Sudo rant

chungs

chungs

If you like it, power to you, I'm sure it has it's use somewhere
But me... I can't stand it! I'm so tired of being cockblocked on linux because I don't want to type my password a million times, and after each linux install I have to manually tell it not to in a convoluted config file.
Or oven worse, I have to tell it to let me use MY SYSTEM to install packages from the aur, which you basically have to since arch repos surprisingly have next to nothing in them.
I don't see how using the aur is any different from standard practice on compile only distros, it really makes no sense to me. You're supposed to read build scripts before you use them anyways.
I would be using devuan, but I really love mkinitcpio and genfstab and I don't want to bother getting them to work on devuan.

In contrast, I've never had sudo forced on me at all on freebsd. It feels much better, and it's a system that actually works for me rather than vice versa. Working with linux sometimes is like wrestling with a fish.
Su root is my preferred method absolutely, and generally I've never had anything forced onto me on freebsd.

(though I would be daily driving freebsd if my drawing tablet worked among some other small things that I don't want to give up, like btrfs-grub is very nice)
 
Just 15 years ago, Linux didn't have anything like this. And if it did, it was somewhere deep and fragmented.
For me, Linux has completely exhausted itself as an adequate system.
I no longer have time to read Linux news deeply and thoughtfully.
But even skimming the news, I'm horrified by everything that's been done to Linux in the last 10 years.
It's not just systemd that's ruining my life.
Garbage news, garbage "innovations" in Linux, unnecessary entities, entity fragmentation, and their
excessive number are burying my brain.
AUR is a trojanized garbage dump with probes, the init system is a cesspool, and everything that remains—Artix, Void, Devuan—is either broken
or unfinished. I can't even use this on my home PC, I don't know how, and I don't want to. I don't know what will happen in another 15 years, but the point of no return for Linux has been passed. Corporations will finally co-opt Linux to suit their own purposes.
But I have a different goal.
 
FreeBSD gives you complete freedom of choice. Conceptually, FreeBSD today is free of vendor locking.
This is even more important than the absence of toxic technologies. If I break a system, I break it myself.
I have a lot of tools, but sometimes I don't read things carefully and end up having to deal with problems myself.
 
USerID said:
AUR is a trojanized garbage dump with probes, the init system is a cesspool, and everything that remains—Artix, Void, Devuan—is either broken
or unfinished.
Click to expand...
With apologies, Void Linux is a serious distribution, far from broken, far from unfinished. Not a very popular one, but I would rather use Void than anything systemd. Probably the closest to FreeBSD, if we ignore Slackware. My two cents, I might be wrong. Opinions... opinions...
 
in a term window:
sudo /bin/bash
Enter your password once, then use that term for anything priviledged.

Some things need "root" power or need to be configured around (mounting filesystems). So either a tool (sudo or doas) or you need to know the root password.
Pick your poison
 
dclau said:
With apologies, Void Linux is a serious distribution, far from broken, far from unfinished. Not a very popular one, but I would rather use Void than anything systemd. Probably the closest to FreeBSD, if we ignore Slackware. My two cents, I might be wrong. Opinions... opinions...
Click to expand...
Im using Void right now, and i can confirm. Its far from unfinished or broken. As you said, its a serious linux distribution. Using doas and runit is just pure pleasure.

Unfortunately, its still linux. And i have to use now instead of freebsd because i have AMD 9070 video card that requires drm-612-kmod. Ill probably have to wait several years before i can switch back to freebsd.

But yeah, Void is currently best distro imho.
 
In FreeBSD it’s very easy to stop sudo asking for passwords. Not secure, but on personal box can be convenient.
Code: 
su -
pw groupmod wheel -m <your_username>
visudo
/%w/ 3z
2x
:wq
^D
 
Charlie_ said:
If you're running bash, you can use sudo -s.

Edit: Does bash not set SHELL?
Click to expand...
Thanks, all my systems I set my user shell to tcsh (easier for me in an interactive use) and muscle memory defaults to me typing sudo /bin/bash.

As for setting SHELL, to the best of my knowledge it should.
 
One rant that does not make sense. Either you appreciate controlled user privilege security or you don't. But even if you don't, there are several ways around the regular password checks with sudo on Arch or Artix:

Code: 
sudo bash

Code: 
sudo su

Code: 
sudo -s

For me, the primary use of sudo is accountability. Every command given using sudo leaves an audit trace. "su" and other methods only show that privileges were escalated, not what was done after escalation. But that is in corporate environments, not personal devices.
 
