On 20/07/2015 23:50, Walter Dnes wrote: > On Mon, Jul 20, 2015 at 06:49:00PM +0100, Mick wrote
[snip] > You can tell it to run a script that contains that command. Having > passwords floating around on disk in clear text is a *BAD* idea. Some > "user friendly distros", like Ubuntu, let you run *ANY* command as root > if you prefix it with "sudo". That can be done with the keyword "ALL" > > michael michaelsmachine = (root) NOPASSWD: ALL [snip] Lets be fair to Ubuntu - the above is not how it ships. On Ubuntu, all users in the "admin" group can run any command with sudo, and sudoers ships with a cpnfig that *requires* the user's password. This is a very normal config and an excellent starting point. The first user added during the install is added to the admin group (as obviously it is root doing the installation), all other users must be added to the group by root manually. What you describe is most certainly not how Ubuntu ships (but idiots who will do it, or follow howtos that say to do it, do exist) -- Alan McKinnon alan.mckin...@gmail.com
