Page 1 of 1

I want to use sudo but with a separate password - LMDE

Posted: Fri Jun 17, 2011 11:30 pm
by msnthrp
I've been using Linux since 2000 and love it. In those days and even now, there was a user password and a root password - and never the twain should meet.

Using Linux Mint (currently Debian edition), I gradually began to see the benefits of sudo and I like the timer element that turns it off after so many minutes. However, I also like the use of separate passwords for the user and root accounts - two passwords seem to have a better security profile. But I want to keep the timer features of sudo.

So what I would like to do is to modify sudo so that it keeps its current features EXCEPT that it would require a different password to be effective. A retrofit of the new with the old.

I found a post by SimonTS on Fri Apr 01, 2011 4:55 am that looked good but did not work for me; it possibly would not have done what I want anyway. I found another post by guigum on Sat May 07, 2011 10:47 pm but from his description, it does not do what I would like. Several differently worded searches (always tricky for me) did not get as close as those two posts.

Anyone have an idea how I can make the

Code: Select all

sudo foobar
command work but use the new root password instead of the user password?

TIA

Re: I want to use sudo but with a separate password - LMDE

Posted: Wed Jul 06, 2011 1:28 pm
by xenopeek
I don't think sudo works like you think it does. Your user account, as part of the installation, has been given priviliges to run sudo. Sudo asks for your password to confirm, and then executes the command following sudo as the root user. So it is not actually the root password it asks for, but your own user account password (i.e., another user can not execute sudo with your password, but needs to enter his or her own).

Details: https://help.ubuntu.com/community/RootSudo
Read the 3rd paragraph in "Background Information" section.

What you can do in an effort to achieve what you describe, is to create a new, non-priviliged, user account. You would use that new, non-priviliged, user account for your day-to-day use. At any time where you would need root priviliges (for doing updates, or for running sudo for example), you then use Log Out -> Switch User to switch to your current, priviliged, user account. That way you have in effect two different passwords: one for your main user account for day-to-day work, and another for doing stuff that needs root priviliges.

Re: I want to use sudo but with a separate password - LMDE

Posted: Wed Jul 06, 2011 1:30 pm
by AlbertP
You can use su -c 'command' instead of sudo command when you want to use the root password.
Sudo uses your user password, if you are added to the /etc/sudoers file. Probably removing yourself from that file lets you use the root password. (It might also disable sudo, not sure about this)

Re: I want to use sudo but with a separate password - LMDE

Posted: Wed Jul 06, 2011 2:03 pm
by xenopeek
First enable the root password then, it is disabled and unset by default. So removing yourself from the sudoers file will mean you won't be able to execute sudo commands anymore iirc

Re: I want to use sudo but with a separate password - LMDE

Posted: Wed Jul 06, 2011 2:04 pm
by AlbertP
The root password is already enabled in LMDE. This is not Ubuntu.

Re: I want to use sudo but with a separate password - LMDE

Posted: Wed Jul 06, 2011 3:32 pm
by xenopeek
I stand corrected. I just moved from Ubuntu to Linux Mint this month, so still have a lot of Ubuntu knowledge to update.