Years of sudo on Linux had me using su - on FreeBSD initial installs for a while, but one day I thought "why am I logging into a normal user for root stuff" :p

I'm used to it off-Windows so no real issue, and on Windows I'm used to EnableLUA=0 :cool:
 
USerID said:
Just 15 years ago, Linux didn't have anything like this. And if it did, it was somewhere deep and fragmented.
For me, Linux has completely exhausted itself as an adequate system.
I no longer have time to read Linux news deeply and thoughtfully.
But even skimming the news, I'm horrified by everything that's been done to Linux in the last 10 years.
It's not just systemd that's ruining my life.
Garbage news, garbage "innovations" in Linux, unnecessary entities, entity fragmentation, and their
excessive number are burying my brain.
AUR is a trojanized garbage dump with probes, the init system is a cesspool, and everything that remains—Artix, Void, Devuan—is either broken
or unfinished. I can't even use this on my home PC, I don't know how, and I don't want to. I don't know what will happen in another 15 years, but the point of no return for Linux has been passed. Corporations will finally co-opt Linux to suit their own purposes.
But I have a different goal.
Click to expand...
I kind-of feel that way about Flatpak, but I also felt that way for a while with Wayland. Nowadays it works to the point of me not realizing it, so I'm fine with it.

I survived Windows ME, launch Vista, 8 Start tiles, GNOME 2 -> 3, so I'm confident I can handle anything in the future :p


I got into Linux when systemd was starting to become mainstream so I'm used to it; no problem desktop-side, and server-side I like creating custom services and timers! On Windows I didn't figure out how to create a legit service and didn't want to use a 3rd-party tool; start menu Startup folder and auto-login worked for years :p and recently I use basic tasks in Task Scheduler.

On FreeBSD I took a look at a MariaDB rc.d script for some launch issue and got scared enough to not want to figure out that complexity for a while :p I ran some commands manually for updates on web server stuff.

systemd's easy; run a service every first of the month at 4:10AM:

Code: 
[Timer]
OnCalendar=*-*-01 04:10:00

Not a persistent daemon? Type=oneshot. Run a oneshot every 12 hours? OnBootSec=12h and OnUnitActiveSec=12h. I can have stuff fire-off on schedules whenever I want with understandable syntax :p
 
Me too. I also hate this sudo...sudo...sudo...-thing.
And since I also knew it from Linux first, I recently learned it's not a Linux thing, but is an original FreeBSD thing.

However,
depending on the Linux distro you're using there is no real user root anymore, but to sudo...sudo...sudo... everything is the default way. I don't know, but to me it seems was made to ease the use for single desktop turn-key Linux machines even more.
Besides to say I find that annoying was understatement, I also see security issues with that:

1. There is no real distinction between root and users anymore when sudo asks the user's password to let you do root things. If somebody gets the password of a sudo allowed user, which on a default single user turn-key Linux desktop machine is the case, he gets root access to the machine. But here we are not on turn-key Linux.

2. Because of this excessive enquiry for the password users tend to chose short and simple, so unsecure passwords, because they want to avoid the annoyance of mistyping their pw many times (and being "reported" - to themselves 🤪.)

But besides, as others already mentioned, it depends on how you configure, and use sudo, just because many documentation, and How-Tos often show "sudo...sudo...sudo..." doesn't mean you have to do it the same way yourself.
Just become root - su -, or completely login as root (btw. in almost all cases it doesn't matter, but there is a difference between you login as root, or become root by su - [by default sudo config]) - type your password once, until you logout again, and voilá, no sudo...sudo...sudo... anymore. :cool:
 
Maturin said:
Me too. I also hate this sudo...sudo...sudo...-thing.
And since I also knew it from Linux first, I recently learned it's not a Linux thing, but is an original FreeBSD thing.

However,
depending on the Linux distro you're using there is no real user root anymore, but to sudo...sudo...sudo... everything is the default way. I don't know, but to me it seems was made to ease the use for single desktop turn-key Linux machines even more.
Besides to say I find that annoying was understatement, I also see security issues with that:

1. There is no real distinction between root and users anymore when sudo asks the user's password to let you do root things. If somebody gets the password of a sudo allowed user, which on a default single user turn-key Linux desktop machine is the case, he gets root access to the machine. But here we are not on turn-key Linux.

2. Because of this excessive enquiry for the password users tend to chose short and simple, so unsecure passwords, because they want to avoid the annoyance of mistyping their pw many times (and being "reported" - to themselves 🤪.)

But besides, as others already mentioned, it depends on how you configure, and use sudo, just because many documentation, and How-Tos often show "sudo...sudo...sudo..." doesn't mean you have to do it the same way yourself.
Just become root - su -, or completely login as root (btw. in almost all cases it doesn't matter, but there is a difference between you login as root, or become root by su - [by default sudo config]) - type your password once, until you logout again, and voilá, no sudo...sudo...sudo... anymore. :cool:
Click to expand...
Alt Linux is a bit different there, every time that GUI app that needs admin privileges is started, system asks for root password, not user's. But I guess that' how they configured polkit and has nothing to do with sudo per se.

