WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: sudo passwd  (Read 10638 times)

Offline mb

  • Jr. Member
  • **
  • Posts: 69
Re: sudo passwd
« Reply #15 on: December 18, 2011, 11:18:52 AM »
these don't seem like massively compelling reasons (eg. many people will get in the habbit of typing 'sudo rm -rf /' instead, imo). Could anyone explain why the application browser can't be run as root?? and is sudo set to not require a password mainly just to encourage users to run as tc, as opposed to root?

Offline gerald_clark

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 4254
Re: sudo passwd
« Reply #16 on: December 18, 2011, 11:29:28 AM »
Core is not a ready to run distro like ubuntu.
It is a tool kit that comes configured to make it as simple as possible to get it installed.
Once you have it installed, you are expected to customize it to fit your needs.
This includes creating users, setting passwords, configuring packages, modifying backup config files,
modifying the bootlocal scripts, and editing sudoers as needed.

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11703
Re: sudo passwd
« Reply #17 on: December 18, 2011, 01:14:20 PM »
Many things in life, when done in moderation are OK, such as alcohol, government, fertilizer,
use of credit, etc, etc, etc..... But when taken to excess, can cause problems, and sudo is no
exception to this rule.
Quote
(eg. many people will get in the habbit of typing 'sudo rm -rf /' instead, imo)
You should not blindly go and put sudo in front of every command, that's like playing Russian roulette
with six bullets in the gun, everybody wins. If you are going to do that, save yourself some trouble
and do the job right, type  sudo su  and you can do everything as root, no warnings and no questions
ask. A more rational approach would be to treat sudo as a last line of defense against doing something
unintended. When a command requires you to use sudo, your response should be to ask yourself
two questions:
1. Why is it requiring the use of sudo?
2. Do I really want to do this?
Once you have answered question one, question two becomes easy. Here is an example that really
gets the point across:
http://forum.tinycorelinux.net/index.php/topic,10148.msg58947.html#msg58947
When you accidentally type  rm -rf /usr /lib/nvidia-current/xorg/xorg  instead of
rm -rf /usr/lib/nvidia-current/xorg/xorg  and you think of using sudo because the system won't let
you do that, you SHOULD ask yourself two questions. Can you guess what they are?


nomer

  • Guest
Re: sudo passwd
« Reply #18 on: December 19, 2011, 09:52:23 PM »
[....]When a command requires you to use sudo, your response should be to ask yourself
two questions:
1. Why is it requiring the use of sudo?
2. Do I really want to do this?

Okay, Now that explanation makes sense.

Quote from: gerald_clark
Core is not a ready to run distro like ubuntu.
That is another good point.

I think that I can be okay with the system now. I suppose if I'm really so concerned I should figure out how to configure sudo to prompt me(and everyone else) for a password.

G'night.

Offline coreplayer2

  • Hero Member
  • *****
  • Posts: 3020
Re: sudo passwd
« Reply #19 on: December 19, 2011, 10:32:50 PM »
Quote
Why is it requiring the use of sudo?
Interesting, and wise .. 

Although I take another approach; my personal machine is run in sudo su and find it insulting should any script/app try to protect me from myself and ask "are you sure you what to do this"  Of course I'm sure, otherwise why would i have taken the time and trouble to select or type a command in the first place!!

There is a place for user mode though, I love to teach the inexperienced and admin's really ought to have some protection from them.  No harm done though with tc because core, coreplus, tc, etc can be totally rebuilt in minutes, this is one of the beauties of core.

For important configuration files I make them immutable so not even root can harm them.  We have the power to save ourselves, but Ill be *** if i'll allow someone else attempt to protect me from myself..

:)

I found this article on sudoers interesting http://www.gratisoft.us/sudo/sudoers.man.html
« Last Edit: December 19, 2011, 11:29:56 PM by coreplayer2 »

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11703
Re: sudo passwd
« Reply #20 on: December 19, 2011, 11:37:08 PM »
Hi coreplayer2
Quote
Although I take another approach; my personal machine is run in sudo su
While you are free to do that, I would strongly discourage anyone reading this thread from doing that.
I would consider that practice akin to running a punch press with the interlocks bypassed, it just takes
one little distraction to lose a finger (if you are lucky).

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 11049
Re: sudo passwd
« Reply #21 on: December 20, 2011, 07:07:57 AM »
Haha, I too tend to have a root shell open just to avoid typing sudo ;)
The only barriers that can stop you are the ones you create yourself.

Offline newbody

  • Full Member
  • ***
  • Posts: 109
Re: sudo passwd
« Reply #22 on: December 23, 2011, 07:20:35 AM »
Yes I think I see the logic in what you guys say.
Sometimes one fail to pay attention and do things
that one regret. So some warning may be okay to have.

Is there not some way one can have a choice? At boot
if one add a word that tell it to make me root or something.

What made me able to use the older versions was that
it had a file manager that had a sudo or root option built in.

Suppose I had to correct something in menu.lst and then
I fail to get the whole sudo thing. I have no idea how one use such.

And that is something I have tried to learn since 2006 when I first
used Ubuntu and I still don't get how one use it.

So was it TCL 3.7 or similar that one had that option on the
filemanager to use it as root and that worked for me.

Yes it is embarrassing that I am that challenged. Trust me I hate it.

The newer TCL failed on me because them did not have that file manager.
Luckily after extensive searcing I was able to get one going finding it again.

But I still totally fail to get how one add extensions and keep them.

I trust most of you would tell me to not use your beloved TCL at all.
That only non-challenged should use Tiny Core.

