# A Question about users and security

## brent7890

What I've never been quite good at is managing users and security through linux or unix in general. I know there is the chmod and chown commands followed by wxr or 741, depending on which syntax you use, and yet there seems to be a little more flexibility or control using some sort of security interface which allows you to check mark certain categories which enable a list of commands that fall into that category. This is great. I would like to know a little more though, or a lot more, since a large part of the linux persona is based on it's security features, and I'm not quite sure where to look. For example, say I wanted to allow a user to be able to use the mount command, but only for a specific hard drive. How would I do that? Like say, be able to mount a SD card. There is also the sudo command, which I don't particularly like all that much out of personal distaste, I do believe it is a good command, but I'd rather have a rigid structure set that I could change from time to time. Probably some sort of program, which I may already have which I'm not aware of, I have kde-meta installed, and know there is a user account tab inside security; doesn't seem to work in the way that I'm looking for however (or else, I don't know how to use it). I have policykit and consolekit emerged. I want a comprehensive program that is simple to use. What do you guys like? Any suggestions or links that I may find what I'm looking for? Thanks in advance.

----------

## The Doctor

 *Quote:*   

> I wanted to allow a user to be able to use the mount command, but only for a specific hard drive. How would I do that?

 

Edit /etc/fstab. Include "users" for all users or "owner" for the owner of the file system.

 *Quote:*   

> here is also the sudo command, which I don't particularly like all that much out of personal distaste, I do believe it is a good command, but I'd rather have a rigid structure set that I could change from time to time.

 

Well, it really is necessary. For example, You should not try to let portage install anything without your password. 

The easiest way to run commands that you want that need root access but you are not worried being abused, like shutdown -r now or mount /mnt/cdrom but NOT like emerge, chown, chmod, or similar, about is to edit the sudoers file to allow your user, group, or whatever to use the command without a password. Then set an alias in your ~/.bashrc file. You do that like this:

```
alias cdrom="mount /mnt/cdrom/"

alias sync="sudo emerge --sync"
```

Note that my alias for emerge --sync invokes sudo, but it does not do it without a password.

In Essence, you are running a desktop on a server. Its not meant to give you access to the system. There really is no way around that. Its the unix way. KDE does all kinds of acrobatics to give you easy access to your optical drives and flash drives and make the computer feel more user friendly, but its all an illusion.

Basically, for your security to work, you need to segregate your user commands from you administrative commands. What it sounds like you want to do is blur the line. It would both destroy the security model and be a pain in the rear to set up.

----------

## brent7890

Thanks penguin swordmaster for your comment.

 *Quote:*   

> Edit /etc/fstab. Include "users" for all users or "owner" for the owner of the file system. 

 

Yes, I did figure this out yesterday by reading the mount manual, it was very helpful and thank you for also suggesting it. By any chance, do you know what options I would pass through fstab to allow a user to move and copy files back and forth? My user can't even save files to the regular disk; I will read through the mount manual again and see what I can find, thanks.

 *Quote:*   

> Well, it really is necessary. For example, You should not try to let portage install anything without your password.

 

True. I am aware of how fatal it could be with my system in the wrong hands especially with the emerge command, which strictly was not my intent. I guess I just want to be able to mount my multimedia and be able to use it, even it if prompts me for a password, I don't care. Isn't there some way to use the user account and be able to access things automatically without having to open a terminal to run as root? Not bypassing security or anything, but just making it easier. The user manager isn't quite what I'm looking for.

 *Quote:*   

> The easiest way to run commands that you want that need root access but you are not worried being abused, like shutdown -r now or mount /mnt/cdrom but NOT like emerge, chown, chmod, or similar, about is to edit the sudoers file to allow your user, group, or whatever to use the command without a password. Then set an alias in your ~/.bashrc file.

 

Isn't there another way or another configuration utility besides sudo I could use? Just asking.

 *Quote:*   

> Basically, for your security to work, you need to segregate your user commands from you administrative commands. What it sounds like you want to do is blur the line. It would both destroy the security model and be a pain in the rear to set up.

