First we need to create a group which will have all the permissions required for our users to mount and umount volumes
Login to a shell as root and type the following commands:
groupadd truecrypt
now we need open the visudo file and add permissions for the truecrypt group to work: (I added the line to the bottom of the file)
visudo
# Users in the truecrypt group are allowed to run truecrypt as root
%truecrypt ALL=(root) NOPASSWD:/usr/bin/truecrypt
make sure you save and exit (if you do not know how to use visudo or vi, man visudo or man vi will help you, you can also google for common vi commands. IT IS NOT RECOMENDED TO EDIT THE VISUDO FILE FROM ANOTHER EDITOR. THE SAFE WAY TO EDIT THE VISUDO FILE IS TO RUN VISUDO FROM A ROOT SHELL
Finally we need to add our trusted users to the truecrypt group so they can mount and unmount truecrypt files.
gpasswd -a USERNAME truecrypt
No comments:
Post a Comment