Re: Please check my sudo bash script

On 9/3/25 04:00, Tom Browder wrote: On Tue, Sep 2, 2025 at 07:40 Tom Browder wrote: On Tue, Sep 2, 2025 at 12:30 AM David Christensen wrote ... David, I finished following your 'recipe' a few minutes ago, with mods for my system. I just rebooted and see all three new drives where I expecte

Re: Please check my sudo bash script

On Tue, Sep 2, 2025 at 07:40 Tom Browder wrote: > On Tue, Sep 2, 2025 at 12:30 AM David Christensen > wrote ... David, I finished following your 'recipe' a few minutes ago, with mods for my system. I just rebooted and see all three new drives where I expected them to be! Thanks again, David.

Re: Please check my sudo bash script)OT:

On Sun Aug 31, 2025 at 5:14 PM BST, john doe wrote: Provisioning a server is an other thing. You realy want to look at preseeding, Ansible, Opentoffu and Puppet or alike.alternative. Those are overkill, IMHO, until you are managing a set of servers larger than 2 or 3. -- Please do not CC me

Re: Please check my sudo bash script

On 9/2/25 05:40, Tom Browder wrote: On Tue, Sep 2, 2025 at 12:30 AM David Christensen wrote: ... David, thanks so much. I do appreciate this message in particular which is the "looking over my shoulder" guidance I was looking for before I proceed to the next step. Blessings! -Tom YW. I am

Re: Please check my sudo bash script

On 9/1/25 15:36, Tom Browder wrote: On Mon, Sep 1, 2025 at 13:19 Tom Browder wrote: ... That info above is old. Since then I've used gparted. Output from "lsblk": NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:00 3.6T 0 disk `-sda1 8:10 3.6T 0 part sdb 8:16 0

Re: Please check my sudo bash script

On 2025-08-31, Tom Browder wrote: > > Does this bash fragment look safe for using bash vars for the first disk: > > SDX=sda > sudo parted /dev/${SDX} mklabel gpt > sudo parted -a opt /dev/${SDX} mkpart primary ext4=0% 100% > sudo mkfs.ext4 /dev/${SDX} The mkfs step must targ

Re: Please check my sudo bash script

using bash vars for the first disk: SDX=sda sudo parted /dev/${SDX} mklabel gpt sudo parted -a opt /dev/${SDX} mkpart primary ext4=0% 100% sudo mkfs.ext4 /dev/${SDX} Thanks. -Tom It is all too easy to make a mistake while working on disks, partitions, file systems, etc.. Either use another co

Re: Please check my sudo bash script

On Tue, Sep 2, 2025 at 8:05 AM Andrew M.A. Cater wrote: ... > Hi Tom, > > Do you have a copy of debian-handbook? If not, apt install it. I completely forgot about that. Thanks so much, Andrew! -Tom

Re: Please check my sudo bash script

On Tue, Sep 2, 2025 at 12:30 AM David Christensen wrote: ... David, thanks so much. I do appreciate this message in particular which is the "looking over my shoulder" guidance I was looking for before I proceed to the next step. Blessings! -Tom

Re: Please check my sudo bash script

On Mon, Sep 01, 2025 at 08:48:03PM -0700, David Christensen wrote: > On 9/1/25 04:47, Tom Browder wrote: > > > > Thanks to all who have answered. > > Hi Tom, You do have a copy of debian-handbook? If not, apt install it. Written by Raphael Hertzog and Roland Mas - my hardback is somewhere else

Re: Please check my sudo bash script

On 9/1/25 04:47, Tom Browder wrote: On Sun, Aug 31, 2025 at 09:55 Tom Browder wrote: I just added three new SSD and want to prep them for use. Thanks to all who have answered. I used to own a copy of the Unix server guide when I was working (using Sun OS and Irix). For home use I bought (a

