Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Kostya Sha]

Try `env-update && source /etc/profile`.

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Alan McKinnon]

On Tuesday 02 March 2010 08:33:07 Mick wrote:
> On Monday 01 March 2010 10:11:18 Neil Bothwick wrote:
> > On Mon, 1 Mar 2010 11:08:22 +0200, Alan McKinnon wrote:
> > > We just log the fact of running sudo. The admins are trusted to not
> > > cock things up, and if they do, to not try and hide it. The philosophy
> > > is simple - if we feel we can't trust you, we would not have hired you.
> > 
> > That is sensible, if not good for your BOFH rating :)
> > 
> > > Editing root's history after the fact to hide your tracks is considered
> > > a heinous crime of unimaginable proportions. Anyone caught doing it is
> > > sentenced to buy cake for the entire technical team. That's about 100
> > > people. And when I saw cake I don't mean a teeny weeny jam tart each, I
> > > mean cake - chocolate filled croissants, black forest and my personal
> > > favourite: 4 inch high carrot cake.
> > 
> > I take that back :)
> 
> Coming back to the OP, on a brand new installation, while on the console
> and logged in as root user, I also see ESC all over the man pages.  I do
> not have this problem on older boxen, nor do I remember noticing it in the
> past.  What is causing it and what is the fix?


Compare the environment between root and a non-root user when running a login 
shell.

The answer should be self-evident when you have the correct data in front of 
you to compare



-- 
alan dot mckinnon at gmail dot com

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Mick]

On Monday 01 March 2010 10:11:18 Neil Bothwick wrote:
> On Mon, 1 Mar 2010 11:08:22 +0200, Alan McKinnon wrote:
> > We just log the fact of running sudo. The admins are trusted to not
> > cock things up, and if they do, to not try and hide it. The philosophy
> > is simple - if we feel we can't trust you, we would not have hired you.
> 
> That is sensible, if not good for your BOFH rating :)
> 
> > Editing root's history after the fact to hide your tracks is considered
> > a heinous crime of unimaginable proportions. Anyone caught doing it is
> > sentenced to buy cake for the entire technical team. That's about 100
> > people. And when I saw cake I don't mean a teeny weeny jam tart each, I
> > mean cake - chocolate filled croissants, black forest and my personal
> > favourite: 4 inch high carrot cake.
> 
> I take that back :)

Coming back to the OP, on a brand new installation, while on the console and 
logged in as root user, I also see ESC all over the man pages.  I do not have 
this problem on older boxen, nor do I remember noticing it in the past.  What 
is causing it and what is the fix?
-- 
Regards,
Mick


signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Neil Bothwick]

On Mon, 1 Mar 2010 11:08:22 +0200, Alan McKinnon wrote:

> We just log the fact of running sudo. The admins are trusted to not
> cock things up, and if they do, to not try and hide it. The philosophy
> is simple - if we feel we can't trust you, we would not have hired you.

That is sensible, if not good for your BOFH rating :)

> Editing root's history after the fact to hide your tracks is considered
> a heinous crime of unimaginable proportions. Anyone caught doing it is
> sentenced to buy cake for the entire technical team. That's about 100
> people. And when I saw cake I don't mean a teeny weeny jam tart each, I
> mean cake - chocolate filled croissants, black forest and my personal
> favourite: 4 inch high carrot cake.

I take that back :)


-- 
Neil Bothwick

Forget the Joneses...I can't keep up with The Simpsons.


signature.asc
Description: PGP signature

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Alan McKinnon]

On Monday 01 March 2010 03:47:12 Neil Bothwick wrote:
> On Mon, 1 Mar 2010 01:07:21 +0200, Alan McKinnon wrote:
> > Don't read my post as literally meaning they must type the 7 characters
> > "sudo su". Read it more as "use any feature of sudo you feel like to
> > get a root shell, but you must use sudo. As opposed to using su alone".
> 
> The problem with this in your situation is that you only get a log entry
> when the user switches to root, not for whatever they do in that root
> shell, whereas having them run each command with sudo logs every action
> they take as root. Or do you have a way of auditing the commands run from
> the root shell?


We just log the fact of running sudo. The admins are trusted to not cock 
things up, and if they do, to not try and hide it. The philosophy is simple - 
if we feel we can't trust you, we would not have hired you.

