How to make a normal(LDAP) user as super user????

vrnb05 · December 2, 2011, 1:37pm

Hi,

How to make a normal (LDAP)user as super user that is equivalent to root user???

i tried to cat sudoers file, it gave permission denied. so then i used sudo follwed by command and gave root password.
All i want is a normal user should be super user as root.

 varunb@varun:~> cat /etc/sudoers
cat: /etc/sudoers: Permission denied

Also later i tried editing sudoers file adding normal user name as below but still it dint work. .


varunb@varun:~> sudo cat /etc/sudoers
root's password:
##
##
## Runas alias specification
##


##
## User privilege specification
##
**root ALL=(ALL) ALL
varunb ALL=(ALL) ALL**
## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL


## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL


## Read drop-in files from /etc/sudoers.d
## (the '#' here does not indicate a comment)
#includedir /etc/sudoers.d

HotShotDJ · December 2, 2011, 3:41pm

Give this a try: SDB:Administer with sudo - openSUSE

DenverD · December 2, 2011, 3:48pm

On 12/02/2011 01:46 PM, vrnb05 wrote:
>
> How to make a normal (LDAP)user as super user that is equivalent to
> root user???
>
> All i want is a normal user should be super user as root.

sorry, i am not sure i understand the question–like, in what ways is a
“normal (LDAP) user” different from a “normal (LDAP) user”?

but i wonder have you tried YaST > Security and Users (on the left) >
Sudo (on the right)

there is a “Help” button there but i can’t say i know enough about it to
help you more… (if that was any help. at all)

on the other hand if your question is designed to give a normal user
(say ‘varunb’) root powers in all situations in all places just give
varunb the root password and tell/teach him/her the precautions to take
as root, like:

ONE: you should never log into KDE/Gnome/XFCE or any other *nix-like
system’s graphical user interface desktop environment as root…

doing so 1) opens you up to several different security problems if you
(for example) browse the net, 2) too many, far too easy ways to damage
your system no matter how careful your actions (for
example: well documented cases of unintended change of ownership of
~/.ICEauthority and ~/.Xauthority from user to root sometimes occurs),
3) anyway logging into KDE/etc as root is never required to
do any and all administrative duties, 4) and, not even logging in as
root just to see if it works as root is useful, because the “yes” or
“no” learned is almost always totally useless in finding the
problem giving the symptoms…while, logging into the GUI as root to
learn the yes/no could cause the next adverse symptom encountered.

so, always log in as yourself, and “become root” by using a root powered
application (like YaST, File Manager Superuser Mode) or using “su -”,
sudo, kdesu, or gnomesu in a terminal to launch whatever tool is needed
(like Kwrite to edit a config file)…read more on all that here:

http://tinyurl.com/593e4c
http://tinyurl.com/ydbwssh
http://tinyurl.com/6bo2cqg
http://tinyurl.com/4nsaqst
http://tinyurl.com/665h5ek
http://tinyurl.com/6ry6yd

additionally: after logging into KDE/Gnome/etc as root, if you
experience problems (for example, with uncommanded file ownership and
permissions changes) and if you can provide us with details of what you
were doing while you were logged in as root, that would help us identify
if there’s a bug that needs to be fixed…thanks for your help…

TWO: never use a web browser as root (which you can’t do if you follow
ONE, above)

THREE: never move/copy/edit/etc a file as root which should be
moved/copied/edited/etc as a simple user

and, finally–if your question is: How do i give a normal user root
powers in all places at all times without giving him/her the root
password and requiring him/her to switch user?

then, to that i answer:
have no idea, and further more it is so unsafe and un-*nix like that i
can’t imagine why anyone would want to do it–i mean, it will result
in a cracked/broken/unstable system eventually.

–
DD http://tinyurl.com/DD-Caveat
openSUSE®, the “German Engineered Automobiles” of operating systems!

HotShotDJ · December 2, 2011, 4:29pm

Firstly, I agree with everything that DenverD just wrote. Nevertheless, I understand that there can been situations where certain, trusted users may need to have superuser access for the efficient administration of a *nix system. That is where the use of “sudo” comes into play. The instructions that I linked you to will set up sudo so that only carefully chosen users to whom you grant membership to the “wheel” group can execute commands with escalated privileges.

Obviously, proceed ONLY if you are aware of the potential risks AND you unconditionally trust the users to whom you grant membership to “wheel.”

I just followed the steps in the HOWTO that I linked to above and discovered a minor problem:
To use gedit, you need to do the following:

EDITOR=gedit gnomesu /usr/sbin/visudo

for KDE & kate, replace gedit and gnomesu with the appropriate KDE-ish method. The point being, if you use “sudo” then the visudo command will fallback to vi, which may (or may not) make you insane. DO NOT attempt to edit the sudoers file directly. IT WILL NOT WORK! (<-- shouty caps being used advisedly.)

Members of the “wheel” group will be able to gain superuser privileges without your having to give them the root password. HOWEVER, they will NOT be able to run GUI apps via gnomesu or the KDE equivalent. The HOWTO gives instructions for granting superuser access to X (GUI) apps. I recommend against that in the strongest possible terms! But, in the end, it is your system to administer as you please.