Added a new user to the sudoers file but I can't use "installpkg" with that account
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If I am the only user on my machine I happily alternate between sudo and su (I trust myself). A multi-user machine may be a different scenario as I may not want a certain user to have the root password. Sudo allows me to decide what a particular user is able to do on the machine.
Each to his/her own.
When I see post like this I wonder why folks just don't 'su - root'.
Quote:
Originally Posted by bassmadrigal
Well, because su - requires the root password.
Well of course, want to switch user to root you will need that password.
Quote:
You can set up sudo to not require a password or allow a user to have root access for some programs but not for everything.
Well of course, I know this and I do this for my backup user.
Quote:
I have my sudo set up so my user can run any program and without requiring my user's password. Is this more insecure? Yes. Am I aware of that and still do it? Also yes. Is this much faster for me when needing to do root things? Another yes.
Well, it's your system. I use sudo for selected root task. I do NOT allow users to have blanket root access via sudo. I don't want other users to run for example installpkg. It is a bit of an inconvenience? Not at all.
Quote:
Am I a stray from the *buntus that got used to using sudo before switching to Slackware? Nope! I started with Red Hat 20ish years ago and then switched to Slackware. Never used the *buntus for any serious amount of time.
I find this amusing, why even mention this.
Quote:
I just configure my system the way I like it.
As do I. I happen to like the Slackware default behavior of sudo as it is specifically regarding the path.
Quote:
I also sometimes do sudo su - when I need to do more than a few commands as root. *gasp*
That trick will not work on my system unless you are in the wheel group. I quite often login a root directly (oh the horror) from the CLI.
Quote:
(Also, you don't need to specify root when running su. It defaults to the root account unless you specify a different user.)
I guess my "question" left you with the impression I don't know this. BTW, using 'su' will not provide an environment similar to what the user would expect had the user logged in directly. One must specifically use -, -l, -login to get that.
Quote:
When I see post like this I wonder why folks just don't let others use their machines as they want to?
Where in my post did I tell others not to use there machines as they want to??? Maybe is what because I left off the question mark, I will go back and fix that. I asked a simple question that came to mind on reading the first few post. The OP would NOT have have encountered this problem running installpkg as root either directly or using 'su -'.
At any rate you answered my question. Thanks for that... I think.
Last edited by chrisretusn; 05-31-2021 at 04:24 AM.
Reason: Minor spelling, wording changes.
Well of course, want to switch user to root you will need that password.
You asked why and I provided an answer. You can configure sudo to not require anything extra, which makes it faster. That's why I use it. It's much faster to type sudo pkgtool instead of su - *type root password* pkgtool. Some may configure sudo to require their user password, which may not be as fast (depending on complexity of each password), and they may be using sudo for different reasons than I use sudo.
Quote:
Originally Posted by chrisretusn
Well, it's your system. I use sudo for selected root task. I do NOT allow users to have blanket root access via sudo. I don't want other users to run for example installpkg. It is a bit of an inconvenience? Not at all.
I am the only user on my system that is configured with sudo. I am in a house with me and my wife and my wife doesn't care about using my computer. Why not give myself access to run root commands without needing to type the root password (or any password for that matter) other than security reasons? If I were on a workstation or I had people at my house that I am worried might do things I don't want them to do, I'd configure my system's security differently, which would likely include changing my usage of sudo. That isn't the case right now, so simplicity rules.
Quote:
Originally Posted by chrisretusn
I find this amusing, why even mention this.
Because sudo usage is a common thing that users from *buntus want to get set up since they're used to it. A lot of people who complain about sudo usage think it's an Ubuntu invention and hate it since Ubuntus removed the ability to log into root accounts by default. I started using sudo before I even knew what Ubuntu was and wanted to let you know that my desire to use it has nothing to do with the *buntus.
Quote:
Originally Posted by chrisretusn
As do I. I happen to like the Slackware default behavior of sudo as it is specifically regarding the path.
And there's nothing wrong with that. I appreciate the sane defaults selected by Pat. However, I change a lot of the defaults with Slackware.
Personally, I don't change the line I provided OP, because I modify my user's PATH to include all the locations root has access to. Problem solved there
Quote:
Originally Posted by chrisretusn
That trick will not work on my system unless you are in the wheel group. I quite often login a root directly (oh the horror) from the CLI.
Congrats. You have your system configured to your liking. I have my configured to my liking. I don't care that your preference is different than mine.
Quote:
Originally Posted by chrisretusn
I guess my "question" left you with the impression I don't know this. BTW, using 'su' will not provide an environment similar to what the user would expect had the user logged in directly. One must specifically use -, -l, -login to get that.
You specifically added root into your command, so I wanted to ensure you (and others reading) were aware it wasn't need. I didn't know that you knew otherwise and had no way to know that from your post. You are obviously aware that I understand the difference between a login shell and non-login (since I specifically stated I use sudo su -), so I'll just say that I appreciate your caricature.
[QUOTE=chrisretusn;6255293]Where in my post did I tell others not to use there machines as they want to??? Maybe is what because I left off the question mark, I will go back and fix that. I asked a simple question that came to mind on reading the first few post.
You questioned their usage even if you remove the question mark from your "question". There was no point to that. I decided to take your same question and reword a bit of it as a humorous thing to show that it's unneeded to question how someone uses their system. Apparently it was taken as an attack, which was not intended whatsoever.
Quote:
Originally Posted by chrisretusn
The OP would NOT have have encountered this problem running installpkg as root either directly or using 'su -'.
Very true, but OP was not asking how to use su, so why even bring it up? Someone might not run into an issue with slackpkg if they just use installpkg, but that wasn't the point of the topic.
chris.willing put it much more succinctly than I did (but I have a hard time turning off verbose mode).
Why not give myself access to run root commands without needing to type the root password (or any password for that matter) other than security reasons?
Doing so, you're making root access trivially available to not just you, but any program or script that runs under your user. If you're ok with that risk, then so be it: you're basically going back to the old MS Windows model where every user was an administrator.
Doing so, you're making root access trivially available to not just you, but any program or script that runs under your user. If you're ok with that risk, then so be it: you're basically going back to the old MS Windows model where every user was an administrator.
Yes. I have run sudo without a password in the past, but, I now have my systems requiring a password for sudo. Privilege escalation isn't something I want.
Doing so, you're making root access trivially available to not just you, but any program or script that runs under your user. If you're ok with that risk, then so be it: you're basically going back to the old MS Windows model where every user was an administrator.
I'm not ok with that, but each to their own.
Yes, I am aware of the security issues with it. A program or script would need to directly call sudo during execution. I'm not in the habit of running random scripts that I haven't at least looked over and it's unlikely (although possible, and I accept the risk) that the programs I use will use sudo without me being aware of it.
I have security software installed on my home router that blocks malware and phishing attempts from infected websites. I don't want to make it easy for bad actors to own my systems.
I suggest that the OP of this thread may wish to consider adopting sound security practices and use a password for sudo.
Okay. I prefer to remove attack points from my system to make it a bit more secure. Each to his/her own.
I understand many people's desire to keep their system more secure. I try and find a balance between security and usability that I'm comfortable with. Other people's comfort levels will lead to more secure systems and others will lead to less secure systems. My balance is also different when on my work computer vs my home desktop vs my laptop.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.