2018-08-07 14:50 keltezéssel, The Wanderer írta: > > But it's more secure to require a second password to do elevated things > than to permit doing those things with the same password as is used for > ordinary activities.
Then use other pam backend module for sudo and not the 'common-auth'. There are lot of pam auth methods. You only have to create a second database which is supported by some of the libpam modules and modify /etc/pam.d/sudo In this case you still don't have to share a common root password (which is really bad) and can require a second password for doing elevated things.
