On Fri, Feb 14, 2003 at 10:54:57AM -0800, Alan wrote:
> On Fri, Feb 14, 2003 at 12:46:49PM -0600, Henning, Brian wrote:
> > Hello-
> > i login as root to my gentoo machine right now with a password like all the
> > other users on the machine. what i would like to do is remove the root
> > password and allow another user to su in the machine. I know that user must
> > be in the same group 'wheel'. what file should i edit to remove the password
> > for root? are there any other things i should be concerned about?
>
> Well, first of all I think that removing the root password is a Very
> Very Bad Idea(tm). If you only want to let another user log in as root
> (other than yourself I presume) why not just let them use a password.
>
> Things you should be concerned about are numerous. You're talking about
> allowing superuser access to your machine with NO PASSWORD. Think about
> it.
>
>
> --
> Alan <[EMAIL PROTECTED]> - http://arcterex.net
> ---------------------------------------------------------------------
> "The only thing that experience teaches us is that experience teaches
> us nothing. -- Andre Maurois (Emile Herzog)
>
> --
> [EMAIL PROTECTED] mailing list
I think he means put a fake password in /etc/passwd that cannot
be generated by the password one-way encryption algorithm (md5 on
gentoo?). Anyway, the only thing I can think of is that you
would not be able to boot the system to single-user mode. But
you can still boot with the "init=/bin/sh" kernel parameter, so
that's not really a problem.
But why not just choose a really hard to guess root password?
Something like h2Qm2.74?
If Alan was right about what you want, try emerging sudo, and put
a line like the following in /etc/sudoers:
friend ALL=(ALL) NOPASSWD: ALL
This allows the user friend to do things like:
% sudo shutdown -r now
or:
% sudo /bin/bash
- richard
--
Richard Kilgore
[EMAIL PROTECTED]
--
[EMAIL PROTECTED] mailing list