Re: Please check my sudo bash script

On Mon, Sep 1, 2025 at 13:19 Tom Browder wrote: ... > > That info above is old. Since then I've used gparted. > > Output from "lsblk": > > NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT > sda 8:00 3.6T 0 disk > `-sda1 8:10 3.6T 0 part > sdb 8:16 0 465.8G 0 disk > |-sdb1

Re: Please check my sudo bash script

On Mon, Sep 1, 2025 at 11:42 AM Greg wrote: > > On 2025-08-31, Tom Browder wrote: ... > > SDX=sda > > sudo parted /dev/${SDX} mklabel gpt > > sudo parted -a opt /dev/${SDX} mkpart primary ext4=0% 100% > > sudo mkfs.ext4 /dev/${SDX} That info above is old. Since t

Re: Please check my sudo bash script)OT:

Tom Browder wrote: > On Sun, Aug 31, 2025 at 10:46 alain williams wrote: >> On Sun, Aug 31, 2025 at 05:37:27PM +0200, john doe wrote: >> > On 8/31/25 4:55 PM, Tom Browder wrote: >> > > I just added three new SSD and want to prep them for use. >> > > >> > > I plan to use a script to do that increme

Re: Please check my sudo bash script

On Mon, Sep 1, 2025 at 06:56 Tom Browder wrote: > On Mon, Sep 1, 2025 at 06:47 Tom Browder wrote: > I just fired up gparted and all became clear! I haven't used it in several > years and > completely forgot about it. Well, one more question: how to add the new disks so they auto mount? First,

Re: Please check my sudo bash script

On Mon, Sep 1, 2025 at 06:47 Tom Browder wrote: I just fired up gparted and all became clear! I haven't used it in several years and completely forgot about it. Thank you my fellow Debianites! -Tom

Re: Please check my sudo bash script

On Sun, Aug 31, 2025 at 09:55 Tom Browder wrote: > I just added three new SSD and want to prep them for use. Thanks to all who have answered. I used to own a copy of the Unix server guide when I was working (using Sun OS and Irix). For home use I bought (and still have) the "Ubuntu Server Guid

Re: Please check my sudo bash script

# <= new disk sdd > > Does this bash fragment look safe for using bash vars for the first disk: > > SDX=sda > sudo parted /dev/${SDX} mklabel gpt > sudo parted -a opt /dev/${SDX} mkpart primary ext4=0% 100% > sudo mkfs.ext4 /dev/${SDX} Hi, If you are in

Re: Please check my sudo bash script

On Sun, Aug 31, 2025 at 7:56 AM Tom Browder wrote: > Does this bash fragment look safe for using bash vars for the first disk: > SDX=sda > sudo parted /dev/${SDX} mklabel gpt > sudo parted -a opt /dev/${SDX} mkpart primary ext4=0% 100% > sudo mkfs.ext4 /dev/${SDX} Nope. S

Re: Please check my sudo bash script

# <= new disk sdd > > Does this bash fragment look safe for using bash vars for the first disk: > > SDX=sda > sudo parted /dev/${SDX} mklabel gpt > sudo parted -a opt /dev/${SDX} mkpart primary ext4=0% 100% > sudo mkfs.ext4 /dev/${SDX You should probably prov

Re: Please check my sudo bash script)OT:

On 8/31/25 6:00 PM, Tom Browder wrote: On Sun, Aug 31, 2025 at 10:46 alain williams wrote: On Sun, Aug 31, 2025 at 05:37:27PM +0200, john doe wrote: On 8/31/25 4:55 PM, Tom Browder wrote: I just added three new SSD and want to prep them for use. I plan to use a script to do that incremental

Re: Please check my sudo bash script

On Sun, Aug 31, 2025 at 10:28 Charles Curley < charlescur...@charlescurley.com> wrote: … > Two style notes: … > Thanks, Charles! -Tom

Re: Please check my sudo bash script)OT:

