VectorLinux
November 01, 2014, 02:05:53 am *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Visit our home page for VL info. To search the old message board go to http://vectorlinux.com/forum1. The first VL forum is temporarily offline until we can find a host for it. Thanks for your patience.
 
Now powered by KnowledgeDex.
   Home   Help Search Login Register  
Please support VectorLinux!
Pages: [1] 2
  Print  
Author Topic: Whatza "Wheel Elite User?"  (Read 4332 times)
Windozer
Vectorite
***
Posts: 386


Have Vector Linux, Will Travel.


« on: January 13, 2009, 06:12:05 pm »

fiddling around with creating users, and wondered again about the User Group "Wheel Elite"...

what is it really?

thanks
- H
Logged

483,617th Registered Linux Snoozer
jklslvch
Member
*
Posts: 33


« Reply #1 on: January 17, 2009, 01:33:28 pm »

i thiiiink users who can use sudo.. not positive tho
Logged
Windozer
Vectorite
***
Posts: 386


Have Vector Linux, Will Travel.


« Reply #2 on: January 17, 2009, 06:40:44 pm »

Thank you for replying, jklslvch

I was beginning to think this was going to fall off the map.  Cry

Anyone know?  And why "wheel" ?

Logged

483,617th Registered Linux Snoozer
caitlyn
Packager
Vectorian
****
Posts: 2876


WWW
« Reply #3 on: January 17, 2009, 06:59:52 pm »

wheel is a holdover from UNIX in the dim and distant past.  I'm not sure why it was named wheel. 

A user does NOT have to be a member of wheel to use sudo.  Who can and cannot use sudo and what privileges they have is determined by the /etc/sudoers file.

The purpose of wheel is to create a group of users who have some system administration privileges, in other words some subset of root privileges not allowed for ordinary users.  sudo is one possible tool (and perhaps the best tool) for parsing out those privileges.

A default /etc/sudoers file has a commented out line that looks like:
Code:
#%wheel ALL=(ALL) ALL

If you remove the # at the beginning of the line it becomes active.  At that point any member of wheel has full root privileges if they use sudo.  If you want to try this please remember that /etc/sudoers must be edited as root with the visudo commandy ONLY.  visudo parses the file for correct syntax.  If you use another editor you can seriously break sudo.

Ubuntu does something different which, from my security professional paranoid perspective, is a really bad idea.  It assigns the first standard user created sudo ALL privileges with the NOPASSWD option enabled.  That bypasses wheel and effectively gives that user root privileges using sudo without ever having to enter a password.  It's all very Windows-like and makes Ubuntu seem easier to use but it also leaves the door open for an unsophisticated user who knows just enough to be dangerous to do all sorts of nasty things to their system with little or no forethought. 

Anyway, sudo is an incredibly powerful tool.  I even use it on my own personal systems because it logs the commands I enter prefixed by sudo.  If I do something stupid at least I can go back to my logs and see what I did and fix it Smiley  Learning how sudo works is a very, very good idea.  Putting yourself in the wheel group is an easy way to give yourself root privileges without having to use the actual root password and with the ability to log what you're doing.
Logged

eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1
rbistolfi
Packager
Vectorian
****
Posts: 2290


« Reply #4 on: January 17, 2009, 07:04:05 pm »

Cait beat me to the punch, anyway this is what I wrote Grin

Not sure why it is called wheel, but members of wheel will be able to login as another user using the su  command.
Logged

"There is a concept which corrupts and upsets all others. I refer not to Evil, whose limited realm is that of ethics; I refer to the infinite."
Jorge Luis Borges, Avatars of the Tortoise.

--
Jumalauta!!
caitlyn
Packager
Vectorian
****
Posts: 2876


WWW
« Reply #5 on: January 17, 2009, 07:10:20 pm »

What Rodrigo posted is certainly correct for VL but NOT necessarily for other Linux distros or UNIX builds.  Who can or cannot use su is also configurable Grin  As you've probably figured out Linux can be customized to the nth degree.

Anyway, I generally prefer sudo to su because I don't have to give out all of root privileges at once on a multiuser system.  I can give out just bits and pieces.  I also prefer it on my personal systems because of the logging feature.  Going back to a security or sudo log has saved me on a couple of occasions.  I don't care how brilliant you are and how much LInux you know you can still make mistakes.  I sure do.
Logged

eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1
rbistolfi
Packager
Vectorian
****
Posts: 2290


« Reply #6 on: January 17, 2009, 07:20:17 pm »

Of course, many Linux distros are not setting a wheel group at all these days. It is very easy to change that behavior, chown and chmod would do it, "necessarily" its a very relative term in *NIX Grin
Logged

"There is a concept which corrupts and upsets all others. I refer not to Evil, whose limited realm is that of ethics; I refer to the infinite."
Jorge Luis Borges, Avatars of the Tortoise.