 

Not at all, just an easier alternative which eases the flow for desktop usage. I don't mind commands, but in certain instances, for convenience and speed, like having to open a file or access something inside of a classroom in seconds. I am the kind of person that hotkeys a lot of applications like firefox, libreoffice, or kate, because in a classroom during a lecture, to capture an idea through dialectic discussion, it's important that I am quick. Isn't there a config file somewhere already in place? It seems that there would be one in a basic linux structure as some daemon already running. Thanks again for responding and in advance if you respond again.

----------

## The Doctor

 *brent7890 wrote:*   

> Isn't there another way or another configuration utility besides sudo I could use? Just asking.

 

Well, there is su, but I don't think that is what you are looking for. As far as I know, sudo is unique in allowing users to execute commands as another user.

If you need to be quick I recommend lots of aliases and a short password, or better a long sudo timeout.

EDIT: If you want a convenient terminal, you can try Yakuake. I have it set to autostart so I have a terminal on my desktop that I can show or hide by pressing F12. I also have full transparency set so it looks really cool.

----------

## brent7890

 *Quote:*   

> Well, there is su, but I don't think that is what you are looking for. As far as I know, sudo is unique in allowing users to execute commands as another user. 

 

I'll consider sudo, it's the conventional thing to do. The only thing I'm worried about is after emerging it, breaking a bunch of things that already work by adding complicated security features over everything. Once I do it, there's practically no going back. What do you think? I've never actually backed up an entire hard drive before, only important files, but I don't exactly want to spend another 2 or 3 days going through an entire gentoo install again   :Razz:  . 

 *Quote:*   

> If you want a convenient terminal, you can try Yakuake. I have it set to autostart so I have a terminal on my desktop that I can show or hide by pressing F12. I also have full transparency set so it looks really cool.

 

You just reminded me to set that up. I'm used to Guake, but since I'm using KDE (not like it really matters) I will give Yakuake a try. I think the kde desktop is more beautiful than the gnome desktop personally, so I'll go with Yakuake this time.

Thanks penguin swordsmaster.

EDIT: I emerged sudo. I'll just have to learn to tweak it to do what I want. I'll leave you guys be now, thanks for the help.

----------

## mv

 *brent7890 wrote:*   

> I'll consider sudo, it's the conventional thing to do. The only thing I'm worried about is after emerging it, breaking a bunch of things that already work by adding complicated security features over everything.

 

It is quite the opposite: IIRC, the default configuration of sudo does not allow anything. You really have to put everything which you want to allow explicitly into /etc/sudoers (or perhaps better into /etc/sudoers.d). For instance, you can allow special mount commands (or a dedicated writtten-by-yourself mount script) for your user without any password. So emerging sudo alone is not a security risk; the only risk is if you explicitly allow something for which you are not completely sure that it cannot be exploited.

In contrast, if you install things like policykit, consolekit, or other of Lennart's crazy "run-me-as-root, I know better than you which security you need" daemons, you have a hard-to-overview level of complexity of programs running as root for which you can almost be sure that some clever guy will find exploits.

----------

## cach0rr0

 *mv wrote:*   

> 
> 
> It is quite the opposite: IIRC, the default configuration of sudo does not allow anything. You really have to put everything which you want to allow explicitly into /etc/sudoers (or perhaps better into /etc/sudoers.d). For instance, you can allow special mount commands (or a dedicated writtten-by-yourself mount script) for your user without any password. So emerging sudo alone is not a security risk; the only risk is if you explicitly allow something for which you are not completely sure that it cannot be exploited.
> 
> In contrast, if you install things like policykit, consolekit, or other of Lennart's crazy "run-me-as-root, I know better than you which security you need" daemons, you have a hard-to-overview level of complexity of programs running as root for which you can almost be sure that some clever guy will find exploits.

 

++ on both paragraphs

sudo isn't that invasive or complex, and isn't a risk unless you configure it to allow something dumb - but the default, does not allow dumb things

and *-kit is stupid. Glad I rid my system of them in their entirety.

----------

## Genone

If you only want to grant some additional priviledges to a limited number of users than sudo will be the easiest solution. For a more extensive solution you should do a bit more research about MAC/DAC/RBAC solutions like libacl, selinux, grsecurity and co., but these are a completely different level of complexity compared to sudo.

----------

