Posts Tagged ‘policykit’
I’ve recently gone back to the roots and installed Debian testing to replace Ubuntu. I would like to keep the concept of a disabled root account from Ubuntu, I tried for a long time using trial and error until I Read The Fucking Man page and found the solution to configure PolicyKit for sudo users. I’ve chosen to use a new group I called admin like the one from Ubuntu, although using the sudo group would fit the purpose on my single user machine.
adduser <username> sudo
With visudo make sure you have a line like this:
%sudo ALL=(ALL) ALL
Expire the root password and set sudo mode in gnome:
sudo passwd -l root
gconftool --type bool --set /apps/gksu/sudo-mode true
Create the group admin and join it:
adduser <username> admin
This setup is the one I’ve chosen, with disabled root and a permissive sudo group. There is endless possibilities if you read the man pages of sudoers and pklocalauthority.
That’s it! I hope…
Ari had a an important comment to make:
That configuration file says not to edit it. Just copy the file to something like 90-customauthority.conf with the same customized contents.