From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RP21s-0006jh-Tw for garchives@archives.gentoo.org; Sat, 12 Nov 2011 01:05:09 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id BFE0721C07B; Sat, 12 Nov 2011 01:04:44 +0000 (UTC) Received: from mail.digimed.co.uk (82-69-83-178.dsl.in-addr.zen.co.uk [82.69.83.178]) by pigeon.gentoo.org (Postfix) with ESMTP id 0EC4F21C1B8 for ; Sat, 12 Nov 2011 01:02:16 +0000 (UTC) Received: from digimed.co.uk (yooden.digimed.co.uk [192.168.1.6]) by mail.digimed.co.uk (Postfix) with ESMTPSA id 0CE5B80145 for ; Sat, 12 Nov 2011 01:02:16 +0000 (GMT) Date: Sat, 12 Nov 2011 01:02:14 +0000 From: Neil Bothwick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] [OT] Binary install distro Message-ID: <20111112010214.1ea9b9d0@digimed.co.uk> In-Reply-To: <4EBDC1A3.5050104@binarywings.net> References: <4EBC1707.5030103@gmail.com> <4EBD3738.9090203@gmail.com> <4EBD4224.7070307@gmail.com> <20111111211831.68ab7c63@rohan.example.com> <4EBD8361.7080407@gmail.com> <20111112002722.300cc554@digimed.co.uk> <4EBDC1A3.5050104@binarywings.net> Organization: Digital Media Production X-Mailer: Claws Mail 3.7.10cvs82 (GTK+ 2.24.7; x86_64-pc-linux-gnu) X-GPG-Fingerprint: 7260 0F33 97EC 2F1E 7667 FE37 BA6E 1A97 4375 1903 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/czdr+X8nOFFp7mWcdYVTGru"; protocol="application/pgp-signature" X-Archives-Salt: b47de7ad-8345-4aa3-9543-212ac1f66770 X-Archives-Hash: 47346918e44ec2308f4ed3a7abfa6819 --Sig_/czdr+X8nOFFp7mWcdYVTGru Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Sat, 12 Nov 2011 01:45:23 +0100, Florian Philipp wrote: > > What happens when there is that one thing they need to do that needs > > root privileges? Do you give them the root password and let them do > > what they want, or do you make that one operation available to them? > SETUID bit like /bin/ping or sudo itself? That being said, I'd also use > sudo unless the usage is so frequent that the constant password typing > becomes a pain. SETUID enables it for everyone, not just the user in question. You can set sudo to allow specified commands to be executed without a password. --=20 Neil Bothwick Everything should be made as simple as possible, but no simpler. --Sig_/czdr+X8nOFFp7mWcdYVTGru Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) iEYEARECAAYFAk69xZYACgkQum4al0N1GQN1bgCfQimLTAc0TdXgwkkKiY55uEN/ GawAniyPQxl2BDy29RSTGo9cRnqgtLH4 =4Cw+ -----END PGP SIGNATURE----- --Sig_/czdr+X8nOFFp7mWcdYVTGru--