Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'With login you do not need the root password' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
With login you do not need the root password
Authored by: anjoschu on May 22, '04 03:22:42AM

I find this sandbox thing pretty interesting. What disturbed me was that you need the root password to sudo something as another user. To me it makes more sense to use the sandbox user's password.

This works with "login username"

Unfortunately, I have not yet found a way to perform a script like "login username; /Applications/Safari.app/Contents/MacOS/Safari", as the command after the ; does not make it into the new shell.

By the way, if you want to be able to sudo from a non-Admin user, edit the file /etc/sudoers accordingly.

The warning about the application being able to launch applications as the GUI user is true. E.g. when you double click on an application from a sanbox user's Finder.app, the app launches as the GUI user. Same as with the open command. There must be some system call for "open". Now if we only could modify this so that applications open other applications as the sandbox user.



[ Reply to This | # ]
visudoers ??
Authored by: slughead on May 23, '04 03:18:04PM
can anyone remember the command to edit the sudoers file (it's basically vi with syntax correction specifically for the sudoers file..).

it's something like visudoers .. anyone?

---
http://lp.org -- that's all you need to know

[ Reply to This | # ]

"sudo visudo" (n/t)
Authored by: anjoschu on May 26, '04 07:32:20AM

no text



[ Reply to This | # ]
With login you do not need the root password
Authored by: mzs on May 29, '04 07:41:24PM
This is what I do:

/usr/bin/login -p username

This is almost always works the way I want.

Using the explicit path uses the login command instead of the the login shell builtin. This is better because the shell forks and execs the login command. This way you are able to hit ^D (CTRL+D) to logout of the user you were using temporarily back to where you were before.

The -p option tells the login command to not throw away the environment of the previous user when becoming the temporary user. This can cause some programs to behave oddly in the temporary user but usually I login to an account that has not done much customization in the login files. So in effect I get my configuration for commands in the temporary user, which I like. Also this works around the fact that there is no /etc/termcap by default. (This is a good thing, terminfo is much better.) It just keeps the terminal I had previously. The other environment variables like HOME that matter are still tweaked appropriately by login though.

[ Reply to This | # ]