On Sun, Aug 31, 2025 at 10:46 alain williams wrote: > On Sun, Aug 31, 2025 at 05:37:27PM +0200, john doe wrote: > > On 8/31/25 4:55 PM, Tom Browder wrote: > > > I just added three new SSD and want to prep them for use. > > > > > > I plan to use a script to do that incrementally. Given the disks s

Re: Please check my sudo bash script)OT:

On Sun, Aug 31, 2025 at 05:37:27PM +0200, john doe wrote: > On 8/31/25 4:55 PM, Tom Browder wrote: > > I just added three new SSD and want to prep them for use. > > > > I plan to use a script to do that incrementally. Given the disks show > > the following when running "lsblk -o ..." ('# ' added)

Re: Please check my sudo bash script)OT:

On 8/31/25 4:55 PM, Tom Browder wrote: I just added three new SSD and want to prep them for use. I plan to use a script to do that incrementally. Given the disks show the following when running "lsblk -o ..." ('# ' added): This is not our job to do your work, you also need to do it yourself.

Re: Please check my sudo bash script

On Sun, 31 Aug 2025 09:55:04 -0500 Tom Browder wrote: > SDX=sda > sudo parted /dev/${SDX} mklabel gpt > sudo parted -a opt /dev/${SDX} mkpart primary ext4=0% 100% > sudo mkfs.ext4 /dev/${SDX} Two style notes: * I would put quotes around any variable, in this case $(SDX}. * I wou

Please check my sudo bash script

k sda # sdb465.8G # |-sdb1 512M vfat /boot/efi # |-sdb2 464.3G ext4 / # `-sdb3 976M swap [SWAP] # sdc931.5G # <= new disk sdc # sdd931.5G # <= new disk sdd Does this bash fragment look safe for using bash vars for the first disk: S

Re: Please, don't let sudo be auto-removable

On Thursday 31 July 2025 02:17:03 pm Nicolas George wrote: > Debian should embed an AI in apt to detect when users are about to make > a mistake and prevent them from doing it. > No! There is so much badly-implemented crap out there under the heading of AI that I for one want absolutely nothing

Re: Please, don't let sudo be auto-removable

David Wright wrote: > On Thu 31 Jul 2025 at 19:07:30 (+), Andy Smith wrote: >> We have learned in this thread that sudo does already have a check in its >> prerm that prevents its removal if the system has a root account with no >> password or if root is a locked acc

Re: Please, don't let sudo be auto-removable

David Wright wrote: > On Thu 31 Jul 2025 at 19:07:30 (+), Andy Smith wrote: > > On Thu, Jul 31, 2025 at 08:01:56PM +0200, Jan Claeys wrote: > > > > We have learned in this thread that sudo does already have a check in its > > prerm that prevents its removal if th

Re: Please, don't let sudo be auto-removable

On Thu 31 Jul 2025 at 19:07:30 (+), Andy Smith wrote: > On Thu, Jul 31, 2025 at 08:01:56PM +0200, Jan Claeys wrote: > > On Wed, 2025-07-30 at 19:55 +0100, Darac Marjal wrote: > > > There's an argument that sudo should refuse to uninstall itself (e.g. > > > in

Re: Please, don't let sudo be auto-removable

On 01/08/2025 02:07, Andy Smith wrote: On Thu, Jul 31, 2025 at 08:01:56PM +0200, Jan Claeys wrote: On Wed, 2025-07-30 at 19:55 +0100, Darac Marjal wrote: There's an argument that sudo should refuse to uninstall itself (e.g. in a prerm script) if the root user doesn't have a passw

Re: Please, don't let sudo be auto-removable

Hi, On Thu, Jul 31, 2025 at 08:01:56PM +0200, Jan Claeys wrote: > On Wed, 2025-07-30 at 19:55 +0100, Darac Marjal wrote: > > There's an argument that sudo should refuse to uninstall itself (e.g. > > in a prerm script) if the root user doesn't have a password at all. >

