sudo is junk in ubuntu. thinking about adding a root user.
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Gentoo Hardened using OpenRC not Systemd
Posts: 1,495
Rep:
sudo is junk in ubuntu. thinking about adding a root user.
Without using any of these commands or ones similar to it, 'sudo -s`, `sudo -i`, `sudo -K`, 'sudo su', and `sudo chown $USER /etc/apt/sources.list`, how can I get this to work? I also do not want to use a text editor or do this by some other way. I wan't to figure out why this is not working.
I'd suggest it's not working because you need to be root to do that.
I'd suggest that there's no root account on ubuntu as a security feature; since all linux boxes have "root" as an account it could be possible to brute force hacking in by accessing the root account with every possible combination of passwords. That's why ubuntu has no root account.
And that's why you need sudo <command> a lot of the time, it prompts you to think before potentally destroying some vital part of your system.
Which leaves you either using sudo, or using a text editor with root access level.
Distribution: Gentoo Hardened using OpenRC not Systemd
Posts: 1,495
Original Poster
Rep:
Quote:
Originally Posted by Emerson
So what are those permissions?
ls -l /etc/apt/sources.list
the permissions shouldnt matter. root user can do anything he or she wants. im trying to figure out why this command is not working, so changing the permissions wouldn't tell me that.
I'd suggest it's not working because you need to be root to do that.
I'd suggest that there's no root account on ubuntu as a security feature; since all linux boxes have "root" as an account it could be possible to brute force hacking in by accessing the root account with every possible combination of passwords. That's why ubuntu has no root account.
And that's why you need sudo <command> a lot of the time, it prompts you to think before potentally destroying some vital part of your system.
Which leaves you either using sudo, or using a text editor with root access level.
Ubuntu DOES have a root account--it is disabled by default.
Easy to fix:
sudo passwd root
enter your normal password
enter the new root password at the prompt
The lack of a root user in the default Ubuntu setup is hardly a "feature"--IMHO, it is one of the few flaws in Ubuntu.
If you are setting up someone on Ubuntu who cannot be trusted not to screw things up, then having sudo privileges will not give any protection. Give them an account iwth limited powers.
I'd suggest that there's no root account on ubuntu as a security feature; since all linux boxes have "root" as an account it could be possible to brute force hacking in by accessing the root account with every possible combination of passwords. That's why ubuntu has no root account.
Which is a complete non-feature, because the exact same brute force attack could be used to figure out the sudo-capable user's account. Which gives him root access.
Quote:
And that's why you need sudo <command> a lot of the time, it prompts you to think before potentally destroying some vital part of your system.
If you want to use sudo because it psychologically helps you do things safely, then you can feel free to do so by installing/configuring sudo on your system. That's no reason to have the root account disabled by default.
If I try every combination of aaaaa to zzzzz as passwords, for example, for the user "root" I need to try 11 million times.
If there's no "root" account enabled, then I must try every combination of usernames aaaaa to zzzzz with password aaaaa to zzzzz, which is 11 million times 11 million times, which is rather a lot and probably beyond the patience of all but the most determined.
You're making the assumption that the hacker doesn't already know the username, despite it probably appearing on the login screen, e-mails, and other publicly accessable things.
A user name, unlike a password, is going to be something easy to guess. Unlike passwords, user names are NOT supposed to be something with randomish alphanumerics+symbols. User names are NOT hidden within the file system. User names are NOT considered secure. The entire universe of *nix software has been written with the assumption that passwords are supposed to be secret and usernames are NOT.
Besides, any sort remote login of the root user shouldn't be enabled, whereas disabling remote login of the main normal user is unlikely if remote login is used at all.
If I try every combination of aaaaa to zzzzz as passwords, for example, for the user "root" I need to try 11 million times.
If there's no "root" account enabled, then I must try every combination of usernames aaaaa to zzzzz with password aaaaa to zzzzz, which is 11 million times 11 million times, which is rather a lot and probably beyond the patience of all but the most determined.
So, I'd count this as a very good "non-feature"
Do the same thing by having longer passwords......
The Ubuntu authors did not disable root to enhance security--they did it to protect the user from doing something dumb---and maybe make the system "simpler".
Old saying: "Make it idiot-proof, and I will find you an idiot who can screw it up." IMHO, if you follow standards, you have a more user-friendly and idiot-tolerant interface.
Without using any of these commands or ones similar to it, 'sudo -s`, `sudo -i`, `sudo -K`, 'sudo su', and `sudo chown $USER /etc/apt/sources.list`, how can I get this to work? I also do not want to use a text editor or do this by some other way. I wan't to figure out why this is not working.
I think the problem might be that it tries to redirect the output of sudo to /etc/apm/sources.list instead of the output of the command echo. Now since you run sudo as a regular user (i.e. start it as a regular user), it doesn't have permissions to write to that file. Echo command on the other hand does because it's started as root.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.