On Sat, May 13, 2023 at 09:07:19AM -0700, Kushal Kumaran wrote:
[...]
> The benefit is that there is no shared password. [...]
Thanks. This is one very good point indeed.
Cheers
--
t
signature.asc
Description: PGP signature
On Sat, May 13 2023 at 01:51:03 AM, Lee wrote:
> On 5/12/23, DdB wrote:
>> Am 13.05.2023 um 00:03 schrieb Lee:
>>> On 5/12/23, Stefan Monnier wrote:
> Or configure sudo to disable tty_tickets, so that the timeout (10
> minutes by default IIRC) applies to all terminals.
`sudo
to...@tuxteam.de wrote:
> Security is engineering: always looking for a good tradeoff.
> Not magic.
>
> (That's why I cringe when people around here scaremonger about
> "you NEED to have a password" and things. People should know
> what they are getting into, for sure, but at the same time they
wrote:
> On Sat, May 13, 2023 at 10:35:31AM +0200, Michel Verdier wrote:
> > Le 12 mai 2023 tomas a écrit :
> >
> > >> > `sudo bash` anyone?
> > >>
> > >> also quicker done with
> > >> su -
> > >
> > > But not the same.
> >
> > Which differences do you see ?
>
> For su, you have to
DdB (12023-05-13):
> The kind of mistakes, any user (including yourself) can initiate, grows
> considerably, if he can use any commands without even thinking.
You are right with this principle but you are mistaken in applying it.
If you want to teach users to think before typing the password,
On Sat, May 13, 2023 at 10:35:31AM +0200, Michel Verdier wrote:
> Le 12 mai 2023 tomas a écrit :
>
> >> > `sudo bash` anyone?
> >>
> >> also quicker done with
> >> su -
> >
> > But not the same.
>
> Which differences do you see ?
For su, you have to enter the root password. For sudo, there
are
Le 12 mai 2023 tomas a écrit :
>> > `sudo bash` anyone?
>>
>> also quicker done with
>> su -
>
> But not the same.
Which differences do you see ?
On 5/12/23, DdB wrote:
> Am 13.05.2023 um 00:03 schrieb Lee:
>> On 5/12/23, Stefan Monnier wrote:
Or configure sudo to disable tty_tickets, so that the timeout (10
minutes by default IIRC) applies to all terminals.
>>>
>>> `sudo bash` anyone?
>>
>> me! me! but I also have
> (...)
>>
Am 13.05.2023 um 00:03 schrieb Lee:
> On 5/12/23, Stefan Monnier wrote:
>>> Or configure sudo to disable tty_tickets, so that the timeout (10
>>> minutes by default IIRC) applies to all terminals.
>>
>> `sudo bash` anyone?
>
> me! me! but I also have
(...)
> %adm ALL = (root)
On 5/12/23, Stefan Monnier wrote:
>> Or configure sudo to disable tty_tickets, so that the timeout (10
>> minutes by default IIRC) applies to all terminals.
>
> `sudo bash` anyone?
me! me! but I also have
# cat /etc/sudoers.d/adm-grp-privs
# members of adm can run certain commands as root
On 2023-05-12, Tom Reed wrote:
>> Tom Reed (12023-05-12):
>>> otherwise every time i have to input password for sudo.
>>
>> Yes, that is the point.
>>
>> If “every time” is a lot for you, maybe your use habits need to be
>> reviewed.
>>
>
> that's normal. for example, I have to check every kind
On Fri, May 12, 2023 at 05:46:21PM +0200, Michel Verdier wrote:
> Le 12 mai 2023 Stefan Monnier a écrit :
>
> >> Or configure sudo to disable tty_tickets, so that the timeout (10
> >> minutes by default IIRC) applies to all terminals.
> >
> > `sudo bash` anyone?
>
> also quicker done with
> su -
Le 12 mai 2023 Stefan Monnier a écrit :
>> Or configure sudo to disable tty_tickets, so that the timeout (10
>> minutes by default IIRC) applies to all terminals.