Can you not make one using root that us who fail to get logic can use at our own risk?

We can sign an agreement to not sue any of you when we fail at it. :)
Acer D250, Snow Puppy, TinyCore and on HP SR5622, Snow Puppy,

Offline Lee

  • Hero Member
  • *****
  • Posts: 645
    • My Core wiki user page
Re: sudo passwd
« Reply #23 on: December 23, 2011, 12:08:38 PM »
I went so far as to tweak /root/.profile to allow me to log in as root with "su -" -if- tc is already logged in.  This allows the system to work right at boot time (when tc is not logged in yet) and allows me to log in as root (with warning "You are now root!") when I want to - but it makes me enter the root password to do so, so it pounds into my brain that I'm doing something "special".  And yeah, the root password is actually -not- the same as the tc user's password.

I haven't messed with the sudoers file, so I could still use "sudo su" and not have to give the password - this is just a cosmetic change to make tc fit my idea of what is "right".  :)

@newbody:
If you use emelfm2 file manager, its wbar icon will start emelfm2 as non-root user but the desktop right-click menu will offer to start it either as a regular user or as root.  In my case there are some visual cues to let me know if I'm root or not as I have added some extra buttons to tc's config of emelfm2 but not to root's (*).  Please pretend like I reiterated all the warnings about using it that way.

(*) Amusingly, the things I added to tc's emelfm2 config all have to do with performing certain functions as root.  "delete the highlighted item, recursively, as root, right now without asking if I'm sure" and "edit the highlighted file as root".
32 bit core4.7.7, Xprogs, Xorg-7.6, wbar, jwm  |  - Testing -
PPR, data persistence through filetool.sh          |  32 bit core 8.0 alpha 1
USB Flash drive, one partition, ext2, grub4dos  | Otherwise similar

Offline newbody

  • Full Member
  • ***
  • Posts: 109
Re: sudo passwd
« Reply #24 on: December 23, 2011, 12:32:23 PM »
Lee, much appreciated. Yes that gives both parties what them want then.
One do get a warning by having to give the password but one can still
be root then for a while and know due to how things look and the terminal
would show the changed status too I guess.

So that is why it is not a good idea to tell boot that one want to be root.
It mess up downloads and installations maybe.

I use fluff instead of emelfm2 but I get that one can set it to loaded as root
or with sudo in front of it. But that is needed for leafpad too. So I drown
in all the details. Using fluff it is there in the upper line use sudo.

More easy to understand for me. Thanks for pointing out how it works with emelfm2
I did remember it vaguely.
Acer D250, Snow Puppy, TinyCore and on HP SR5622, Snow Puppy,

Offline Lee

  • Hero Member
  • *****
  • Posts: 645
    • My Core wiki user page
Re: sudo passwd
« Reply #25 on: December 23, 2011, 01:17:19 PM »
re. running a text editor as root...

I got burned too many times by making non-trivial changes to files (I've spent a lot of time and effort on bootsync.sh et al) and being unable to save them because I was not editing as root, so I added that button to emelfm2 that lets me edit as root.  But that only worked if I used it - If I started my editor from the command line, for instance, and forgot to type"sudo" in front of it, I would still be in the same situation.

Eventually, I wrote a wrapper script for my text editor such that if I am opening an existing file it checks if I have write permission for the file and uses sudo if I don't.  If the file doesn't already exist, it checks If I can create it and uses sudo if I cannot.  Of course, read-only filesystems can still be problematic.  :)

So now the original function of the "edit as root" button in emelfm2 is "deprecated" but the button really just points to the wrapper script now, so its OK.  ;)

It may be time for a rework of the editor wrapper - I use it for everything, including composing email and somehow it has grown to over a hundred lines.  Feature creep strikes again!  If I can simplify it to something more understandable, perhaps I'll post it in the Programming and Scripting section.

Hmmm... "deprecated"... rhymes with def ... oh, never mind!   ::)
32 bit core4.7.7, Xprogs, Xorg-7.6, wbar, jwm  |  - Testing -
PPR, data persistence through filetool.sh          |  32 bit core 8.0 alpha 1
USB Flash drive, one partition, ext2, grub4dos  | Otherwise similar

Offline gerald_clark

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 4254
Re: sudo passwd
« Reply #26 on: December 23, 2011, 01:23:28 PM »
You could always save the file to /tmp and then do a sudo cp.

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11703
Re: sudo passwd
« Reply #27 on: December 23, 2011, 02:05:45 PM »
Hi Lee
Quote
I got burned too many times by making non-trivial changes to files (I've spent a lot of time and effort on bootsync.sh et al) and being unable to save them because I was not editing as root
Anytime I do that, I open a second editor as root, copy from the first, paste into the second, and
save using that one.

Offline Lee

  • Hero Member
  • *****
  • Posts: 645
    • My Core wiki user page
Re: sudo passwd
« Reply #28 on: December 23, 2011, 03:49:53 PM »
I used both of those workarounds at various times - not as convenient as just saving the file, but effective.  My head was getting sore from pounding it on the wall ("Doh!!").   :P
32 bit core4.7.7, Xprogs, Xorg-7.6, wbar, jwm  |  - Testing -
PPR, data persistence through filetool.sh          |  32 bit core 8.0 alpha 1
USB Flash drive, one partition, ext2, grub4dos  | Otherwise similar

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11703
Re: sudo passwd
« Reply #29 on: December 23, 2011, 03:55:16 PM »
Warning: Head pounding may cause a pounding headache.