Editing root's history after the fact to hide your tracks is considered a 
heinous crime of unimaginable proportions. Anyone caught doing it is sentenced 
to buy cake for the entire technical team. That's about 100 people. And when I 
saw cake I don't mean a teeny weeny jam tart each, I mean cake - chocolate 
filled croissants, black forest and my personal favourite: 4 inch high carrot 
cake.

People only buy cake once around here :-)

-- 
alan dot mckinnon at gmail dot com

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Neil Bothwick]

On Mon, 1 Mar 2010 01:07:21 +0200, Alan McKinnon wrote:

> Don't read my post as literally meaning they must type the 7 characters
> "sudo su". Read it more as "use any feature of sudo you feel like to
> get a root shell, but you must use sudo. As opposed to using su alone".

The problem with this in your situation is that you only get a log entry
when the user switches to root, not for whatever they do in that root
shell, whereas having them run each command with sudo logs every action
they take as root. Or do you have a way of auditing the commands run from
the root shell?


-- 
Neil Bothwick

Press button to test: release to detonate.


signature.asc
Description: PGP signature

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Alan McKinnon]

On Monday 01 March 2010 00:57:17 William Hubbs wrote:
> On Mon, Mar 01, 2010 at 12:16:14AM +0200, Alan McKinnon wrote:
> > "sudo su" and "su" have a fundamental difference, vital in corporate
> > networks:
> > 
> > The former uses the user's password for authentication and sudoers for
> > authorization. The latter uses knowledge of the root password for
> > authorization and authentication. See my other post in this thread.
> 
>  Actually, what you just said about "sudo su" applies only to "sudo".
>  When you run "sudo su", what you are doing is running sudo then
>  authenticating to it, and running su, as root, after you authenticate
>  to sudo.

You misunderstand my intent. To get root via sudo, you authenticate using the 
user's Unix account. The emphasis here is on what sudo does, not the intricate 
subtleties of what it does with the subsequent su, or any other variation of 
the same.

I don't want to start a pointless semantic argument on this, just realize it's 
all about sudo and the following "su" is a mere example (other things could 
have sufficed, I used that one)


> 
> > On the work servers I enforce "sudo su"
> 
>  Actually, you could just have people use "sudo -i" or "sudo -s" if they
>  want a shell with root access.  If they want to run a program with root
>  privileges and the root environment, they can use "sudo -i command".
> 
> William


Don't read my post as literally meaning they must type the 7 characters "sudo 
su". Read it more as "use any feature of sudo you feel like to get a root 
shell, but you must use sudo. As opposed to using su alone".
-- 
alan dot mckinnon at gmail dot com

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Alan McKinnon]

On Sunday 28 February 2010 23:27:57 William Hubbs wrote:
> > 7 years ago a veteran Linux user taught me to always use su - for the
> > very reason you stated.
> 
>  
>  Actually, you are safe with either "su -" (without sudo) or "sudo -i".
>  "sudo su -" is chaining "su -" on top of sudo, and is redundant because
>  "sudo -i" and "su -" do the same thing afaik.

"sudo su" and "su" have a fundamental difference, vital in corporate networks:

The former uses the user's password for authentication and sudoers for 
authorization. The latter uses knowledge of the root password for 
authorization and authentication. See my other post in this thread.

On the work servers I enforce "sudo su"

OTOH, "sudo su" is indeed pretty pointless on a single-user machine. I never 
bother with sudo on this gentoo notebook for instance.

-- 
alan dot mckinnon at gmail dot com

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[William Hubbs]

On Mon, Mar 01, 2010 at 12:16:14AM +0200, Alan McKinnon wrote:
> "sudo su" and "su" have a fundamental difference, vital in corporate networks:
> 
> The former uses the user's password for authentication and sudoers for 
> authorization. The latter uses knowledge of the root password for 
> authorization and authentication. See my other post in this thread.
 
 Actually, what you just said about "sudo su" applies only to "sudo".
 When you run "sudo su", what you are doing is running sudo then
 authenticating to it, and running su, as root, after you authenticate
 to sudo.

> On the work servers I enforce "sudo su"
 
 Actually, you could just have people use "sudo -i" or "sudo -s" if they
 want a shell with root access.  If they want to run a program with root
 privileges and the root environment, they can use "sudo -i command".