--
Jumalauta!!
EyesOnly
Member
*
Posts: 78



« Reply #7 on: January 18, 2009, 06:37:58 am »

Thanks for that rundown Caitlyn. I'm sure Harry will agree with me when I say, "You learn something new everyday." Even for someone who's been banging away at the keyboard under various systems since 1980. (I just realised that this morning! YIKES!)

Again, thank you kindly! I really do appreciate the wonderfully knowledgeable people we have on this forum believe me! Smiley

Amicalement/Cheers!

Eyes-Only
"L'Peau-Rouge"
Logged

"We never know just how much a kind word, or a gesture, will lift the spirits of a friend, or person, in need and heal them." (jimmymac)
Windozer
Vectorite
***
Posts: 386


Have Vector Linux, Will Travel.


« Reply #8 on: January 18, 2009, 09:43:07 am »

Thanks, Rodrigo
Thanks, Caitlyn
- and again let me second EyesOnly on the great assistance!

Such an excellent and detailed reply makes me wonder if you're not a sysadmin professionally? (If you don't mind me asking.)

Quote
...wheel is a holdover from UNIX in the dim and distant past.  I'm not sure why it was named wheel.

Well, I think I found the answer ---

note the double-rounded Human Interface Device below:  Cheesy Cheesy


Logged

483,617th Registered Linux Snoozer
kidd
Packager
Vectorian
****
Posts: 682


« Reply #9 on: January 18, 2009, 10:18:10 am »

Great pic WinDoze.  I've been looking at it for 10 minutes, reading and re-reading the text.

It's amazing how progress scales at a great speedup.

Scientists with best knowledge of technology 50 years ago couldn't even imagine some of the things that are happening now.
Logged

rbistolfi
Packager
Vectorian
****
Posts: 2290


« Reply #10 on: January 18, 2009, 10:25:00 am »

I have heard the emacs keybindings were inspired by that board Grin

What I really wonder is why they put  a home computer prototype in a submarine Cheesy
Logged

"There is a concept which corrupts and upsets all others. I refer not to Evil, whose limited realm is that of ethics; I refer to the infinite."
Jorge Luis Borges, Avatars of the Tortoise.

--
Jumalauta!!
caitlyn
Packager
Vectorian
****
Posts: 2876


WWW
« Reply #11 on: January 18, 2009, 12:43:51 pm »

I have heard the emacs keybindings were inspired by that board Grin

What I really wonder is why they put  a home computer prototype in a submarine Cheesy

Rodrigo you just don't get it.  Living in a submarine will be all the rage by 2004.   Grin  It will remain super popular until apartments at the Lunar Colony become more affordable.
Logged

eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1
overthere
Vectorian
****
Posts: 1281



« Reply #12 on: January 18, 2009, 04:26:38 pm »

Interesting pic..I worked at a console like that for a few years, the wall reminds me of rocky jones..all I had was a giant plotter...likely a few literal bugs plucked out of that...if it actually did anything...so wheel is for sub admins? not full access but enough to solve local issues
Logged

Everything Is Relative
Windozer
Vectorite
***
Posts: 386


Have Vector Linux, Will Travel.


« Reply #13 on: January 18, 2009, 04:51:14 pm »

LOL

Yeah, I love that picture.  Surprised I found it so fast... well, indeed, google images is certainly one of the things they couldn't imagine 50 years ago. "Well, it will be like a world-sized phone book and Dick-Tracy wrist television combined with a great table of contents... all at your finger tips."

First time I saw it in 2004, it reminded me of a nuclear reactor control room - with a 1960 T.V. hung precariously on the wall.

>> wheel is for sub admins?

And the smaller, inside wheel is obviously for fine tuned control...

Yes, by 2004, the Submarine Apartment will be affordable by all --- maintenance costs will be low, with one exception: when you have to call the plumber to fix a leak.

 Tongue

- Howard
living in the low-down rent district ... glub glub glub ~~~
Logged

483,617th Registered Linux Snoozer
rbistolfi
Packager
Vectorian
****
Posts: 2290


« Reply #14 on: January 19, 2009, 07:02:32 am »

Found this one: http://lists.freebsd.org/pipermail/freebsd-chat/2003-December/001724.html
looks like we will never know the truth...
Logged

"There is a concept which corrupts and upsets all others. I refer not to Evil, whose limited realm is that of ethics; I refer to the infinite."
Jorge Luis Borges, Avatars of the Tortoise.

--
Jumalauta!!
Pages: [1] 2
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!