[Techtalk] Sound card gone missing - OSS/ALSA woes

TraceyC grrliegeek at elenari.net
Sun Mar 18 16:10:20 UTC 2012


On 03/16/2012 04:51 PM, Akkana Peck wrote:
>> TraceyC wrote:
>>> As a sysadmin, I'd restrict
>>> him to a wheel account without the ability to break things that
>>> only root can break. A wheel account has the flexibility to add
>>> more ability to change things as he learns while keeping him to the
>>> agreement to not futz with things he shouldn't.
> Little Girl writes:
>> A wheel account sounds good, and then letting him out of it from time
>> to time with the full awareness that he might end the world would be
>> good, too.
> What do you two mean by "wheel account"? I've seen "wheel" used for
> a group that has sysadmin/sudo privileges -- and I just googled it
> and Wikipedia seems to use it that way too. But you seem to mean an
> account that *doesn't* have sudo privileges.

I did actually mean an account that has sudo privileges. With the wheel 
group and visudo you can restrict the types of commands that a 
particular user / group can run. That way, the learner can do things 
like probe hardware and read logs which won't cause breakage, but not 
install things which might cause breakage.

As background, I support web hosting automation software. Some of the 
customers I work with are reluctant to provide root access to their 
servers when we need to troubleshoot. I've seen that sometimes it's 
useful to see configuration / log files on a test server to compare to 
the live environment. Sometimes being able to see logs & config files, 
while making no changes, is necessary. There's a lot to be learned 
without actually compiling or installing anything :)

The default example in the sudoers file (visudo) for the wheel group 
allows the users in the group to run all commands, but it can be set to 
a specific sub-set of commands. Combining this with the other idea you 
and others have mentioned of providing a system (virtual or not) where 
he has full root access & freedom to break whatever he wants is, I 
think, the best solution. That way he can explore without damage on the 
shared box and do whatever he wants on the non-shared test box.

Tracey C


More information about the Techtalk mailing list