just
append the new username to the list.
Larry Kagan
Superiocity, Inc.
www.superiocity.com
Join the PHP Contractor Network
On Jan 12, 2008, at 10:04 AM, Steven Benmosh wrote:
> Let me ask you a related question.
>
> When I created my ubuntu system, all it asks is for the first user.
> That user can become root with sudo su and the user password (not
> root).
>
> I new created a new user - let's call him newuser. When I log in as
> newuser, I can't do a sudo su.
>
> What is the most secure way to add the new user to the sudo list, or
> to enable the new user to do su root?
>
> Z.
>
>
>
> On Jan 12, 2008 8:01 AM, Lawrence Kagan < me@larrykagan.com> wrote:
> Lou is right in that when using sudo you have to use YOUR normal
> user password. However, there is a little trick where you can
> become the root user without setting a root password. It's 'sudo
> su'. It will ask for your normal user password and then put you in
> a new shell process owned by root (ie: you are now root). The only
> time I really find this convenient is when you are typing chains of
> commands that require root privileges or permissions to privileged
> files either through piping, redirection or 'tee'. But those
> instances are few and far between.
>
> If for some reason, you can't sudo properly:
> - Boot into your Ubuntu live CD/DVD
> - Mount your filesystem that is on your hard drive (mkdir /mnt/
> HardDrive; mount -t ext3 /dev/sda1 /mnt/HardDrive #sda1 may be
> different on your system.)
> - Type this in a shell: gedit /mnt/HardDrive/etc/sudoers
> - Ensure this line is in there: %admin ALL=(ALL) ALL
> - Then save and close the file.
> - Then open up the groups file: gedit /mnt/HardDrive/etc/group
> - Ensure you are part of the admin group by looking for the
> following line: admin:x:114:larry # Your group number (114) and
> username will be different
> - Save the file
> - Exit the Live CD and boot back into hard drive installation as
> normal.
>
> Hope this helps.
>
>
> Larry Kagan
> Superiocity, Inc.
> www.superiocity.com
> Join the PHP Contractor Network
>
> On Jan 12, 2008, at 5:34 AM, lou wrote:
>
>> You don't say what you tried or if it ever worked but Ubuntu is a
>> "little different" in this area. When you do a sudo, it wants YOUR
>> password, not the root password (there isn't one by default). If
>> you wan to use su to switch to root, you have to set a password.
>> You can do this by:
>> sudo passwd root
>> It will ask for your password and then ask you to enter a root
>> password twice. After that, you can use su, just like the big kids :)
>> Many of the Ubuntu gurus see doing that as a security exposure.
>> Dummies like me see it as overcoming an inconvenience.
>>
>> Lou
>>
>> Will Nett wrote:
>>>
>>> Ok folks, I'm not losing my mind here, but I cannot su or sudo in
>>> Ubuntu 7.10... password is rejected. Any help here? Install is a
>>> Dell
>>> Inspiron 9300, and everything looks like it's installed correctly,
>>> but
>>> su or sudo is seriously pissing me off.
>>>
>>> - Will
>>> _______________________________________________
>>> Linux mailing list
>>> Linux@flux.org
>>> http://www.flux.org/mailman/listinfo/linux
>>>
>>>
>>>
>> _______________________________________________ Linux mailing list Linux@flux.org
>> http://www.flux.org/mailman/listinfo/linux
>
>
>
>
> --
> Check out my web site - www.words2u.net
--Apple-Mail-4-668275587
Content-Type: text/html;
charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; ">You can modify the sudoers file =
to have very granular control over who can execute what commands. =
But if you just want to give a user full sudo capability, add that =
user to the 'admin' group in the /etc/group file. Append the name =
of the user to the group name as so:<div><br =
class=3D"webkit-block-placeholder"></div><div>admin:x:114:user1,user2,user=
3</div><div><br class=3D"webkit-block-placeholder"></div><div>User1 will =
be your normal username and should already be there. Just append =
the new username to the list.</div><div><br =
class=3D"webkit-block-placeholder"></div><div><br></div><div><div> =
<div><table border=3D"0" cellpadding=3D"5" cellspacing=3D"0" =
style=3D"border: 1px #000066 solid"> <tbody><tr> <td><font =
face=3D"helvetica,arial"> Larry Kagan<br> =
Superiocity, Inc.<br> <a =
href=3D"http://superiocity.com/">www.superiocity.com</a><br> =
<a href=3D"http://pcn.superiocity.com/">Join the PHP Contractor =
Network</a> </font> </td> </tr> =
</tbody></table> </div> </div><br><div><div>On Jan 12, 2008, at 10:04 =
AM, Steven Benmosh wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite">Let me ask =
