why would a general-purpose distro not add users to sudoers file?
Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The fact that you are the only person using the computer doesn't mean that the operating system doesn't see a normal user and the root user (sudo) as two different users. Almost all Linux system have at least two users by default, the standard user and the root (sudo) user. The only exception that comes to mind is Puppy.
Most Linux systems using sudo give the initial default user sudo permissions and it is not clear from your posts if you are saying that Peppermint does not do this or you expect that every user have sudo rights. sudo can be configured for multiple users in many different ways.
I agree that "sudoers" should not be automatically modified – and usually, it doesn't have to. If you are a member of the ("big ...")wheel group, then you have "unlimited sudo." This is what makes them "an administrator." You don't need "root" because any of them can issue: sudo su and thus get to the "#" prompt using their password.
Now, this leads me to the Principle of Least Privilege. Only one user on your system should be an administrator, and you should use that account only for system maintenance. Everyone else should not be a member of "wheel."
(An identical principle applies to every type of operating system that you manage. Every system has some way of creating a "limited user.")
"Rogue software," a.k.a. "viruses," usually have to try to do things "as you" without your knowledge or consent. By voluntarilylimiting what "you" can do, you greatly improve the security of your system. The rogue tries to sneak into the telephone booth, but once there he can only make a phone call. He can't fly away wearing ugly blue tights.
Personally, I set up one account for my own personal use, one for the various "hats" that I have to wear (such as, "bookkeeper"), and one for each customer project. With a different desktop background for each when I'm using a GUI. Now, the files, the "preferences," and all of the peculiarities of each environment are neatly separated, and "just as I left them." None of them are "administrators."
I can now be confident that anything I do for one client will not accidentally interfere with anyone else. (I also maintain per-client copies of contributed software libraries for languages: Perl, PHP, Ruby, and so-forth. Each one in their "home." The per-user "bash login script" sets everything up correctly for that user.) You simply unlock and walk into each "private office" during the course of the day, closing the door behind you.
Also: the identity of the "administrator user" is nothing that you could guess, and direct login by "root" is prohibited.
Last edited by sundialsvcs; 12-17-2023 at 11:25 AM.
I agree that "sudoers" should not be automatically modified – and usually, it doesn't have to. If you are a member of the ("big ...")wheel group
Is wheel now being used in some Linux distros ? IIRC, Linux on purpose disabled wheel due to comments made by RMS, but I lost the link. The comment was something like "group wheel needlessly restricts the user and adds nothing to security".
I know the BSDs require it, and I think it is a good thing, but Linux would rather do things in a simpler manner.
Slackware has the wheel settings commented out in /etc/sudoers. Ages ago, I tried enabling wheel and I discovered some other setting was also needed. I have sense forgot what that was. Now I just stick with the defaults
Basically, the idea of using "sudo" for a "superuser" was not a thing until Ubuntu stupidly decided to do it.
Quintessentially, "sudo" is an awesome tool for sysadmins to provide LIMITED elevated access to specific users/groups. The idea was to provide operators and other users with restricted extra privileges necessary for them to do their jobs, but without providing full root access along the way. You could restrict a sudoer to just a specific command with elevated privileges, for example.
But it was also possible to use sudo to give a normal user root access. Was this ever a GOOD idea? No.
But whatever, Ubuntu decided it had to be the way to do things, and they'd never admit they were wrong. The rest of us lamented how this would cause massive amounts of confusion for no benefit, but ... sigh ... well, here we are. Yet another confused user.
This could have all been avoided if Ubuntu had simply gone with what their upstream (Debian) had already been doing fine for years already. (Debian did things the way everyone else in the *nix world did, and this was good because it reduced confusion.)
But it was also possible to use sudo to give a normal user root access. Was this ever a GOOD idea? No.
I've read this entire thread, and nobody has yet to suggest a reason why it isn't a good idea. It allows you to keep the root account disabled. So it's more secure. Tell me why it isn't? The only response the last time I said this was that people might be able to figure out your username by looking at forum posts, which is indeed true, but is still better than having a root account that doesn't even need sudo to break things. I would love to understand why it is not a good idea, if it truly isn't.
I did already mentioned that I personally think the debian installer words that step where you can create a root password confusingly, and implies it's a good idea to create a root password, but that's the only confusing thing I know about it, cuz seems to me it's much better not to, and then it automatically sets up sudoers for the user you create in the installer. (It will not do it for any normal users you create after that).
I've also seen previous advice saying NEVER use su to get root shell, always use `sudo -i` etc, but can't remember the reasoning behind that.
I've read this entire thread, and nobody has yet to suggest a reason why it isn't a good idea. It allows you to keep the root account disabled. So it's more secure. Tell me why it isn't?
The root account isn't actually disabled. You can simply run "sudo su -" and voila! You're running as root. So there is no benefit. Furthermore, you can do so from an account that is logged into the machine all the time. So it is, in practical terms, less secure. The root account will typically only be logged in when there's actual root stuff to be done.
