[SOLVED] Why does "sudo" ask you for the same password again?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i dont remember but i think fedora asks for the root passwd on a sudo.
now that i am playing with xbmc (debian based), when i do a sudo it asks for the user's passwd. it took me an hour to figure out what was wrong with the root passwd.
either way i just add myself to visudo.
I can't speak for earlier versions but I know fedora 12 uses the user password on sudo
yes, and it is a REALLY REALLY BAD THING TO DO AND YOU WILL GO TO HELL and all that.
running su inside of sudo ruins the security model of both bits of code, there is much less audit trail and security. People doing this is so annoying becuase there's even a way to do exactly this properly in most sudo versions, using the -i option to give you a root shell.
IF you have to do something like that, then run "sudo -i" not "sudo su". and "sudo su root" is just a waste of 5 characters as root is assumed. Also not adding a - or a -l to the su part means you don't inherit the root user environment properly, paths are not modified etc, which is also a bad place to be.
Ha! So there is a distro that does the logical thing. I had to add a user to the "admin" group and that made that user and their password the de facto root account.
No, that is NOT logical based on the whole bloody point of sudo. If you're running a production server, then the root password should not be known or used to any extent, in order to provide security audit and such. sudoers files are instead securely managed to say that users of a certain group are allowed to do certain things as if they were root. The root password can be obscure and held in a vault somewhere under lock and key should direct root access be required. Otherwise an admin needs to log in with a human user account and have a good level of transparency over who did what.
It's not wrong, it's just a different security model than the one you want it to be. This does not make you right, and a million professional unix administrators wrong.
i dont remember but i think fedora asks for the root passwd on a sudo.
now that i am playing with xbmc (debian based), when i do a sudo it asks for the user's passwd. it took me an hour to figure out what was wrong with the root passwd.
either way i just add myself to visudo.
This should be configurable by adding options like add making a rootpw option and setting it to no... but I am not certain on how fedora handles it, I'll have a play around later when I get a fedora VM up and running to test it out.
Hmm. "sudo su root" drops you into a root shell complete with the number sign prompt. When I got ubuntu I was told that you couldn't get a root prompt but I tried the "sudo su" combination and got one.
Ubuntu can be tricked in many ways to make a root shell, really it's done well enough so most newbies (as in new linux users as opposed to n00b l33ters) can not go around as root and destory everything but those that have enough knowledge to do it, still can. My favorite is sudo /bin/dash.
Personally I prefer the escalation method of having a normal user account to a super user account as opposed to direct super user logins.
Still, in the sudo model dumped on me at work, our DBA's all have access to vi via sudo (and mv, cp, ifconfig, kill, init and rm), try making any sense of that...
This is only for Ubuntu, I generally don't like dealing with ubuntu too much, I deal more with servers and most of my work is usually emergency maintainance after someone has killed their own server thus root shells make things alot quicker, faster and more effecient then you know, creating new $PATH entries, retyping sudo, and searching for everything =P. However I don't like it when SSH is open to root, that's just asking for trouble in my opinion.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.