From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-199896-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 21ECE158020
	for <garchives@archives.gentoo.org>; Wed, 26 Oct 2022 19:27:59 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 48A96E09BF;
	Wed, 26 Oct 2022 19:27:53 +0000 (UTC)
Received: from tncsrv06.tnetconsulting.net (tncsrv06.tnetconsulting.net [IPv6:2600:3c00:e000:1e9::8849])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id E21E6E097C
	for <gentoo-user@lists.gentoo.org>; Wed, 26 Oct 2022 19:27:52 +0000 (UTC)
Received: from Contact-TNet-Consulting-Abuse-for-assistance
	by tncsrv06.tnetconsulting.net (8.15.2/8.15.2/Debian-3) with ESMTPSA id 29QJRpYx006958
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO)
	for <gentoo-user@lists.gentoo.org>; Wed, 26 Oct 2022 14:27:51 -0500
Subject: Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
To: gentoo-user@lists.gentoo.org
References: <Y1icwhwgw3WJpBQG@waltdnes.org>
 <AM6PR10MB2440A940379969FE0A2D6D32EF309@AM6PR10MB2440.EURPRD10.PROD.OUTLOOK.COM>
 <Y1jURxx+uvtr5E/Y@waltdnes.org>
 <AM6PR10MB244018D45D67CF1633EAB4F6EF309@AM6PR10MB2440.EURPRD10.PROD.OUTLOOK.COM>
 <e19fda7e-8611-fcbf-a275-ccf8a2ea1fd3@spamtrap.tnetconsulting.net>
 <AM6PR10MB244072B23AC2FA84B29C14D3EF309@AM6PR10MB2440.EURPRD10.PROD.OUTLOOK.COM>
From: Grant Taylor <gtaylor@gentoo.tnetconsulting.net>
Organization: TNet Consulting
Message-ID: <d5e055d6-0d5b-94bb-8f8f-e2dcf8e1cc88@spamtrap.tnetconsulting.net>
Date: Wed, 26 Oct 2022 13:26:54 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.13.0
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
MIME-Version: 1.0
In-Reply-To: <AM6PR10MB244072B23AC2FA84B29C14D3EF309@AM6PR10MB2440.EURPRD10.PROD.OUTLOOK.COM>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Archives-Salt: ef1ca509-ebb2-4783-ae6c-bec23761bdf2
X-Archives-Hash: db813bb0ddbed7f6ef9de806a51937c8

On 10/26/22 12:04 PM, Ramon Fischer wrote:
> Also a very interesting question!

}:-)

> I just tested this with "visudo" and it does not intercept this.

Nor should it.

It's perfect legitimate sudoers syntax.

The location; /etc/sudoers.d/zzzzzzzzzz vs the end of /etc/sudoers 
(proper), doesn't matter.

> If "su" is disabled, you are locked out and you are forced to enter your 
> system via a live USB stick and a "chroot" in order to edit 
> "/etc/shadow" to set a root password via "mkpasswd" and enable "su".

Which is one of the reasons that it's important to have (set) a known 
root password.



-- 
Grant. . . .
unix || die