[SOLVED] [Poll] Should 'sudo" be shifted from maninline to /extra or to Slackbuilds.org
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
View Poll Results: Should Slackware remove "sudo" package?
As much as anything it about having options. If people have configured and used sudo for this purpose for years why should they change? Is there anything inherently wrong with using sudo for shutdown/reboot?
Are you suggesting they should have to use hald, consolekit, etc. and that the old ways are not good enough?
If you of all people are suggesting this, then I am genuinely surprised.
You didn't understand what I meant. Users have access to the reboot and shutdown sequence of init through consolekit, hald, and wheel. That doesn't go to say that one should have to use sudo to reboot or shutdown the system, or even those toolkits, and that if you use effective permissions as well as proper group and user permission assignments, and such, sudo is often unnecessary.
To me sudo reflects the unnecessary burying and limiting of root permissions on users which is done on my mainstream distributions, and all the incoherent blather you get from people at Ubuntu and such who preach sudo like a damned-be-all religion, and that logging in as root or using a root shell is inherently evil, stupid, wrong, or misguided in practice and implementation.
To me, yes, hald, consolekit, and wheel represent other ways, but at least they are effective, minimal, and don't get preached out like a damned religion, and work by design and default the same as permissions handling and using effective permissions and usergroups, even if those toolkits weren't available.
If an account needs permissions for a certain service, I give it that permission level.
I understand sudo is needed as a security precaution, but to be honest, if you properly set permissions assign users and groups correctly, and configure your system properly, sudo isn't even needed.
Assigning permissions assumes there is a daemon service running for what you are trying to do, and that it is full-featured enough to respect group ownership. I will give you an example to illustrate your nearsightedness on the issue. It is specific to me, yes, but I'm sure others could have their own needs.
I keep track of all the internet-facing bandwidth my computer uses with some iptables magic. Bandwidth caps are the devil's work and I like knowing exactly what is being used. In order to output that information (the current bandwidth used for this session, which gets added to logged information) I need to be able to run iptables. I do not want my user running iptables. That would be stupid. So instead a script in a non-user-writable location runs `iptables -L` etc., calculates the total, and responds with a number. Without sudo, I would have to su to root every time I wanted this information and it would be terminal-bound (unless I did some cron workaround to write the data to a user-accessible file but that is just ridiculous). With sudo, I can run the script, which is in no way harmful or dangerous, without needing a password, without needing a root terminal open, and I can use that information elsewhere (for example, in a status bar, where it currently lives). I have no idea how I would be able to do this without sudo other than making iptables setuid (which, again, is crazy), or installing some third-party bandwidth monitoring system with a daemon service. It isn't a matter of properly assigning permissions or assigning users and groups...no matter what I do, my user will still not be able to get that information. It needs privilege elevation. And sudo facilitates that without compromising the security of the system.
For system administration I use 'su -' because I am the system administrator. But for other commonly used tasks it is easier to use sudo (plus you don't have a root terminal sitting open so there's no chance for making mistakes, but that's a personal choice).
While I find that plain old UNIX permissions are good enough for many things, sudo adds a lot of flexibility (at the price of a little thought). I use both su and sudo.
PS: When I think of sudo, I think of OpenBSD, not Ubuntu or Red Hat. On OpenBSD, it comes with the base system in the same way as Slackware's - available, but disabled until configured. I think this is best.
Yes, sudo disabled by default is preferred, but then again, I never use it except during the build phase of BLFS and multi-package situations that call for using as_root, but other than that I find sudo more or less useless.
I mostly use it for package management, mounting drives, that sort of thing. I find it keeps me from long, boring nights of reinstalling systems over drives that had recently been victim to dd.
I will admit its usefulness is mostly limited to multi-user machines, though that may be by design.
Leave it where it is, as it is. Part of the full install, and disabled by default. Both for the sake of those who need it and know how to use it, and for those who abuse it.
A great idea, but not radical enough. I for one am a bit tired of having text editors shoved down my throat by Canonical and Redhat-I vote that they are all moved to /extra as coreutils is all an admin should need. Whilst we're at it, how about compiling kernel-generic without support for iptables; it's syntax is hardly in keeping with the Unix philosophy and anyone who doesn't want to get owned the moment their server is up should man up and compile their own kernel. In fact, the whole networking stack should be in /extra-it's been the source of our woes for years and what's wrong with posting floppies to each other anyway?
Last edited by Phorize; 07-14-2014 at 08:56 AM.
Reason: Previous post too rational
A great idea, but not radical enough. I for one am a bit tired of having text editors shoved down my throat by Canonical and Redhat-I vote that they are all moved to /extra as coreutils is all an admin should need.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.