Changeset 77b64bd for postlfs


Ignore:
Timestamp:
12/02/2018 11:05:51 PM (5 years ago)
Author:
DJ Lucas <dj@…>
Branches:
10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 8.4, 9.0, 9.1, bdubbs/svn, elogind, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
Children:
ff7c4c3e
Parents:
03b278dc
Message:

Upadte sudo instructions to utilize /etc/sudoers.d directory. Extend configuation where appropriate for needed super user environment variables in QT, KDE, and Java packages. Fixes #11400.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@20772 af4574ff-66df-0310-9fd7-8a98e5e911e0

File:
1 edited

Legend:

Unmodified
Added
Removed

  • postlfs/security/sudo.xml

    r03b278dc r77b64bd  
    209209        installs a default configuration that has no privileges installed for
    210210        any user.
    211      </para>
    212 
    213       <para>
    214         One example usage is to allow the system administrator to execute
    215         any program without typing a password each time root privileges are
    216         needed. This can be configured as:
    217       </para>
    218 
    219 <screen># User alias specification
    220 User_Alias  ADMIN = <replaceable>YourLoginId</replaceable>
    221 
    222 # Allow people in group ADMIN to run all commands without a password
    223 ADMIN       ALL = NOPASSWD: ALL</screen>
    224 
    225       <para>
    226         Another common configuration is to allow members of the wheel group to
    227         execute all commands after providing their own credientials. Use the
    228         following command to edit default <filename>/etc/sudoers</filename>
    229         file as the <systemitem class="username">root</systemitem> user:
    230       </para>
    231 
    232 <screen role="nodump"><userinput>sed '/wheel.*) ALL/s/^# //' -i.bak /etc/sudoers</userinput></screen>
     211      </para>
     212
     213      <para>
     214        A couple of common configuration chanes are to set the path for the
     215        super user and to allow members of the wheel group to execute all
     216        commands after providing their own credientials. Use the following
     217        commands to create the <filename>/etc/sudoers.d/sudo</filename>
     218        configuration file as the
     219        <systemitem class="username">root</systemitem> user:
     220      </para>
     221
     222<screen role="root"><userinput>cat &gt; /etc/sudoers.d/sudo &lt;&lt; "EOF"
     223<literal>Defaults secure_path="/usr/bin:/bin:/usr/sbin:/sbin"
     224%wheel ALL=(ALL) ALL</literal>
     225EOF</userinput></screen>
    233226     
    234227      <para>
Note: See TracChangeset for help on using the changeset viewer.