SDB:Administer with sudo
Contents
Configuring Sudo
To enable sudo access for a user account, do the following.
sudo /usr/sbin/visudo
or when using GNOME
EDITOR=gedit gnomesu visudo
or when using KDE
EDITOR=kate kdesu visudo
Any user in the default 'users' group can run sudo if they know the root password. This will change later. Answer the password prompt with the root password.
Setting group access
Find the entry for %wheel. This is the wheel group. The '%' tells sudo to match vs a group name in /etc/groups. Uncomment the line.
%wheel ALL=(ALL) ALL
Save and exit with :wq (not necessary when using gedit or kate)
Add the desired username to the wheel group.The new group is effective for given user after new login.
sudo /usr/sbin/usermod -aG wheel username
Edit the sudoers file again. This time remove the ability for every user to run sudo. Comment out these lines, save and exit.
#Defaults targetpw # ask for the password of the target user i.e. root #%users ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
In OpenSuse 12.3 the second line may be
#ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
Now when running sudo, use username's login password instead of the root password.
Running applications with root permissions in X
If you want to run X windows programs such as kate for editing, the recommended method is to use
su -
to become the root user. Or you can use graphical su commands, for example
xdg-su -c
. But they behavior as su instead of sudo. Local installations is doable with sudo by editing with /usr/sbin/visudo, adding the DISPLAY and XAUTHORITY variable in the line.
Defaults env_keep = "LANG..."
Additionally the X server must be set to allow access for other users with the xhost program, see manpage for xhost. All that lowers the security level for the machine, please be aware of that.