I think Max OSX offered the sudo approach to do some system tasks since the first release near 1999-2000

Seems like someone uses the same password for root and user account.

Nope.

If you don't like it don't install it. I don't need it or like it, so I don't install it. I'm sure some people have a use for it, so I don't see a strong reason to kill it.

Thanks for all the comments.

I worded this query the way I did for a reason. I was looking for some insight on Slackware user preferences and there is not better way to get people to respond than a little "bias" (trust me, politics and religion use the same trick). True, I can strip out the "useless" software on my systems, and configure Slackware any way I see fit. Its why I've stuck with Slackware for nearly 20 years (well...except for a brief flirtation with SLAMD64). Slackware includes more software tools than I have yet had a chance to play with.

Lets me clear: I am not a system admin or work in MIS/IT. I'm a chemist that uses computers as a handy tool, and sometimes a plaything. I have done so for nearly 30+ years.

I do not thinks it's a "bollocks" question. How many Linux distro installs, Slackware as well, are in multiuser Server environments? I agree that in such a case, something like sudo would be helpful. However, the world is also composed of numerous singe user system. We have half a dozen boxes here with on a "user" and "root". One system is set up as a "true server" with several users. Perhaps its a poll for another day to determine is Slackare is used more as a Server vs. a Desktop.

I appreciate that Slackware addresses both use cases and hope that will continue.

1 members found this post helpful.

You don't need a server for sudo to be useful. Several people already stated they used it for mounting removable media without a password (not everyone uses a full desktop environment with built in automount). udisks potentially solves this problem as well but not all would be familiar with it and anyway, it is nice to have options.

Of the top of my head sudo could also be used for shutdown or reboot without password.

1 members found this post helpful.

I think the poll question is pretty misguided. Sudo in the configuration Slackware ships it is certainly not a security risk. Its also not large package, anyone who does not want it can not install it or remove it; it presents no capacity problem on the install media and isn't a burden on the mirrors. What it is [is] a highly useful tool in certain environments and situations. So there are NO good reasons to remove it and doubtless many who can come forward with use cases for it.

A little off the original topic but the configuration Ubuntu and others use I think ( and I am security professional ) pretty stupid. If you are going to have a wide open sudo policy like that for the most part you might as well just give out the root password to those who need it, and use su

That said there it does provide *some* accountability. su Logs when its called but once you drop to that root shell we don't know who is doing what after that. Its a rather common thing in large shops with many admins for admins to be highly discouraged from dropping to a root shell and instead running just about every privileged command they want on production box via sudo; that way everything gets logged, and its clear exactly who did it. Usually these organizations will have a separate security team that does review said logs and when the see something matching 'sudo\s su\s.*' will require someone to at least explain themselves.

1 members found this post helpful.

I use it on both server and desktop (single and multi-user), for mounts and shutdowns, some network config options and allow some users necessary ability to start/stop selected daemons.

What do you find so unsafe or unnecessary about sudo that would make you think it should be removed, particularly with regard to Slackware?

To be honest, if I need to do root work, I use a terminal with "su", rather than sudo. Sudo often doesn't have all the capabilities an actual root shell does.

If an account needs permissions for a certain service, I give it that permission level.

I understand sudo is needed as a security precaution, but to be honest, if you properly set permissions assign users and groups correctly, and configure your system properly, sudo isn't even needed.

To me, it's a lazy way of giving root permissions for tasks that you should do as root through "su", and often I have had sudo dump it's own permissions while using it requiring multiple password entries to keep a session with it going.

As for the reboot/shutdown issue. Isn't that why we have hald, consolekit, and the %wheel% group.

Use '-i' as discussed previously. This is not to say you should switch to sudo for your use cases. I'm just pointing out that sudo can "have all the capabilities an actual root shell does."

As much as anything it about having options. If people have configured and used sudo for this purpose for years why should they change? Is there anything inherently wrong with using sudo for shutdown/reboot?

Are you suggesting they should have to use hald, consolekit, etc. and that the old ways are not good enough?

If you of all people are suggesting this, then I am genuinely surprised.

1 members found this post helpful.

I just use su on my Slackware systems at home, as I'm the only user. At work, I use sudo because that is the policy, although I have the root passwords and can login as root or su if necessary. I almost never do so, as sudo is perfectly adequate for all routine purposes.

All this discussion about su vs sudo. Am I the only one that keeps one or more terminals logged on as root to do their own superuser activities?

I use su once in a while when I'm deep in a directory structure and need to be root for only a moment. Most of the time I need to be root for most of the tasks so it's easier to just be root for the terminal. I also keep one or more non-root terminals open.

I understand that some environments don't lend themselves to the luxury of multiple terminals and multiple logins. If I operated in a more limited terminal environment I would make use of su/sudo to be more efficient.

I'm all for choice however. Just because I don't use a function (sudo) doesn't mean that others don't find it useful. I see how sudo can be useful in team environments and for end-users. Often I don't use or appreciate a feature until I've matured enough to understand it's value.

@dugan said it best ...
I vote for that option.

(metaphor) I like sharp knives, not dull ones. With a sharp blade the job gets done better with more efficiency and effectiveness. I still have all my fingers and only get an occasional small nick every few years which quickly heals. I haven't cut anyone else. Sometimes I ruin the object I'm cutting but I'm prepared for that when I discard the ruined piece and start again on a new spare object. I'm in favor of proper use and appropriate safety features when using sharp tools.

sudo/su can be considered safety features for root. It can save one from disaster, enable others to accomplish tasks, or it can simply get in the way depending upon how it's implemented and used. Or worse yet it can lull one into a false sense of safety when abused or poorly implemented.

You just have to be careful when using knives, guns, motorcycles, airplanes, power tools, and root. (... girlfriends/boyfriends, spouse, finances ... and almost everything else in life as well.)

Powerful tools require understanding/proficiency and discipline to be used safely. Less powerful tools can be safely used by the less proficient or in different circumstances.

I don't think it has to be a versus discussion at all. There are plenty of people who use both. Different tools for different jobs.

Nope, you are not the only one.