William



pgpWv3MMggLMv.pgp
Description: PGP signature

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[William Hubbs]

On Sun, Feb 28, 2010 at 03:56:13PM -0500, stosss wrote:
> On Sun, Feb 28, 2010 at 7:28 AM, pk  wrote:
> > ubiquitous1980 wrote:
> >
> >>> http://lists.debian.org/debian-security/2006/07/msg00059.html
> >
> >> With "sudo su - " the man pages do not have ESC throughout. ?I have
> >> learned sudo su from my ubuntu days and I am only guessing that this is
> >> bad practice and that the correct command is $ sudo su -
> >
> > No need to guess. Messing with superuser privileges without a proper
> > superuser environment (paths etc.) is considered bad from a security
> > point of view; for instance, an malicious application could be installed
> > in your user home dir, prepend the path to this to your local user $PATH
> > and whenever you do "su" (without -) you could invoke this app with
> > superuser privileges...
> > So to summarize: The link above (debian.org) explains it quite well and
> > yes, I would say it's a bad habit to omit -. :-)
> 
> 7 years ago a veteran Linux user taught me to always use su - for the
> very reason you stated.
 
 Actually, you are safe with either "su -" (without sudo) or "sudo -i".
 "sudo su -" is chaining "su -" on top of sudo, and is redundant because
 "sudo -i" and "su -" do the same thing afaik.

 William



pgpS4XXUTGw4P.pgp
Description: PGP signature

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[stosss]

On Sun, Feb 28, 2010 at 7:28 AM, pk  wrote:
> ubiquitous1980 wrote:
>
>>> http://lists.debian.org/debian-security/2006/07/msg00059.html
>
>> With "sudo su - " the man pages do not have ESC throughout.  I have
>> learned sudo su from my ubuntu days and I am only guessing that this is
>> bad practice and that the correct command is $ sudo su -
>
> No need to guess. Messing with superuser privileges without a proper
> superuser environment (paths etc.) is considered bad from a security
> point of view; for instance, an malicious application could be installed
> in your user home dir, prepend the path to this to your local user $PATH
> and whenever you do "su" (without -) you could invoke this app with
> superuser privileges...
> So to summarize: The link above (debian.org) explains it quite well and
> yes, I would say it's a bad habit to omit -. :-)

7 years ago a veteran Linux user taught me to always use su - for the
very reason you stated.

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[ubiquitous1980]

pk wrote:
> ubiquitous1980 wrote:
>
>   
>>> http://lists.debian.org/debian-security/2006/07/msg00059.html
>>>   
>
>   
>> With "sudo su - " the man pages do not have ESC throughout.  I have
>> learned sudo su from my ubuntu days and I am only guessing that this is
>> bad practice and that the correct command is $ sudo su -
>> 
>
> No need to guess. Messing with superuser privileges without a proper
> superuser environment (paths etc.) is considered bad from a security
> point of view; for instance, an malicious application could be installed
> in your user home dir, prepend the path to this to your local user $PATH
> and whenever you do "su" (without -) you could invoke this app with
> superuser privileges...
> So to summarize: The link above (debian.org) explains it quite well and
> yes, I would say it's a bad habit to omit -. :-)
>
> Best regards
>
> Peter K
>
>   
Investigated this further...

With su, PATH=/sbin:/bin:/usr/sbin:/usr/bin

With sudo su, PATH=/sbin:/bin:/usr/sbin:/usr/bin

With sudo su -,
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.3.4:/usr/lib64/subversion/bin

This final PATH is the same as my user's account.  I thought that this
would be the other way around, and that with $ sudo su - I would expect
the normal root path as to prevent a malicious program settinga  path
and allowing execution without identifying its specific location at the CLI.

Perhaps I am confused.

Thanks

Damien

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[ubiquitous1980]

pk wrote:
> ubiquitous1980 wrote:
>
>   
>>> http://lists.debian.org/debian-security/2006/07/msg00059.html
>>>   
>
>   
>> With "sudo su - " the man pages do not have ESC throughout.  I have
>> learned sudo su from my ubuntu days and I am only guessing that this is
>> bad practice and that the correct command is $ sudo su -
>> 
>
> No need to guess. Messing with superuser privileges without a proper
> superuser environment (paths etc.) is considered bad from a security
> point of view; for instance, an malicious application could be installed
> in your user home dir, prepend the path to this to your local user $PATH
> and whenever you do "su" (without -) you could invoke this app with
> superuser privileges...
> So to summarize: The link above (debian.org) explains it quite well and
> yes, I would say it's a bad habit to omit -. :-)
>
> Best regards
>
> Peter K
>
>   
Thanks for your explanation and I will remember this lesson.]

