Change password just for sudo

Hi, I’m using Debian and openSUSE 11.2 and the sudo-ing is a bit different in Debian. It actually makes more sense to enter your own password like in Debian to achieve sudo status than have to use the root password for sudo status. If I for example would like to give someone on my system sudo rights, I can’t give them the root password. Thats just like giving them root access. Or is there a way to change that behaviour, or just change sudo password, in openSUSE? Or maybe any other best pracitce for giving users sudo rights?

Thanks in advance

You can set up sudo for specific commands. But, generally, noone should hand over a system to someone else just like that!

man sudo
  • Run
su -c visudo
  • Read comments carefully

  • Edit to your needs

And what is giving them sudo rights other than giving them low level access to your system?

Enjoy your placebo security.

Thanks, now it’s working as I expect it to. Not sure witch one is more secure though… any thoughts?

You can set up sudo for specific commands. But, generally, noone should hand over a system to someone else just like that!

I thought that was the reason of sudo’s existence, to let some chosen users do some chosen things with root privileges… I mean of course under strict control. Am I wrong, are there any other reasons?

The most secure is not to allow anybody but the admin (aka “the guy who knows the root pw”) to gain elevated privileges, no matter if via sudo or su.

If that is not possible, then using sudo only for those commands that should be allowed with the user’s password being asked for is only little less secure.

That IMHO is the reason why openSUSE uses the default settings for sudo, meaning nobody can use sudo without knowing the root password which should be “nobody else than the person who configured the system and added this password”.

Anything else will need user’s (in this case “root’s”) interaction.

Hash: SHA1

su -c visudo and see the following lines:

In the default (unconfigured) configuration, sudo asks for the root


This allows use of an ordinary user account for administration of a


installed system. When configuring sudo, delete the two

following lines:

Defaults targetpw # ask for the password of the target user i.e. root
ALL ALL=(ALL) ALL # WARNING! Only use this together with ‘Defaults

delete the last two


Microsoft Windows is like air conditioning
Stops working when you open a window.
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with SUSE -