Re: [tlug] Root account

["Stephen J. Turnbull" <stephen@example.com>]

>>>>> "Dave" == Dave M G <Dave> writes:

    Dave> I'm not sure what the confusion here is. I can get into a
    Dave> root account.

That's right.  The problem is that "root account" is not
well-defined.  It has a number of meanings

(1) The privilege of overriding any permission restrictions set by
    anyone.

(2) Access to a set of resources owned by that account.

(3) An environment that sets the defaults for resolving ambiguity.

sudo is a device for implementing (2), basically.  This indirectly
provides (1) (via permission-changing commands like chmod which treat
requests from the root user specially) and (3) (via su -).

If you are told "permission denied", then (2) is what you need, and
it's all you need.

However, if you're told "not found", then (3) is the problem, if the
resource exists.  But if you can't find it, you can't distinguish
between a resource that doesn't exist and the failure to look for the
resource where it actually is.

(Once you do find it, of course you can then run into "permission
denied".)

    Dave> But that hasn't changed the fact that, when in a root
    Dave> account or otherwise, it could not find the command you guys
    Dave> are recommending:

    Dave> root@example.com:/usr/sbin# generate-modprobe.conf > /etc/modprobe.conf
    Dave> bash: generate-modprobe.conf: command not found

This *should not* work, even if /usr/sbin/generate-modprobe.conf
exists.  '.' should never be in anyone's PATH, and especially not in
root's: it's a major security hole.  To execute commands in the
current directory, use ./generate-modprobe.conf.

    Dave> However, using locate, I found the following:
    Dave> dave@example.com:~$ locate generate-modprobe
    Dave> /usr/share/doc/module-init-tools/examples/generate-modprobe.conf.gz

Good for you!

We probably should have suggested that in the first place, but it's
even better that you are using those tools yourself.

-- 
School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp
University of Tsukuba                    Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
               Ask not how you can "do" free software business;
              ask what your business can "do for" free software.