you a related question.<br><br>When I created my ubuntu system, all it =
asks is for the first user. That user can become root with sudo su and =
the user password (not root).<br><br>I new created a new user - let's =
call him newuser. When I log in as newuser, I can't do a sudo su. =
<br><br>What is the most secure way to add the new user to the sudo =
list, or to enable the new user to do su =
root?<br><br>Z.<br><br><br><br><div class=3D"gmail_quote">On Jan 12, =
2008 8:01 AM, Lawrence Kagan <<a href=3D"mailto:me@larrykagan.com"> =
me@larrykagan.com</a>> wrote:<br><blockquote class=3D"gmail_quote" =
style=3D"border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt =
0.8ex; padding-left: 1ex;"><div style=3D"">Lou is right in that when =
using sudo you have to use YOUR normal user password. However, =
there is a little trick where you can become the root user without =
setting a root password. It's 'sudo su'. It will ask for =
your normal user password and then put you in a new shell process owned =
by root (ie: you are now root). The only time I really find this =
convenient is when you are typing chains of commands that require root =
privileges or permissions to privileged files either through piping, =
redirection or 'tee'. But those instances are few and far =
between. <div><br></div><div>If for some reason, you can't =
sudo properly:</div><div>- Boot into your Ubuntu live CD/DVD</div><div>- =
Mount your filesystem that is on your hard drive (mkdir /mnt/HardDrive; =
mount -t ext3 /dev/sda1 /mnt/HardDrive #sda1 may be different on your =
system.) </div><div>- Type this in a shell: gedit =
/mnt/HardDrive/etc/sudoers</div><div>- Ensure this line is in there: =
%admin ALL=3D(ALL) ALL</div><div>- Then save and close the =
file.</div><div>- Then open up the groups file: gedit =
/mnt/HardDrive/etc/group </div><div>- Ensure you are part of the admin =
group by looking for the following line: admin:x:114:larry # Your =
group number (114) and username will be different</div><div>- Save the =
file</div><div>- Exit the Live CD and boot back into hard drive =
installation as normal. </div><div><div> </div><div>Hope this =
helps.</div><div><br></div><div><br><div> <div><table style=3D"border: =
1px solid rgb(0, 0, 102);" border=3D"0" cellpadding=3D"5" =
cellspacing=3D"0"> <tbody><tr> <td><font =
face=3D"helvetica,arial"> Larry Kagan<br> =
Superiocity, Inc.<br> <a href=3D"http://superiocity.com/" =
target=3D"_blank">www.superiocity.com</a><br> <a =
href=3D"http://pcn.superiocity.com/" target=3D"_blank">Join the PHP =
Contractor Network </a> </font> </td> =
</tr> </tbody></table> </div> </div><div><div></div><div =
class=3D"Wj3C7c"><br><div><div>On Jan 12, 2008, at 5:34 AM, lou =
wrote:</div><br><blockquote type=3D"cite"> <div bgcolor=3D"#ffffff" =
text=3D"#000000"> <font size=3D"-1"><font face=3D"Helvetica, Arial, =
sans-serif">You don't say what you tried or if it ever worked but Ubuntu =
is a "little different" in this area. When you do a sudo, it wants YOUR =
password, not the root password (there isn't one by default). If you wan =
to use su to switch to root, you have to set a password. You can do this =
by: <br> sudo passwd root<br> It will ask for your password and then ask =
you to enter a root password twice. After that, you can use su, just =
like the big kids :) <br> Many of the Ubuntu gurus see doing that as a =
security exposure. Dummies like me see it as overcoming an =
inconvenience. <br> <br> Lou<br> </font></font><br> Will Nett wrote: =
<blockquote type=3D"cite"> <pre>Ok folks, I'm not losing my mind here, =
but I cannot su or sudo in
Ubuntu 7.10... password is rejected. Any help here? Install is a Dell
Inspiron 9300, and everything looks like it's installed correctly, but
su or sudo is seriously pissing me off.
- Will
_______________________________________________
Linux mailing list
<a href=3D"mailto:Linux@flux.org" target=3D"_blank">Linux@flux.org</a>
<a href=3D"http://www.flux.org/mailman/listinfo/linux" =
target=3D"_blank">http://www.flux.org/mailman/listinfo/linux</a>
</pre> </blockquote> </div> =
_______________________________________________ Linux mailing list <a =
href=3D"mailto:Linux@flux.org" target=3D"_blank">Linux@flux.org</a> <a =
href=3D"http://www.flux.org/mailman/listinfo/linux" target=3D"_blank"> =
http://www.flux.org/mailman/listinfo/linux</a> =
</blockquote></div><br></div></div></div></div></div></blockquote></div><b=
r><br clear=3D"all"><br>-- <br>Check out my web site - <a =
href=3D"http://www.words2u.net">www.words2u.net =
</a></blockquote></div><br></div></body></html>=
--Apple-Mail-4-668275587--