Friday, February 11, 2011

Problem: username is not in the sudoers file

Solutions:
1.You can use su
give root password and you work as root.

2. How to configure sudo, under header configuration on this page:
https://wiki.archlinux.org/index.php/Sudo

Some Linux theory: su compared to sudo
The sudo solution is a different way of granting permission.
The reason sudo is sometimes considered superior to su is that it allows privilege escalation based on the user’s own identity, and most importantly does not require use of a shared password. Using su to access a privileged account requires distribution of a password to an admin-capable account, a security weakness that sudo does not have. Sudo is considered less secure for the same reason - it eliminates the two factor authentication that would otherwise be required to "get root" (or become the administrator. A more secure alternative would require a second, but per-user, password instead of using the user's own password.

http://en.wikipedia.org/wiki/Sudo

sudo executes a command as another user but observes a set of constraints about which users can execute which commands as which other users (generally in a configuration file named /etc/sudoers, best editable by the command visudo). Unlike su, sudo authenticates users against their own password rather than that of the target user (to allow the delegation of specific commands to specific users on specific hosts without sharing passwords among them and while mitigating the risk of any unattended terminals).

Some Unix-like systems have a wheel group of users, and only allow these users to su to root.[2] This may or may not mitigate these security concerns, since an intruder might first simply break into one of those accounts.


http://en.wikipedia.org/wiki/Su_%28Unix%29

No comments:

Blog Archive