Description of problem: During the user creation section of the installer, you have the option to add the user to the wheel group. However, if you want to use sudo, you must install the package after booting into the system. Having sudo installed by default even if no user is in the wheel group wouldn't create any issues in regards to security and could improve the offline install experience. Steps to Reproduce: 1. Go through the "OEM" phase of the install (partitioning, bootloader installation, etc) 2. Reboot 3. Create a user and, under the "advanced" tab, add it to the "wheel" group 4. Finish the install 5. Log into the desktop 6. Open a terminal and run "sudo su"
I just want to a make a comment regarding line 6. in the example in that it is a strange use of sudo to call su which is a call any user can make. A better example for sudo would involve a call to something where an ordinary user would need privilege.
CC: (none) => rihoward1
Assigning initially to the ISO group, but this may be more relevent to drakxtools, so CC'ing tv. The suggestion to always install sudo seems simpler; it *is* rather basic. Presumably the same problem could arise if you did not have sudo installed, and added/changed a user for group 'wheel'. I found that after adding myself to 'wheel' via MCC (use 'usermod' from command line), sudo still gave its error about "not being in the sudoers file"; it only worked after a re-boot.
CC: (none) => thierry.vignaudAssignee: bugsquad => isobuild
Adding a user to the wheel group allows them to run the drakx tools (MCC and its components) without knowing the root password, so it's not just for using sudo. And I use sudo on my systems without adding myself to the wheel group. So IMO the two should not be tied together. Installing sudo by default is a different thing. If a user was added to the wheel group to let them run the drakx tools, that would then enable them to run any command as root. Again IMO, we shouldn't do that. The original request is for a change to the installer, so reassigning to mageiatools for others to add their opinion.
CC: (none) => mageiaAssignee: isobuild => mageiatools
Hi, This bug is against our Installer DrakX. @Developers/Packagers: Feel free to reassign to correct person. Also, if you are working on this, please change the status of this bug to "Assigned". Feel free to close this if already fixed. @All Thanks making DrakX even better.
The other thing the wheel group addition was originally for was allowing use of the su command if ENABLE_PAM_WHEEL_FOR_SU is set to yes in msec. The sudo thing was a relatively recent addition. (side note, sudo su isn't the right way to use sudo. sudo -s would be the correct equivalent, or sudo -i for the equivalent of su -).
Hi bug reporter and hi assignee and others involved, Please reopen this bug report if it is still valid for Mageia 8 or 9(cauldron), and change "Version:" in the upper left of this report accordingly. This report is being closed as OLD because it was filed against Mageia 7, for which support ended on June 30th 2021. Thanks, Marja
Status: NEW => RESOLVEDResolution: (none) => OLD
I would like us to chew this a bit more. As Martin say above, adding user to wheel group enables user access with own password to both drakxtools and sudo - if installed. In the Mageia 8 installer it would be nice to have that option clarified. As it is now: in the step when defining user, we have to click a butto to open a second dialogue, and find it in a list of other options. I suggest: a) Move that option to the main dialogue. Because sudo is often wished for by new users as other distros have them, and also a lot of examples in our own wiki use sudo! So it shopuld be easy to find. b) Change the explanation text: it now say it enables user to run "su" (which is a bit cryptic). I suggest: "Enable user to use Mageia Control Center with his own password, and 'sudo' without further configuration if package sudo is installed. (by editing configuration user can use sudo more selectively without being added to wheel, but this is supposed to offer an easy way) I suggest this option to NOT be enabled by default, but that is up for discussion. Next question is when sudo gets installed by default. As Martin say, installing sudo and adding user to wheel should be separate selections. On my systems sudo have gotten installed by default. Even checked now in small install, where i unchecked Plasma, selected Lxde, and deselected office apps and multimedia sections. And no packages that depend on sudo i installed (checked urpmq --whatrequires-recursive sudo) So the status now is that it is installed by default on all systems? Martin in https://bugs.mageia.org/show_bug.cgi?id=17720#c2 > if this is implemented it would be done in the drakxtools and share by the > traditional installer, the live installer and the MCC > (i.e. you'd have a checkbox "add as sudoer" when creating a new user). Yes it would be nice to have it in the first dialogue when adding a user. Named the same and same explanation.
Version: 7 => 8Status: RESOLVED => REOPENEDCC: (none) => davidwhodgins, fri, lewyssmithResolution: OLD => (none)