Another interesting thing about Alt is that user, even if is in the wheel group, can't see many dirs and files. For example, on FreeBSD I can as user (which is in the wheel group) cat /etc/ssh/sshd_config. On Alt if I try the same, as user (in the wheel group)
cat /etc/openssh/sshd_config
cat: /etc/openssh/sshd_config: Permission denied
I'll have to use sudo cat for that, even if I have in sudoers WHEEL_USERS ALL=(ALL:ALL) NOPASSWD: ALL
 
Well, to me it is about command line usage philosophies and best practices.

Many do consider logging in as root and working with a shell with root rights as bad idea. So this is what sudo is trying to solve - raising awareness about when something is running as root.

Others prefer to run on a root shell on a daily base, saying that UNIX is about getting what you asked for without holding your hands. And rm -rf / is so much fun... well, sometimes.

Most distribution makers are taking the safer route here, so sudo it is. Which probably makes sense for a lot of people.

In case you just dislike the tool itself but not the idea, there are replacements out there: OpenBSD has created doas as replacement, because they thought that sudo sucks and is too bloated and complex. And systemd is offering run0 as replacement, but then again why should we trust Poettering's junk?
 
I love sudo insults.

To enable it in FreeBSD you have to recompile. Add this to /etc/make.conf:

security_sudo_SET= INSULTS

On other systems you have to add this to sudoers.d/insults:

Defaults insults
 
USerID said:
Just 15 years ago, Linux didn't have anything like this. And if it did, it was somewhere deep and fragmented.
For me, Linux has completely exhausted itself as an adequate system.
I no longer have time to read Linux news deeply and thoughtfully.
But even skimming the news, I'm horrified by everything that's been done to Linux in the last 10 years.
It's not just systemd that's ruining my life.
Garbage news, garbage "innovations" in Linux, unnecessary entities, entity fragmentation, and their
excessive number are burying my brain.
AUR is a trojanized garbage dump with probes, the init system is a cesspool, and everything that remains—Artix, Void, Devuan—is either broken
or unfinished. I can't even use this on my home PC, I don't know how, and I don't want to. I don't know what will happen in another 15 years, but the point of no return for Linux has been passed. Corporations will finally co-opt Linux to suit their own purposes.
But I have a different goal.
Click to expand...
As a person who has been a linux sysadmin for the past 30 years, I agree 100%. I started with Slackware 2.2.0.1, dual booted with RedHat 3.0.3, ran rh till 6, went with Debian. Stayed with them until bdale garbee stuck a shiv in our collective backs when he made the "command decision" on the tech board to insert systemd.

At that point, I became, as kris moore said, "BSD curious." started with FreeNAS, then pfSense, and before I knew it, my entire home network ran FreeBSD, except for my wife's machine, which runs devuan. I don't even boot into my devuan dual boot to play Kerbal space program any more because running linux makes me feel...dirty. :)

dclau said:
With apologies, Void Linux is a serious distribution, far from broken, far from unfinished. Not a very popular one, but I would rather use Void than anything systemd. Probably the closest to FreeBSD, if we ignore Slackware. My two cents, I might be wrong. Opinions... opinions...
Click to expand...
Yeah, but now the void developers are sticking their noses into the politics of open source, censoring screenshots of xlibre running on void and marching along with redhat(e) in trying to consign xorg/xlibre to the ash heap of history.
 
VulcanRidr said:
Yeah, but now the void developers are sticking their noses into the politics of open source, censoring screenshots of xlibre running on void and marching along with redhat(e) in trying to consign xorg/xlibre to the ash heap of history.
Click to expand...
XLibre works great on OpenRC based Gentoo (6.16.7) with KDE 6.4.5
 
MrBSD said:
Wayland is far from being ready, but somehow, we have distros and desktop environments that are wayland only. Crazy.
Click to expand...
Absolutely corrrect, and the thing is that they are ready to throw out the baby (xorg/xlibre) with the bathwater. The tried and true for the not ready yet and never may be -- you have to change how you compute to fit the new normal. And didn't one of the pillars of free software used to be freedom of choice?
 
VulcanRidr said:
Absolutely corrrect, and the thing is that they are ready to throw out the baby (xorg/xlibre) with the bathwater. The tried and true for the not ready yet and never may be -- you have to change how you compute to fit the new normal. And didn't one of the pillars of free software used to be freedom of choice?
Click to expand...
Gnome foundation tried, and failed miserably. They wanted to completely remove xorg from their gdm display manager for their upcoming release of gnome 49. It turned out it was more difficult than they thought. Now they are backpedaling, and putting everything back in. Just pure waste of time and resources.
 
MrBSD said:
Gnome foundation tried, and failed miserably. They wanted to completely remove xorg from their gdm display manager for their upcoming release of gnome 49. It turned out it was more difficult than they thought. Now they are backpedaling, and putting everything back in. Just pure waste of time and resources.
Click to expand...
Actually, the gnome developers is why I run KDE. Because "the ability to flip every switch and dial, with a reasonable set of defaults" is far better than having the developers saying "this is the way we make it, you will use it this way, and you will like it."
 
You must log in or register to reply here.
Back
Top