#5537 HIGH Update.: Use sudo, not su, to get root.

Zarro Boogs per Child bugtracker at laptop.org
Fri Dec 21 21:43:15 EST 2007


#5537: Use sudo, not su, to get root.
---------------------+------------------------------------------------------
  Reporter:  cscott  |       Owner:  ApprovalForUpdate
      Type:  defect  |      Status:  new              
  Priority:  high    |   Milestone:  Update.1         
 Component:  distro  |     Version:                   
Resolution:          |    Keywords:                   
  Verified:  0       |    Blocking:                   
 Blockedby:          |  
---------------------+------------------------------------------------------

Comment(by cscott):

 Cut-and-pasting from Albert's thread on devel@:
 {{{
 bash-3.2# cat /etc/pam.d/su
 #%PAM-1.0
 auth            sufficient      pam_rootok.so
 # Uncomment the following line to implicitly trust users in the "wheel"
 group.
 #auth           sufficient      pam_wheel.so trust use_uid
 # Uncomment the following line to require a user to be in the "wheel"
 group.
 #auth           required        pam_wheel.so use_uid
 auth            include         system-auth
 account         sufficient      pam_succeed_if.so uid = 0 use_uid quiet
 account         include         system-auth
 password        include         system-auth
 session         include         system-auth
 session         optional        pam_xauth.so
 -bash-3.2#

 So it looks like you just uncomment line 6 in that file,
 add user "olpc" to the "wheel" group, and verify that
 nothing is copying supplementary groups to activities.

 (hey, I saved one byte!)
 }}}

 I don't have a strong preference, but sudo is already in joyride, and is
 the precedent set in other distros (Ubuntu, Knoppix, Mac OSX).  sudo takes
 146k.  We could plausibly ship a /usr/bin/sudo as a shell script which
 invokes 'su -lc $1'

-- 
Ticket URL: <http://dev.laptop.org/ticket/5537#comment:18>
One Laptop Per Child <http://dev.laptop.org>
OLPC bug tracking system



More information about the Bugs mailing list