[SOLVED] [Poll] Should 'sudo" be shifted from maninline to /extra or to Slackbuilds.org
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
View Poll Results: Should Slackware remove "sudo" package?
[Poll] Should 'sudo" be shifted from maninline to /extra or to Slackbuilds.org
Simple enough idea. Which Slackers use sudo on a regular basis? Occasionally? Is "sudo" even useful? I think that sudo is a security problem waiting to happen. Am I wrong? With Ubuntu and flavors killing "root" in favor of a wide open sudo configuration, should Slackware be a voice of reason and shun this abomination?
Sudo certainly has its place, and as ReaperX7 points out, because the user does not need root's password is a big reason!
G-r-a-n-u-l-a-r-i-t-y of access/control not otherwise available.
Sudo is a another useful tool which has its place, no need to burn it at the stake!
(No option that I thought applicable between OMG! and Kill it!, so BFF it is!)
sudo has been around for decades. Just because Ubuntu abuses it doesn't mean it isn't an essential tool on nearly any *nix system. It may be OK to only allow root to run certain things on a single-user system where you can just su to root at will, but on a multi-user system you may want to allow users to run *some* commands as root without needing to give them the root password (only one person should ever have the root password to any system!). sudo lets you specify very explicitly which commands a user should run. If you remove sudo, you're stuck either never letting any non-root user do anything with elevated privileges (which is stupid -- even turning the computer off without ACPI requires root privileges, though fancy DMs/DEs use other means), or giving all of your users the root password (which is far stupider). And certainly there is a matter of convenience even on single-user systems -- I have certain commands defined that are in no way dangerous that require root access, and sudo allows me to run them without needing to su to root or provide a password. Additionally, since setuid doesn't work for scripts, sudo is the only way to run scripts with elevated privileges should the need arise.
I don't understand how anyone actually familiar with sudo would think it should be excluded or marginalized...again, just because Ubuntu uses it wrong doesn't mean it can't be used right.
Sudo is hardly my BFF, despite the rather prejudicial wording of the question in the poll, but I see nothing to be gained and much to be lost by removing it from a standard Slackware install. Used properly, it is a valuable tool.
Sure, Ubuntu's skeevy sudo fetish is annoying and a bit creepy, but don't take it out on Slackware.
sudo lets you specify very explicitly which commands a user should run. If you remove sudo, you're stuck either never letting any non-root user do anything with elevated privileges (which is stupid -- even turning the computer off without ACPI requires root privileges, though fancy DMs/DEs use other means), or giving all of your users the root password (which is far stupider).
This really makes it sound like a broken security model at core, and point to needing more than a sudo bandaid. For instance, turning off the computer is an effective DoS against all other users, so it makes absolute sense that it needs roots approval. But on a typical PC there is unlikely to be another user logged in to object. So what you really want to see when an unprivileged user requests a shutdown is a quick check for other active sessions or policies preventing it. If there are none, proceed to shutdown. If there are... well that would be where defining proper behavior gets more difficult.
That said, it's probably stupid to tear off the bandaid until after you have a real fix.
Quote:
I don't understand how anyone actually familiar with sudo would think it should be excluded or marginalized...again, just because Ubuntu uses it wrong doesn't mean it can't be used right.
But because it's a crutch that every Ubuntu user is drilled to rely on, and Ubuntu is most popular hence what new users are most likely to be familiar with, we can expect to see more and more confusion about how to use it in Slack.
P.S. Voting move to extra because I think 90% of the distro should be there anyway.
I'm another that has never used sudo. That said, I'll have to read up on sudo first to see what it actually can do. I don't su to root on any kind of a regular basis, so I don't even know if I could use it.
"sudo" is what allows our systems to pass auditors examinations. Sometimes, because of Unix/Linux architectural decisions, you just need the granularity that it provides. On a server, mounting a device (usb/cd etc) is only possible by root - but often it really has nothing to do with the root user - just an app needing to save/fetch some data. Leave it alone.
With Ubuntu and flavors killing "root" in favor of a wide open sudo configuration, should Slackware be a voice of reason and shun this abomination?
1) How would moving the location of the sudoers file prevent Buntards from configuring Slackware to mimic Buntu's retarded system of sudo abuse?
2) Trying to hide sudo from users would follow the same line of hand-holding reasoning used by Comical, just hiding sudo instead of hiding root. If the desire is to prevent Buntu-style sudo abuse, a better idea is to do what Comical does not; educate new users. As can be seen from several respondents in this thread, Slackware users' level of knowledge appears "slightly" higher than that of sudo-abusing distros. So I doubt they need their hands held.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.