1 |
Walter Dnes wrote: |
2 |
> On Tue, Aug 10, 2010 at 04:14:41AM +0200, Frank Steinmetzger wrote |
3 |
> |
4 |
>> Am Dienstag, 10. August 2010 schrieb Paul Hartman: |
5 |
>> |
6 |
>> |
7 |
>>> Typing that long password into sudo every time I ran a command was a |
8 |
>>> hassle |
9 |
>>> |
10 |
>> I???ve never used sudo, and never really liked the idea of it. In |
11 |
>> fact I???m always amused and slightly annoyed by the sheer amount |
12 |
>> of sudo one can find in your typical ubuntu howto. ;-) |
13 |
>> |
14 |
> There are some things that have to be done as root, but are needed by |
15 |
> a regular user. E.g. I have a backup dialup account with 295.ca (guess |
16 |
> how much they charge per month<G>). When using it, I not only have to |
17 |
> run "pon", but I also have to copy over the correct ssmtp.conf settings |
18 |
> for my dialup ISP. My ~/bin/udialup (USB dialup) script reads like so... |
19 |
> |
20 |
> #!/bin/bash |
21 |
> /usr/bin/sudo /bin/cp -f /etc/ssmtp/295.ssmtp.conf /etc/ssmtp/ssmtp.conf |
22 |
> /usr/bin/sudo /usr/sbin/pon u295.ca |
23 |
> |
24 |
> When I exit, I have to copy back the ssmtp.conf that points to my |
25 |
> broadband ISP's MTU. My ~/bin/dialdown script reads like so... |
26 |
> |
27 |
> #!/bin/bash |
28 |
> /usr/bin/sudo /usr/sbin/poff |
29 |
> /usr/bin/sudo /bin/cp -f /etc/ssmtp/teksavvy.ssmtp.conf /etc/ssmtp/ssmtp.conf |
30 |
> |
31 |
> This is after I figured out how to use "metric" in my network config |
32 |
> so that ppp0 and eth0 could co-exist side by side. ppp0 can talk to the |
33 |
> outside world via the dialup modem, while eth0 *SIMULTANEOUSLY* talks to |
34 |
> my other machines on 192.168.123.248/29 (aka 192.168.123.240 netmask |
35 |
> 255.255.255.240). Before that, my udialup script had to tear down eth0, |
36 |
> and dialdown had to restart it. Here are some of the entries in |
37 |
> /etc/sudoers on my machine "i3"... |
38 |
> |
39 |
> waltdnes i3 = (root) NOPASSWD: /bin/cp -f /etc/ssmtp/295.ssmtp.conf /etc/ssmtp/ssmtp.conf |
40 |
> waltdnes i3 = (root) NOPASSWD: /usr/sbin/pon 295.ca |
41 |
> waltdnes i3 = (root) NOPASSWD: /usr/sbin/poff |
42 |
> waltdnes i3 = (root) NOPASSWD: /bin/cp -f /etc/ssmtp/teksavvy.ssmtp.conf /etc/ssmtp/ssmtp.conf |
43 |
> waltdnes i3 = (root) NOPASSWD: /sbin/poweroff |
44 |
> waltdnes i3 = (root) NOPASSWD: /usr/bin/rdate time.nrc.ca -s |
45 |
> waltdnes i3 = (root) NOPASSWD: /sbin/hwclock --systohc |
46 |
> waltdnes i3 = (root) NOPASSWD: /usr/sbin/hibernate |
47 |
> |
48 |
> This gives me the power to do specific root-level stuff as a regular |
49 |
> user, without giving away the keys to the kingdom. Note that none of |
50 |
> the entries accepts any parameters, let alone $*. Also. specifying the |
51 |
> path prevents running the wrong executable with root-level privileges. |
52 |
> |
53 |
> |
54 |
|
55 |
|
56 |
I used to use wvdial as well as pon and I don't recall having to be |
57 |
root. I added myself the dial-up group if I recall correctly. It just |
58 |
worked for me. |
59 |
|
60 |
I also don't use sudo here either. ;-) |
61 |
|
62 |
Dale |
63 |
|
64 |
:-) :-) |