[mdlug] /etc/sudoers -A rant and an attempt at better documentation
David Favro
mdlug at meta-dynamic.com
Sun Jan 7 19:54:14 EST 2007
Raymond McLaughlin wrote:
> ##This line allows user 'driveray', on any host, to execute /bin/mount
> ## and /bin/umount with root privileges without having to give a
> ## password.
> driveray ALL = NOPASSWD: /bin/mount, /bin/umount
> ### This was the line that busted my nuts for hours! I work with a lot
> ### of ISO images, and want my regular user to be able to mount them
> ### without having to give the root password. The problem was that I
> ### kept trying to put the NOPASSWD parameter at or near the end of the
> ### line. I'm still not certain if the 'ALL' refers to "on all hosts' or
> ### 'as all users'
>
If it's a "personal" machine, I recommend just adding the following line:
driveray ALL=NOPASSWD: ALL
This allows you to do anything you like without typing any password,
which is what I do.
Now, before someone goes bananas about how that's a security hole (IMO
it isn't, for personal-use machine), I just finished a heated
back-and-forth discussion about this on another LUG mailing-list where I
tried to explain why not... rather than my copy-and-pasting it here, you
can see the whole thread here:
http://lists.hanoilug.org/pipermail/hanoilug/2007-January/thread.html
under the heading "Ubuntu-sudo usage.."
-- David Favro
More information about the mdlug
mailing list