Tips for the Trusting

These tips can make life easier on your computer or home network, but they are extremely insecure. DO NOT use them unless:

1. Only you (or those you trust completely) have physical access to your computer.
2. Your LAN is isolated from the internet by a reliable firewall.
3. You trust the computer/user to whom you give sharing privileges.

To allow the default user to execute sudo without having to give the password

1. Make sure that the username is listed in the sudo group in the file /etc/group. Edit the file if necessary. Here's an example:

   .
   .
   floppy:x:25:                        
   tape:x:26:                          
   sudo:x:27:dierdorf                  
   audio:x:29:pulse                    
   dip:x:30:                           
   www-data:x:33:      
   .
   .
   

2. Edit the file /etc/sudoers to give permission. You must use the program visudo (as root) to edit this file! (If sudoers is messed up, the system might not run at all; the visudo program checks for syntax errors before writing back to the disk.) To be safe, do the following:

   > cd /etc
   > sudo cp sudoers sudoers.bak
   > sudo visudo
     [make changes as shown below]
     [save the file]
   

3. Note that you will be using the vi editor whether you like it or not — make sure you know how to get into insert mode (press i) and how to exit (esc, :x! to quit without saving, esc, :wq to save your changes.)
4. Here's the line to be added as the last line of the file:

   # User privilege specification
   root    ALL=(ALL) ALL
   
   # Members of the admin group may gain root privileges
   %admin ALL=(ALL) ALL
   %sudo ALL=NOPASSWD: ALL
   

   Sharing directories between Linux computers on the same network.

   1. Make sure that the package nfs-kernel-server is installed on the computers at both ends of the connection. (You will probably have to restart for it to take effect.)
   2. On the remote machine, add the following line to file /etc/exports:

      # /etc/exports: the access control list for filesystems which may be exported
      #               to NFS clients.  See exports(5).
      #
      # Example for NFSv2 and NFSv3:
      # /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
      #
      # Example for NFSv4:
      # /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
      # /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
      #
      /home/dierdorf  gateway(rw) lphoto(ro)
      

      ...listing the directory to be shared, each computer you wish to allow access, and whether you want read-write or read-only privilege. For example, I'm allowing machine "gateway" to have RW access to my home directory on the laptop, but "lphoto" can only read it.

   3. On the local machine, execute mkdir otherdir to create a mount point.
   4. Execute sudo mount [url] otherdir where [url] is of the form "machine://path". For example, othercomputer://home/dierdorf or 192.168.0.2://home/dierdorf/sharedfiles
   5. At this point, the named directory at the remote computer should be accessible as otherdir on the local computer.
   6. If you want the connection to be automatic in future sessions, add the following line to your /etc/fstab file:

      [url as above] [mountpoint] nfs users,auto 0 0
      

   7. Do this backwards (reversing local and remote) if you want to share a directory structure the other way, too.

   Auto Logon without Password

   1. Go to System Settings -->Advanced -->Login Manager -->Convenience.
   2. Click "Enable Auto-Login" box and select your user name.
   3. Click "Enable Password-Less Logins" and select your user name.

   On your head be it.

   ---

   Last modified: Tue Jun 9 17:34:15 CDT 2009