Thanks,

Damien

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[pk]

ubiquitous1980 wrote:

>> http://lists.debian.org/debian-security/2006/07/msg00059.html

> With "sudo su - " the man pages do not have ESC throughout.  I have
> learned sudo su from my ubuntu days and I am only guessing that this is
> bad practice and that the correct command is $ sudo su -

No need to guess. Messing with superuser privileges without a proper
superuser environment (paths etc.) is considered bad from a security
point of view; for instance, an malicious application could be installed
in your user home dir, prepend the path to this to your local user $PATH
and whenever you do "su" (without -) you could invoke this app with
superuser privileges...
So to summarize: The link above (debian.org) explains it quite well and
yes, I would say it's a bad habit to omit -. :-)

Best regards

Peter K

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[ubiquitous1980]

pk wrote:
> ubiquitous1980 wrote:
>   
>> If I have logged in through sudo such as $ sudo su, when I then use man
>> pages, they are covered in "ESC".  This does not occur when using normal
>> user accounts or the root account through su.  Wondering what is going
>> on.  Thanks.
>> 
>
> Q: Have you tried "... su -" (the dash is important since it will read
> the environment for root login otherwise the environment will be the
> same as for current user).
>
> http://lists.debian.org/debian-security/2006/07/msg00059.html
>
> Best regards
>
> Peter K
>
>   
With "sudo su - " the man pages do not have ESC throughout.  I have
learned sudo su from my ubuntu days and I am only guessing that this is
bad practice and that the correct command is $ sudo su -

Thanks

Damien

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[pk]

ubiquitous1980 wrote:
> If I have logged in through sudo such as $ sudo su, when I then use man
> pages, they are covered in "ESC".  This does not occur when using normal
> user accounts or the root account through su.  Wondering what is going
> on.  Thanks.

Q: Have you tried "... su -" (the dash is important since it will read
the environment for root login otherwise the environment will be the
same as for current user).

http://lists.debian.org/debian-security/2006/07/msg00059.html

Best regards

Peter K

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Dan Johansson]

On Sunday 28 February 2010 04.57:36 ubiquitous1980 wrote:
> If I have logged in through sudo such as $ sudo su, when I then use man
> pages, they are covered in "ESC".  This does not occur when using normal
> user accounts or the root account through su.  Wondering what is going
> on.  Thanks.
And I have the exact opposite on one of my rigs. Viewing man pages as a normal 
user and it get cluttered with ESC..., but view the same page after doing a 
'sudo su -' everything is OK.
-- 
Dan Johansson, 
***
This message is printed on 100% recycled electrons!
***

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[ubiquitous1980]

Dan Cowsill wrote:
> On Sat, Feb 27, 2010 at 10:57 PM, ubiquitous1980  
> wrote:
>   
>> If I have logged in through sudo such as $ sudo su, when I then use man
>> pages, they are covered in "ESC".  This does not occur when using normal
>> user accounts or the root account through su.  Wondering what is going
>> on.  Thanks.
>>
>>
>> 
>
> Kind of curious about this myself.  It has just been a minor annoyance
> to me for the last couple of years, but it seems to show up only when
> logged onto root.
>
>   
Wondering if it is a bug??? Perhaps a USE flag...who knows as yet...

Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[Dan Cowsill]

On Sat, Feb 27, 2010 at 10:57 PM, ubiquitous1980  wrote:
> If I have logged in through sudo such as $ sudo su, when I then use man
> pages, they are covered in "ESC".  This does not occur when using normal
> user accounts or the root account through su.  Wondering what is going
> on.  Thanks.
>
>

Kind of curious about this myself.  It has just been a minor annoyance
to me for the last couple of years, but it seems to show up only when
logged onto root.

[gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.

[ubiquitous1980]

If I have logged in through sudo such as $ sudo su, when I then use man
pages, they are covered in "ESC".  This does not occur when using normal
user accounts or the root account through su.  Wondering what is going
on.  Thanks.