Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The sudo command was originally not created to be a proxy for root (despite the *buntus and their creepy sudo fetish). Rather, it was developed to give selected and limited privileges to select users who needed them to perform their duties.
Some examples:
Web administrators who might need to restart apache but have no need to, update a system or add or remove users.
Someone in a personnel department who needs to add new users, but is not authorized to install and remove software.
IT personel who might need to login under other users' credentials to troubleshoot a problem, but don't need root privileges.
Agree with post 3. Using sudo to give additional users the ability to run a specific command or a limited number of commands is useful. The Ubuntu site at the link below lists the advantages/disadvantages of using sudo. Look at the first few advantages which are pretty minor. Most of them are just for the user to put in less effort.
And here's a comment from the anti-sudo brigade! PCLinuxOS
Personally, I suspect that it doesn't matter that much on a home computer and I've also taken the view that it's best to let distros work as their developers want them to.
Also, using su as a general admin means any hacker would have to guess your user+passwd just to get in, then guess again for root passwd.
OFC you don't have remote access to root - right ! ?
Since topic keeps coming up, I keep having to recommend Michael W Lucas' book, sudo Mastery, to learn the real capabilities of sudo as a tool for providing granular access. You local or regional technical college should have it on the shelf, if not they can order it for you. Either way, you can hunt down the video of his talk, "sudo: You're Doing It Wrong", to get a rather quick overview.
I thought you were joking, but Bobby Borisov over at Linuxiac has an article about systemd's run0, albeit one oozing with sarcasm.
Poettering starts stuff but he and his team appear to never delve deeply enough into any given task to master it. The result is a messy trail with a wake of half-baked, poorly though out, partially implemented 'replacements' littering the distro scene. Sadly those 'replacements' get pounded down our throats through internal politics in Debian and Fedora, the two stems from which the tree of distros grow.
There is already a solid replacement for sudo called doas. It developed in OpenBSD, but has been ported to many distros.
But we haven't heard back from the OP who last posted in this thread some weeks ago. CodeGourmet, what questions remain about sudo after having read post #3 and the other posts?
Sudo stands for "superuser do". In the world of Linux and related operating systems, it's a command that lets you run programs with the privileges of another user, typically the administrator account known as "root".
Quote:
As a beginner any tips on using sudo to get to grips with the command e.g. for improved security?
Depends on your environment, if it's a company setting give sudo access to what the user needs.
Of course, it's better to ask the user like the following questions, before granting the access.
- Why you need the sudo access?
- What is the command that you required?
- How often do you use or access the command?
Then if the user cannot justify, then you decide whether to give them sudo access or not.
yes, it is a good overview: "sudo: You're Doing It Wrong"
Anyway, I don't think run0 is a really good replacement, it raises more questions than it answers. And I believe run0 will me misused even more (if sudo will be replaced).
I thought you were joking, but Bobby Borisov over at Linuxiac has an article about systemd's run0, albeit one oozing with sarcasm.
But that's just polkit with knobs on. In polkit, you already have a daemon which performs privileged actions for you after an agent has authenticated you. And I've noticed that polkit config files use the same Windows-like syntax as systemd files. All these things come out of the same stable.
I rather disagree with John VV, it can be a useful tool for a single user system.
It depends upon your system, the distribution, and how you have it configured.
For the first 10 years of my IT career SUDO did not exist, and I did not run into it until 2002.
Doing needless damage and generating complaints because of misuse of ROOT account caused some developers to restrict the root account so that you needed SUDO to complete procedures that required SU access. I am not sure that was wise, but I can see the logic. Alas, they replaced ROOT account misuse with SUDO misuse!
Always consider carefully what you want to do that requires root authority, and how to provide the MINIMUM elevated access to accomplish the desired result.
I rather disagree with John VV, it can be a useful tool for a single user system.
It depends upon your system, the distribution, and how you have it configured.
For the first 10 years of my IT career SUDO did not exist, and I did not run into it until 2002.
Doing needless damage and generating complaints because of misuse of ROOT account caused some developers to restrict the root account so that you needed SUDO to complete procedures that required SU access. I am not sure that was wise, but I can see the logic. Alas, they replaced ROOT account misuse with SUDO misuse!
Always consider carefully what you want to do that requires root authority, and how to provide the MINIMUM elevated access to accomplish the desired result.
I developed a sudo like tool (at about 1997/98), it had a nice additional feature, a time limit. It was used to run something as another user, not as root.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.