On Sunday 30 August 2015 04:47:10 Reco wrote: > Hi. > > On Sat, 29 Aug 2015 20:30:58 -0400 > > Gene Heskett <ghesk...@wdtv.com> wrote: > > On Saturday 29 August 2015 10:39:07 Reco wrote: > > > Hi. > > > > > > On Sat, 29 Aug 2015 09:49:55 -0400 > > > > > > Gene Heskett <ghesk...@wdtv.com> wrote: > > > > > > If su goes away, IMNSHO, it will be such a PITA that it will > > > > > > encourage far more people to just give up and run their > > > > > > machines as root full time. And I don't believe for a > > > > > > millisecond that is the effect intended. > > > > > > > > > > They provide some systemd-specific kludge instead of su. So > > > > > it's not that bad. > > > > > > > > I don't recall recognizing that being discussed yet. > > > > > > Please read the bugreport. It's all there. > > > > > > https://github.com/systemd/systemd/issues/825 > > > > > > > > And, given the current systemd adoption rate in Debian, I'd > > > > > say that we, stable users, have 3-4 years before that > > > > > "machinectl login" thing will be available to us. > > > > > > > > > > > So, if su goes away, how do I accomplish those tasks in a > > > > > > suitable manner that will not bore a hole in the user > > > > > > sandbox? > > > > > > > > > > If it comes to this (i.e 'su' will go away) - I just use > > > > > busybox (which has perfectly working implementation of su > > > > > without the fancy bits). I.e. > > > > > > > > > > busybox su - > > > > > > > > Command not found. Wheezy 32 bit install. > > > > > > Obviously for this command to work it's required to install > > > busybox. I'd recommend busybox-static package. > > > > > > Reco > > > > Installed it, suid problems: > > > > gene@coyote:~$ busybox su amanda > > su: must be suid to work properly > > gene@coyote:~$ busybox su - > > su: must be suid to work properly > > > > Is it still finding the system su first? > > No. The 'problem' is exactly what it tolds. Meaning: > > 1) "Original" su is suid root-owned binary: > > $ ls -la /bin/su > -rwsr-xr-x 1 root root 40168 Nov 21 2014 /bin/su > > 2) Busybox, on the other hand - is not: > > $ ls -la /bin/busybox > -rwxr-xr-x 1 root root 1837008 Feb 19 2015 /bin/busybox > > > So, *root*-invoked "busybox su" should behave exactly like original > "su". Everyone other than root are told to get lost. > > Note that: > > 1) Setting suid bit on busybox is *extremely* bad idea. Don't do it > ever do it (as busybox provides *much* more than su). > > 2) Your way of using su you've described should not be affected by > this little inconvinience as you become root first, and do su second. > > Reco
So to me, nothing changes. Thats good IMO. Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene>