Porteus

Porteus User Forum
https://forum.porteus.org/

How to remove guest from sudo group?

https://forum.porteus.org/viewtopic.php?f=140&t=7966

Page 1 of 1

How to remove guest from sudo group?

Posted: 03 Sep 2018, 00:16
by johnywhy
i want to prevent guest from doing anything sudo. But it looks like guest isn't in sudo, but can still sudo.

Code: Select all

$ id
uid=1000(guest) gid=100(users) groups=100(users),7(lp),11(floppy),17(audio),18(video),19(cdrom),83(plugdev),84(power),86(netdev),93(scanner),997(sambashare)
i don't even see a sudo group

Code: Select all

$ getent group
root:x:0:root
bin:x:1:root,bin
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root,adm
lp:x:7:lp,guest
mem:x:8:
kmem:x:9:
wheel:x:10:root
floppy:x:11:guest
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:
dialout:x:16:uucp
audio:x:17:pulse,guest
video:x:18:guest
cdrom:x:19:guest
games:x:20:
slocate:x:21:
utmp:x:22:
smmsp:x:25:smmsp
tape:x:26:
mysql:x:27:
rpc:x:32:
sshd:x:33:sshd
gdm:x:42:
shadow:x:43:
ftp:x:50:
oprofile:x:51:
sddm:x:64:
pulse:x:65:
input:x:71:
apache:x:80:
messagebus:x:81:
haldaemon:x:82:
plugdev:x:83:guest
power:x:84:guest
netdev:x:86:guest
pop:x:90:pop
scanner:x:93:guest
nobody:x:98:nobody
nogroup:x:99:
users:x:100:
console:x:101:
vboxsf:x:999:
vboxusers:x:998:
colord:x:72:
sambashare:x:997:guest
polkitd:x:28:

How to remove guest from sudo group?

Posted: 03 Sep 2018, 01:45
by Ed_P
johnywhy wrote:
03 Sep 2018, 00:16
 i want to prevent guest from doing anything sudo.
Change the root password.

How to remove guest from sudo group?

Posted: 03 Sep 2018, 02:11
by johnywhy
Ed_P wrote:
03 Sep 2018, 01:45
 Change the root password.
hrm, did that. I can tell it worked, cuz when i su, i have to enter the new pw.

But, guest can still sudo. They enter the standard 'guest' password.
Changing the root pw doesn't seem to affect the guest's sudo pwd.

THX

How to remove guest from sudo group?

Posted: 03 Sep 2018, 03:39
by Ed_P
:o Interesting. I wasn't aware of that.

How to remove guest from sudo group?

Posted: 03 Sep 2018, 08:21
by ncmprhnsbl
check out /etc/sudoers with visudo and you'll see this line:
guest ALL=(ALL) ALL
comment(#) it.
whether that will affect the next line, i don't know...

How to remove guest from sudo group?

Posted: 03 Sep 2018, 08:43
by johnywhy
awesome!

It didn't seem to break the shutdown rights. After the change:

Code: Select all

$ sudo -l
User guest may run the following commands on porteus:
    (root) NOPASSWD: /usr/lib/xfce4/session/xfsm-shutdown-helper
if shutdown-helper is the following dialog, then it's still working.
Image
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/