But the biggest problem is what I already said - it causes confusion. Before Ubuntu decided to do this (for no good reason at all!) all *nix documentation out there was consistent. You need to do root stuff? Log in as root and do it. No need to even install "sudo" if you don't need its restricted delegation features.
Now, so many years later? Users are confused by the documentation, and confused about sudo usage, and confused about what the purpose of sudo even is.
Sudo is NOT a package that even needs to be installed for a typical desktop computer, much less learned by a typical user!
If it's your own computer, then just use 'su' to switch to root when you have to do some administrative task. Or log in as root... But only stay logged in as root for the minimum amount of time required to perform the task that needs to be done.
sudo is for large multi-user systems where it isn't practical (or secure) to give admins the root password.
Try to keep in mind that Linux was created for the general case, not a single use.
For a single user mobile desktop system unrestrained sudo usage is not terrible, just not smart. It allows the user to do things carelessly or from ignorance that might require reloading or replacing that device, which is relatively cheap. For the enterprise case where there may be company or client data on that laptop the same usage could be catastrophic. On a server with 200-1200 users it could be considered criminal mismanagement.
Overusing sudo should be avoided. Use it only when needed, no more, and be very careful.
The root account isn't actually disabled. You can simply run "sudo su -" and voila! You're running as root. So there is no benefit. Furthermore, you can do so from an account that is logged into the machine all the time. So it is, in practical terms, less secure. The root account will typically only be logged in when there's actual root stuff to be done.
But the biggest problem is what I already said - it causes confusion. Before Ubuntu decided to do this (for no good reason at all!) all *nix documentation out there was consistent. You need to do root stuff? Log in as root and do it. No need to even install "sudo" if you don't need its restricted delegation features.
Now, so many years later? Users are confused by the documentation, and confused about sudo usage, and confused about what the purpose of sudo even is.
Sudo is NOT a package that even needs to be installed for a typical desktop computer, much less learned by a typical user!
Without a password, the root account is disabled in the sense that one cannot login as root. So that's the added security, no matter what, regardless of other settings, nobody can login as root. That is a security advantage, right, compared to having root account configured with password...
So, if I understand correctly, you're saying the biggest problem is because it confuses people reading old docs? Even tho you can still follow those old docs, right? su hasn't gone away.... just new docs say don't use it cuz there's a better way. But if you follow some old tutorial that suggests using su, it will still work. So this is not a valid reason.
For a single user mobile desktop system unrestrained sudo usage is not terrible, just not smart. It allows the user to do things carelessly or from ignorance that might require reloading or replacing that device, which is relatively cheap.
How so? How is using sudo more prone to mistakes than su? Sudo is less error prone cuz it only effects the one command... people using su actually switch to the root user until they remember to exit... one cannot use su for a single command easily...
Without a password, the root account is disabled in the sense that one cannot login as root. So that's the added security, no matter what, regardless of other settings, nobody can login as root.
The user who can sudo as root can login as root. It is SUPER EASY to log in as root.
Quote:
So, if I understand correctly, you're saying the biggest problem is because it confuses people reading old docs? Even tho you can still follow those old docs, right?
It's not just old docs that use the normal *nix way. Current docs also do this.
But new users troubleshooting are confused and don't understand why the commands don't work. It hurts Linux and it hurts *nix as a whole, because it adds to the general impression the Linux is hard.
Quote:
su hasn't gone away.... just new docs say don't use it cuz there's a better way.
It's not a better way. It's a worse way, and this is one reason why current documentation is still split.
Ubuntu made a bad decision two decades ago, and we're still living with the bad - and COMPLETELY PREDICTED - consequences of that bad decision.
How so? How is using sudo more prone to mistakes than su? Sudo is less error prone cuz it only effects the one command... people using su actually switch to the root user until they remember to exit... one cannot use su for a single command easily...
Actual administrative tasks rarely involve just a single command. Even something as simple as "apt-get update; apt-get upgrade" is two commands. It's better to just get in the habit of su - to root, so you do everything as root and then get out, rather than have a confusing mixed terminal state where some commands are being run as a normal user and some are being run as root.
OPTIONS
-c, --command=command
Pass command to the shell with the -c option.
... Looks pretty easy to me.
Echoing the sentiments above, disabling the root account and using sudo instead doesn't increase security in the slightest. You're delusional if you truly believe it.
Echoing the sentiments above, disabling the root account and using sudo instead doesn't increase security in the slightest. You're delusional if you truly believe it.
Does it not prevent people from ever being able to login to an account that has ability to do admin commands without sudo? If someone logs in as root, they don't even have to type sudo to do dangerous stuff! Just having that account is risky, no? Others have mentioned othe rways to avoid that problem, i.e. disabling remote login as root. So there's more than one way to do it. But the easiest way is keep root account disabled, no? Tell me why I'm wrong or delusional? Stop just saying it, tell me WHY!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.