>
> `sudo bash` anyone?
also quicker done with
su -
On 12/05/2023 21:00, Byung-Hee HWANG (황병희) wrote:
On Fri, 2023-05-12 at 08:25 -0400, Stefan Monnier wrote:
`sudo bash` anyone?
AMAZING! Thanks for tip, Stefan ^^^
Isn't it a way to get e.g. ~/.bash_history owned by root?
sudo -i
should be better
Hi Stefan,
On Fri, 2023-05-12 at 08:25 -0400, Stefan Monnier wrote:
> > Or configure sudo to disable tty_tickets, so that the timeout (10
> > minutes by default IIRC) applies to all terminals.
>
> `sudo bash` anyone?
>
AMAZING! Thanks for tip, Stefan ^^^
Sincerely, Byung-Hee
--
^고맙습니다
Le 12 mai 2023 Tom Reed a écrit :
> that's normal. for example, I have to check every kind of logs (mail,
> webserver, systems etc). They require sudo then.
Logs are with adm gid, so just add your user to the group adm to be able
to consult logs.
Stefan Monnier (12023-05-12):
> `sudo bash` anyone?
Why not “sudo start-gnome” or logging as root on the display manager
while you are at it?
Regards,
--
Nicolas George
> Or configure sudo to disable tty_tickets, so that the timeout (10
> minutes by default IIRC) applies to all terminals.
`sudo bash` anyone?
Stefan
Greg Wooledge (12023-05-12):
> If you're launching a terminal, running a single sudo command, closing
> the terminal, opening a new terminal, etc. ... then perhaps you should
> stop doing that. Leave your terminal open, at least until you're done
> with whatever administrative task you're doing.
On Fri, May 12, 2023 at 08:13:31PM +0800, Tom Reed wrote:
> that's normal. for example, I have to check every kind of logs (mail,
> webserver, systems etc). They require sudo then.
If you check the logs all at once, as part of a daily routine, then you
only have to type the password one time, at
On Fri, May 12, 2023 at 07:27:25PM +0800, Tom Reed wrote:
> Hello
>
> what's the right way to add an user to run sudo without password?
> I have to edit /etc/sudoers by manual. But I don't think it's a grace way.
>
> Thanks.
> Tom
>
As others have said: sudo is *designed* this way - you have to
Tom Reed (12023-05-12):
> that's normal. for example, I have to check every kind of logs (mail,
> webserver, systems etc). They require sudo then.
No they do not. You just have to adjust files permissions if they are
not correct by default, which they usually are.
My crystal ball tells me you
On Fri, May 12, 2023 at 08:03:00PM +0800, Tom Reed wrote:
> for a common account, such as tom, a nopasswd sudo also makes sense?
> otherwise every time i have to input password for sudo.
Within a given terminal session, you only have to enter your passwors
once. This will allow passwordless sudo
> Tom Reed (12023-05-12):
>> otherwise every time i have to input password for sudo.
>
> Yes, that is the point.
>
> If “every time” is a lot for you, maybe your use habits need to be
> reviewed.
>
that's normal. for example, I have to check every kind of logs (mail,
webserver, systems etc). They
Tom Reed (12023-05-12):
> otherwise every time i have to input password for sudo.
Yes, that is the point.
If “every time” is a lot for you, maybe your use habits need to be
reviewed.
Regards,
--
Nicolas George
> On Fri, May 12, 2023 at 07:27:25PM +0800, Tom Reed wrote:
>> what's the right way to add an user to run sudo without password?
>> I have to edit /etc/sudoers by manual. But I don't think it's a grace
>> way.
>
> *Without password*?? Yes, that will require a manual edit.
>
> There is no
On Fri, May 12, 2023 at 07:27:25PM +0800, Tom Reed wrote:
> what's the right way to add an user to run sudo without password?
> I have to edit /etc/sudoers by manual. But I don't think it's a grace way.
*Without password*?? Yes, that will require a manual edit.
There is no "graceful way" to
Hello
what's the right way to add an user to run sudo without password?
I have to edit /etc/sudoers by manual. But I don't think it's a grace way.
Thanks.
Tom
28 matches
Mail list logo
