Great suggestions for proper configuration of 'sudo'---thanks!

The "forbidden" command (sudo passwd root) can be found by googling "ubuntu root password" (it's the #1 search result) or by reading the Sticky thread at UbuntuForums:

https://help.ubuntu.com/community/RootSudo

How often do you need root privileges? If it's rarely, or if it's often but just for specific tasks, then I would enable the root account, tuck the password away somewhere safe, and restrict your sudo access to just those few commands you need commonly. If you're regularly performing activities that require full root access to a wide variety of commands, then it probably wouldn't make much difference either way.

As the primary developer of a scientific sensor used for research/education, a few years ago I visited a university to help them with the installation and setup of a new lab for the students. The computers were all Linux machines due to the toolchains required for the sensors they would be using, and the IT guy at the university decided to use Ubuntu for his own reasons. Since this was a university lab, all machines were set up the same way, with a common lab user with a known password for all of the students to use. Naturally, this was the first user set up on the machines, which means it was permitted full sudo access, and being a lab, the user name and password for the account was written on the white board at the back of the room.

ANYBODY could walk into this lab and wipe out the entire network of machines within a minute, or install malware, or do anything they felt like doing. This is the kind of environment that Ubuntu's "security policy" results in. Lazy or ignorant admins inadvertently giving everybody in the world full root control of their machines. I mentioned this to the IT guy there, but he didn't seem interested, and it wasn't my place to "drive the point home", so that's how it was left. They'll probably be re-installing the OS on those machines a couple of times a year due to corruption, be it accidental or malicious, by the students or anybody else who happens to walk by the room when it's unlocked. This is the same thing that happens with Windows. Set up an account, let it do anything, let anybody use it, viruses ensue. The same admin would have to go out of his way to make a more "traditional" Linux system this insecure, but that's just "the way it is" on Ubuntu right out the box.

I guess that's really what it boils down to. On a traditional Linux system you have to go out of your way to compromise its security. On Ubuntu you have to go out of your way to make it secure. The starting point, and where most users leave the system permanently, is the difference.

I have to agree that the sudo setup on Ubuntu seems a little ill thought out. On servers fine-grained sudo makes sense but Ubuntu doesn't do that. On PCs where there's a single user then root makes sense as there is only one person anyhow.

As an aside -- I bought a Raspberry Pi recently and I am totally appalled at the sudo set-up on it. I may start a new topic as it really has me gobsmacked.

I also thought about distribution upgrades, upgrades almost always fail ... apt was not really designed for that. Ubuntu has coders, I don't see why they can't design an upgrade program that will actually work.

Meh, opensuse's upgrade process doesn't work either, same with rhel/centos, fedora, and all other distros I've tried.

Gee whiz. As usual. Out here in the other end of the planet. I did not get the memo.

http://www.imagebam.com/image/d8ca39333119778

Yes it was, and it works exactly the way intended. If it doesn't work in Ubuntu, it's because of poor package design, or lack of testing, (maybe both), by designers.

When I used to hang out at UbuntuForums, 9 out of 10 failed release-upgrades were reported by users who had added unofficial repos (such as various PPA's) to their software sources. (I also saw a lot of garbage sources.list files, for example users who follow random online tutorials for the wrong release, such as mixing "precise" repos with their "trusty" system, or even heaven forbid mixing Ubuntu and Debian repos, yes I have seen this!!) Users who had installed only Canonical-tested software from the main repos generally had a smoother upgrade path. (This was a couple of years back, so I can't testify as to the current situation.)

That said, I am a big fan of the "test first in Live mode, then if the new release pleases you, do a backup and fresh reinstall" technique; it just feels cleaner and more likely to result in a stable system.