Re: Please, don't let sudo be auto-removable

Jan Claeys (HE12025-07-31): > There are many other tools that allow you to run things as root under > certain conditions (doas, pkexec, runc, ssh, etc.). There is no way > sudo's prerm script can check all possible ways (which would also > include being able to "understand" all possible configurat

Re: Please, don't let sudo be auto-removable

On Wed, 2025-07-30 at 19:55 +0100, Darac Marjal wrote: > There's an argument that sudo should refuse to uninstall itself (e.g. > in a prerm script) if the root user doesn't have a password at all. > That would be a neat trick. There are many other tools that allow you to run t

Re: Please, don't let sudo be auto-removable

I read the first few replies on this thread and (a common feeling reading Debian User) felt utter despair. Until I got to your messages, at least. Thank you for writing constructive, thoughtful advice. -- Please do not CC me for listmail. Jonathan Dowland j...@debian.org https://jmtd.net

Re: Please, don't let sudo be auto-removable

Greg Wooledge (HE12025-07-31): > If you look at > more closely, you'll see that they are not sorted alphabetically. Indeed, but it is not what José saw when removing the package, it is what he saw later to find out what happened. The con

Re: Please, don't let sudo be auto-removable

On Thu, Jul 31, 2025 at 11:16:38 +0200, Nicolas George wrote: > Lee (HE12025-07-30): > > It would be helpful if autoremove SORTED the list of packages to be > > removed so that other, important packages, wouldn't be hidden among > > all the python3-whatever packages. > > Oh, yes, excellent idea, l

Re: Please, don't let sudo be auto-removable

Lee (HE12025-07-30): > It would be helpful if autoremove SORTED the list of packages to be > removed so that other, important packages, wouldn't be hidden among > all the python3-whatever packages. Oh, yes, excellent idea, let it use an unpredictable order rather than that boring alphabetical orde

Re: Please, don't let sudo be auto-removable

Stefan writes: > Thinking of scenarios how `sudo` could end up marked as > automatically-installed... 26 packages recommend sudo: Recommends: apt-dater-host |Recommends: inxi Recommends: dkms Recommends: winetricks Recommends: v4l2loopback-utils Recommends: task-desktop Reco

Re: Please, don't let sudo be auto-removable

d64 (4.1.1-2), python3-markupsafe:amd64 > > (2.1.2-1+b1), python3-jwt:amd64 (2.6.0-1), eatmydata:amd64 (130-2), > > python3-yaml:amd64 (6.0-3+b2), sudo:amd64 (1.9.13p3-1+deb12u1), > > python3-rfc3987:amd64 (1.3.8-2), python3-pyrsistent:amd64 (0.18.1-1+b3), > > python3-zipp:amd6

Re: Please, don't let sudo be auto-removable

Hi, On Thu, Jul 31, 2025 at 08:42:07AM +0700, Max Nikulin wrote: > Removing sudo (1.9.13p3-1+deb12u1) ... > You have asked that the sudo package be removed, > but no root password has been set. > Without sudo, you may not be able to gain administrative privileges. Hah, so

Re: Please, don't let sudo be auto-removable

On 31/07/2025 02:41, Andy Smith wrote: On Wed, Jul 30, 2025 at 07:55:12PM +0100, Darac Marjal wrote: There's an argument that sudo should refuse to uninstall itself (e.g. in a prerm script) if the root user doesn't have a password at all. That would be a neat trick. That's

Re: Please, don't let sudo be auto-removable

On Wed, Jul 30, 2025 at 11:34 AM Andy Smith wrote: > Although, I think if they wanted to make sudo "essential" they would > need to co-ordinate that with other Debian Developers. There is also the "Protected" field. It acts like "Essential" when try

Re: Please, don't let sudo be auto-removable

On Wed, Jul 30, 2025 at 9:32 PM Stefan Monnier wrote: > > >> If you need sudo, why not just apt-mark manual it? > > Does anyone know if the installer does this if the administrator doesn't set > > a root password? > > I believe so, but I don't know for

