Sudo Configuration

Does anyone know how to configure sudo in the traditional way under openSUSE? I don’t like the way sudo asks for root’s password to handle administrative tasks. When I change the sudo file, and uncomment ‘%wheel ALL=ALL’, it partially fixes the problem. When I install packages from the cmd line, it just asks for my user’s password and works fine. But when I do things through the GUI, such as installing software through GNOME Software, or anytime I get the GNOME prompt to provide the administrators password, it still only accepts root’s password. Any help in this matter would be greatly appreciated.

openSUSE follows more or less the traditional method Ubuntu is the odd man out on how it handles root and sudo

here is the thing allowing a normal user to install system software is not a secure situation. You aim the gun at you foot at your own risk :stuck_out_tongue:

And since the GUI asks you probably need to mod the GUI’s permissions. I use KDE need a gnome person to chime in

On Fri, 04 Dec 2015 22:46:01 +0000, gogalthorp wrote:

> And since the GUI asks you probably need to mod the GUI’s permissions. I
> use KDE need a gnome person to chime in

kdesu/gnomesu don’t use sudo, so sudoers configuration has no bearing on
how they behave.

You’re correct that it would take a modification to the GUI itself
(probably not just permissions).

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

I’ve never used another distro that had sudo setup this way. Every config i’ve seen (arch linux, gentoo, fedora, centos) has it where a user in the group wheel has administrative privileges, and can execute any command, and separates the user’s and root’s passwords.

Is the suse config more secure than the others? And if that’s the case, why during installation does it set both your user’s and root’s password to the one you provide?

… it doesn’t.

It gives you the option to, but anyone with good sense chooses not to do that.

However, you do get to make your own choice on that.

I’ve never seen where in the installation process you can set the root password. I only notice it asking for a password when creating your user. Does it set them as the same when you make your user an administrator?

Is using the root password to perform administrative tasks more or less secure than designating that task to users of group wheel?

… at that point, there is a checkbox for making the root password the same as the user password. If you deselect that, it will then separately ask you for a root password after creating your user and user password. That is when installing.

If you missed this when installing, you can still change that in Yast or in settings.

… and, as the others pointed out, security is much wiser to not let the user make the system changes or installs, but to use the default setup and enter the root password when you want such a change to go through. This also prevents anything from automatically installing itself in the background without your knowledge (you know, as in “drive-by installs”).

The latter are much less likely in Linux than in Windows, but it is still much safer to use openSUSE’s default method.

Right on. Thank you.