Question

9

When Ubuntu asks for an admin user's password, how does it decide which administrative user to ask for?

rated 0 times [ 9] [ 0] / answers: 1 / hits: 3135 / 1 Year ago, tue, december 20, 2022, 1:26:51

I am setting up an Ubuntu (10.10) machine that will be used by several people. It is a shared machine in a small office. Its primary roles are hosting virtual machines with VirtualBox and serving files with Samba.

For Samba, several user accounts need to be set up so that various people can connect to the Samba shares from their own workstations. However, there is also an account that is dedicated to just running virtual machines, that multiple people will be using. Sometimes people try to do things with this account that require elevated privileges - this causes Gnome's "please enter an administrative user's password" dialog to pop up. However, this dialog requests my password - when I set up the machine, mine was the first account created, so it seems to be assuming that I am the only user granted sudo powers.

I want to designate another user as the "administrator of first resort," so to speak, and it can't be the shared-account user, because everyone has to know the password of that account, so I want its privileges strictly limited. It can't be my account, since no effing way am I telling other people my password, and I won't be present at the site often enough to enter it myself. There is, though, someone who can do this in person, so I added them to /etc/sudoers. How can I tell Ubuntu that when it needs to elevate privileges for something, it should ask for their account first?

To summarize:

Accounts on the machine: Alice, Bob, Carol, Dave, Eliza.

When Ubuntu was installed, Alice was the first user, added during the install process.

"Dave" is actually an account that many people use, who can't be in /etc/sudoers because its password is public knowledge.

Bob has been set to be an "Administrative" account in Gnome and is appropriately entered in /etc/sudoers - Bob is the boss at this office.

When actions that need elevated privileges are attempted while logged in as Bob, Carol, Eliza, or Dave, the system should request Bob's credentials.

When actions that need elevated privileges are attempted while logged in as Alice, the system should request Alice's credentials (although Alice is sort of a buckaroo sysadmin and has a habit of using su - to do extended admin tasks).

What config changes do I need to make to bring about the desired state here?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

coffekne

Add To Favorites

Follow

Total Points: 114

Total Questions: 122

Total Answers: 126

Location: Mauritania

Member since Sun, Oct 17, 2021

3 Years ago

answered 1 Year ago oraoming · Accepted Answer

First of all let to point out that privileged actions are allowed for a non-root user through two different mechanisms.

sudo

PolicyKit

The first one is used when you explicitly run a command with sudo or a menu item whose command is wrapped with gksu (like Synaptic Package Manager).

In this case the password required is that of the invoking user, usually the user logged in.

The second one is used when a PolicyKit-aware application try to perform a privileged action. In such a case the application asks the PolicyKit Local Authority (through D-Bus) if the action can be executed. The Local Authority then, through an Authentication Agent, asks the active user to prove its identity. The dialog windows is like the following (unfortunately with text in italian :)

enter image description here

You can identify PolicyKit from the little black triangle and the label Details.
As you can see, if more that one user is in the admin group, you can choose from the list which user to use for authentication.

Given all this, both sudo and PolicyKit are much more complicated, with respect to the configurations that can be achieved: you can configure action that can be executed without password, executed only by a particular user or group, etc.

Coming to your question, when the mechanism used by the application is PolicyKit, independently from the current logged in user, the password required would be that of Bob or Alice (the only two admin user, if I understand correctly), and you can change from the list which user you want to use for authentication.

When the mechanism used by the application is sudo (for admin tasks performed through GUI this is becoming less frequent), you have no immediate and simple mean to choose the user for authentication.