Re: Please, don't let sudo be auto-removable

Hi, On Wed, Jul 30, 2025 at 07:55:12PM +0100, Darac Marjal wrote: > There's an argument that sudo should refuse to uninstall itself (e.g. in a > prerm script) if the root user doesn't have a password at all. That would be > a neat trick. That's an interesting idea. sudo p

Re: Please, don't let sudo be auto-removable

n is the idea of configuration management. You express desired system state and the configuration management tool puts the system into that state. "I want sudo installed" wuld be part of that state. Examples of popular configuration management tools that support Debian are Ansible, Chef and Puppet. Ot

Re: Please, don't let sudo be auto-removable

>> If you need sudo, why not just apt-mark manual it? > Does anyone know if the installer does this if the administrator doesn't set > a root password? I believe so, but I don't know for sure, no. > There's an argument that sudo should refuse to uninstall itself (e.

Re: Please, don't let sudo be auto-removable

On 30/07/2025 18:36, William Edwards wrote: If you need sudo, why not just apt-mark manual it? Does anyone know if the installer does this if the administrator doesn't set a root password? There's an argument that sudo should refuse to uninstall itself (e.g. in a prerm script) i

Re: Please, don't let sudo be auto-removable

José Esteban wrote: > Is it realistic to hope you to remember such many little things like this > each time you setup some system ? How many headless systems usually work > without sudo ? People who install many headless (or any other kind) of system should use an automated manageme

Re: Please, don't let sudo be auto-removable

> Is it realistic to hope you to remember such many little things like this > each time you setup some system ? How many headless systems usually work > without sudo ? Debian tries to be flexible, so it tries not to impose any particular set of packages. It has its pros and cons, inev

Re: Please, don't let sudo be auto-removable

Andy Smith (HE12025-07-30): > I am surprised that a package maintainer has told you to report anything > to debian-user. Are you sure about that? It might be something like “I don't have time for that kind of nonsense, please ask on debian-user@lists.debian.org”. Regards, -- Nicolas George

Re: Please, don't let sudo be auto-removable

José Esteban (HE12025-07-30): > Is it realistic to hope you to remember such many little things like this > each time you setup some system ? You did not take notes? Your bad. > How many headless systems usually work > without sudo ? Many. > I&#

Re: Please, don't let sudo be auto-removable

Hello. Is it realistic to hope you to remember such many little things like this each time you setup some system ? How many headless systems usually work without sudo ? I'm worked a whole life making software and I've always acted to ease my users' life... but may be just m

Re: Please, don't let sudo be auto-removable

On Wed, Jul 30, 2025 at 05:56:23PM +, Andy Smith wrote: > The general solution to this is > > 1. express your dependencies > > 2. use dangerous commands carefully and the general advice to me is to proof read emails better Thanks, Andy

Re: Please, don't let sudo be auto-removable

Hi José, On Wed, Jul 30, 2025 at 06:48:45PM +0200, José Esteban wrote: > I'I've written to sudo package maintainer, but he suggests me to > report that here and so I do. I am surprised that a package maintainer has told you to report anything to debian-user. Are you sure about t

Re: Please, don't let sudo be auto-removable

(1.9.13p3-1+deb12u1), python3- rfc3987:amd64 (1.3.8-2), python3-pyrsistent:amd64 (0.18.1-1+b3), python3-zipp:amd64 (1.0.0-6) End-Date: 2025-07-30  08:30:24 ... sudo gets inadvertently removed within a lot of python3 packages !!! apt-mark manual sudo -- Too cool to calypso, Too tough to tango, Too

Re: Please, don't let sudo be auto-removable

If you need sudo, why not just apt-mark manual it? William David Edwards > Op 30 jul 2025 om 19:30 heeft José Esteban het volgende > geschreven: > > I'I've written to sudo package maintainer, but he suggests me to > report that here and so I do. This is in my

Please, don't let sudo be auto-removable

I'I've written to sudo package maintainer, but he suggests me to report that here and so I do. This is in my /var/log/apt/history.log: Start-Date: 2025-07-30 08:29:54 Commandline: apt-get purge cloud-guest-utils Requested-By: chafar (1000) Purge: cloud-guest-utils:amd64 (0.33-1) End-

Re: sudo-rs (Was Re: Bugs?)

