Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] [Newbie] Becoming 'root' in Kubuntu
- Date: Sat, 25 Aug 2007 12:49:17 +0900
- From: "Josh Glover" <jmglov@example.com>
- Subject: Re: [tlug] [Newbie] Becoming 'root' in Kubuntu
- References: <46CDC3D4.60002@gmail.com> <20070823181744.GB17572@mail.scottro.net> <46CDD4CE.1070003@sonic.net> <d8fcc0800708240057q458c7556v1126731113a1e5b6@mail.gmail.com> <46CEA15F.8060906@dcook.org>
On 24/08/07, Darren Cook <darren@example.com> wrote: > Just to check your meaning, there is nothing hanging around after I type > "exit" is there? No. But how soon do you type "exit"? If it is after one or two commands, as it should be, how is that actually easier than prefixing commands with "sudo"? > But you still type in "su -" when you need to be root? No. There is no real need to become root 99.99% of the time. All you care about is the ability to execute certain commands with root privileges, which is what sudo provides. But that is not all sudo does; sudo allows the administrators to be *very* selective about when and to whom to give out root privileges. e.g. web developers might need to be able to run '/etc/init.d/apache2 reload', but not '/etc/init.d/apache2 stop/start/restart', which is reserved for webadmins. But neither class actually needs root access outside of the LAMP stack, so why give them the right to "su - root"? Better yet, sudo provides an easy way to log *every* command run and the real user that ran it. So when some sysadmin screws up and then won't admit to it, you just wave the sudo logs in front of his face and show him the door. ;) > Other than having to know root password [...] sudo also allows you to give out root privs to certain commands with no password, or the user's password, or authentication against any arbitrary PAM module. In my experience as a Unix SA for Amazon, the times I needed to become root in my 10-month stint could be enumerated on the fingers of one hand. Amazon has a special version of bash, modified to log everything, so you have to run "sudo sooperbash[1]" to do it. But like I said, you almost *never* need to. So break yourself of the habit of "su -" now, before you do something nasty to your system. Because it is only a matter of time before you paste a command into the wrong xterm... Cheers, Josh [1] Not the real name of the command, so don't get excited, Keith and Mauro. ;)
- References:
- [tlug] [Newbie] Becoming 'root' in Kubuntu
- From: CL
- Re: [tlug] [Newbie] Becoming 'root' in Kubuntu
- From: Scott Robbins
- Re: [tlug] [Newbie] Becoming 'root' in Kubuntu
- From: steven smith
- Re: [tlug] [Newbie] Becoming 'root' in Kubuntu
- From: Josh Glover
- Re: [tlug] [Newbie] Becoming 'root' in Kubuntu
- From: Darren Cook
- [tlug] [Newbie] Becoming 'root' in Kubuntu
- Prev by Date: Re: Gotta Learn Vi . . . . . . (was Re: [tlug] [Newbie] Becoming 'root' in Kubuntu: Use sudo)
- Next by Date: Re: [tlug] [Newbie] Becoming 'root' in Kubuntu
- Previous by thread: Re: [tlug] [Newbie] Becoming 'root' in Kubuntu
- Next by thread: Re: [tlug] [Newbie] Becoming 'root' in Kubuntu
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |