Chris Green wrote: > I'd like to force a different password from my own password when I do > 'sudo -i' to get root privilege. However I'm a bit frightened about > what might happen if I set 'Defaults rootpw' in the sudoers file but > forget to actually create a root password. (This is on systems where, > previously, I've never had a root password). > > Would this totally lock me out from becoming root? Would the only way > out be to boot into single user mode to mend things?
Mostly, yes. > ... or is visudo clever enough to spot this? No. How about this: Create a second user -- we'll call it foo. Give foo sudo privileges. Take away sudo privileges from your normal account. Now, when you want to do something with root privileges, you ssh to localhost as foo: ssh foo@localhost give foo's password to login, then run sudo, giving foo's password again. Never use foo or foo's password in any other context. Does that solve your issue? -dsr-
