0
I'm configuring Ubuntu 12.04 for my sister. I'd like to give her a system that she really can't screw up, but can still do normal things like install software.
I don't want to just add her user to /etc/sudoers
so that she can become root because she could possibly mess something up.
I know that I should be able to get around this by just adding her to the necessary groups, but I'm not sure which ones those should be.
Could anyone suggest them or point me in the direction of some kind of list that heavily used software in Ubuntu requires group membership?
With a little work, and some poorly documented policykit configuration, you could conceivably define a group which would have the ability to install packages from Ubuntu repositories, but noy have sudo access. Granted, she could still mess something up, but if she's only got the installation of packages with which to do it, it's less likely to happen. http://hal.freedesktop.org/docs/PolicyKit/index.html
– Stephanie – 2012-07-05T21:15:19.477All I can say is if that worked well, was easy, and didn't cause problems then it would probably be the default method. Maybe it will be some day. – CR. – 2012-07-05T21:37:50.927
Yeah, I seriously thought about it as an answer, but PolicyKit has turned into a mess of arcane incantations - great for distributions to be able to provide preconfigured access groups, horrible for real fine grained control, even though that was the original intent behind PolicyKit. – Stephanie – 2012-07-05T22:27:26.967