[ale] WAS: dialog box ... NOW using Firestarter and Ubuntu sudo and admin groups

Ron Frazier atllinuxenthinfo at c3energy.com
Sat Sep 18 16:46:41 EDT 2010 

Brian,

Based on your encouragement, I was able to use visudo on my Ubuntu 10.04 
system to edit the /etc/sudoers file to allow starting the Firestarter 
firewall automatically on boot without asking for a password.  I never did 
find out how to keep the initial password dialog box from vanishing.  If 
anyone is interested, I'll post the procedures.

I've found some interesting quirks relating to Firestarter.

It can only be set for one Internet interface.  I normally have it set for 
my wireless connection. However, if I take my laptop and plug it into my 
cable modem directly, it will not be active on that interface unless I 
manually change it.

If I preset Firestarter for the wired ethernet port then plug it into my 
cable modem, it works and all ports are stealthed, according to the Shields 
UP! test at grc.com.  If I reboot in this mode, whether or not I start the 
GUI, all ports are stealthed.  (This varies depending on how Firestarter is 
installed.)

HOWEVER, if Firestarter is set for the wrong network interface, and I plug 
into the cable modem or boot while attached to the cable modem, then ALL 
PORTS ARE NOT STEALTHED, they are closed, except for a few which are 
stealthed.  Also, the system responds to ping under these conditions.

*** I'm not using Internet Connection Sharing, so I really wish I could 
just tell the firewall to stealth ALL ports on ALL network interfaces, from 
the moment the computer is booted.  I believe that's what the Windows 
firewall does.  That way, I wouldn't have to remember to change the network 
interface setting when plugging into a wired lan and then change it back 
when going wireless.

If Firestarter is set for the wireless, it won't start until the wireless 
connection is activated.  I believe that, if it's set to the wired 
interface, it won't activate until the lan cable is plugged in and a 
connection established.  If  Hopefully, there is no period of time when the 
computer is not protected.

Ubuntu does have an admin group, which I (the only login) am in by 
default.  It also has a sudo group, which I'm not in.  I don't know what 
they do.  Can anyone shed light on that?

Ron

At 9/16/2010 11:03 AM -0400, Brian Pitts wrote:
>On 09/16/2010 10:17 AM, Ron Frazier wrote:
> > Brian,
> >
> > Thanks for that tip.  I looked at the instructions, as well as looking at
> > some information about editing the /etc/sudoers file.  I'm a bit reluctant
> > to do that since you have to use visudoers to edit it and it's apparently
> > easy to mess it up.  I can keep entering my password to start firestarter,
> > but I'm still curious why that dialog box vanishes when gnome starts.
> >
> > Also, I notice that my username, the only one on the computer, is in the
> > Ubuntu admin group but not the sudo group.  Can anyone explain the
> > functions of those two groups?
>
>Is there a group named sudo in Ubuntu?
>
>Ubuntu has the entry
>
>%admin ALL=(ALL) ALL
>
>which means 'members of the admin group, on any computer where this file
>is installed, can run as any user any command'
>
>The point of using visudo is that it checks the syntax of the file. It
>will warn you if it's messed up when you try to save it. Also, don't be
>afraid because it has vi in the name. visudo uses whatever editor you
>set as the default by running 'sudo select-editor'. The default out of
>the box is nano.
>
>--
>All the best,
>Brian Pitts


--------------------------
(PS - If you email me and don't get a quick response, you might want to 
call on the phone.  I get about 300 emails per day from alternate energy 
mailing lists and such.  I don't always see new messages very quickly.)

Ron Frazier

770-205-9422 (O)   Leave a message.
linuxdude AT c3energy.com

More information about the Ale mailing list