It's rust, not a Golang, mate. Yeah everything would be rust :) On July 10, 2025 4:12:46 PM UTC, to...@tuxteam.de wrote: >On Thu, Jul 10, 2025 at 03:48:52PM +, Andy Smith wrote: >> Hi, > >[...] > >> As an aside, sudo-rs is packaged as of Debian 13 (trixie, curren

Re: sudo-rs (Was Re: Bugs?)

As the name said, 'rs' stands for Rust, not Go, mate. On Thu, Jul 10, 2025 at 06:12:46PM +0200, to...@tuxteam.de wrote: > On Thu, Jul 10, 2025 at 03:48:52PM +, Andy Smith wrote: > > Hi, > > [...] > > > As an aside, sudo-rs is packaged as of Debian 13 (trixi

Re: sudo-rs (Was Re: Bugs?)

On Thu, Jul 10, 2025 at 03:48:52PM +, Andy Smith wrote: > Hi, [...] > As an aside, sudo-rs is packaged as of Debian 13 (trixie, currently > testing) and I've been using it for a week now without complaints. sudo > fans might like to give it a go. Now, now. Is it Rust -- or

sudo-rs (Was Re: Bugs?)

Hi, I concur with others that it sounds like you simply don't have sudo installed. As an aside, sudo-rs is packaged as of Debian 13 (trixie, currently testing) and I've been using it for a week now without complaints. sudo fans might like to give it a go. It replicates the functio

Re: more problems with su and sudo

On 2025-07-01, Titus Newswanger wrote: > I've had that problem once or twice where a newly created password would > not work. I've always suspected typos or undefined caps-lock state. I've had the problem. I have a en_US.UTF-8 locale and a French keyboard. Once, moons ago, when doing an alt-F1

Re: more problems with su and sudo

On 7/1/25 04:25, Greg Wooledge wrote: On Mon, Jun 30, 2025 at 21:36:14 -0700, David Christensen wrote: The next time you log in, sudo(8) should work: $ sudo pia-linux-3.6.1-08339.run Even if sudo works, that command won't. It would need to be something like: sudo chmod +x pia-

Re: more problems with su and sudo

On Mon, Jun 30, 2025 at 21:36:14 -0700, David Christensen wrote: > The next time you log in, sudo(8) should work: > > $ sudo pia-linux-3.6.1-08339.run Even if sudo works, that command won't. It would need to be something like: sudo chmod +x pia-linux-3.6.1-08339.run su

Re: more problems with su and sudo

to get me into the root area. When I went to the terminal I first followed the directions which stated sudo.  I put in my new password and with no way to check it I hit enter.  Three times I did this and was very careful to put it in correctly.  It would not take it and kept saying not

Re: more problems with su and sudo

On 6/30/25 21:55, Titus Newswanger wrote: The time I accidentally locked myself out of sudo, I mounted the locked hdd on another linux pc and edited the shadow file, copying the hash for sudo with the known password to the drive with the unknown password. I would not recommend trying that

Re: more problems with su and sudo

instructions to get me into the root area. Sorry, I have no experience with VPN. When I went to the terminal I first followed the directions which stated sudo.  I put in my new password and with no way to check it I hit enter.  Three times I did this and was very careful to put it in correctly.  It

more problems with su and sudo

went to the terminal I first followed the directions which stated sudo.  I put in my new password and with no way to check it I hit enter.  Three times I did this and was very careful to put it in correctly.  It would not take it and kept saying not accepted. So today I tried it again with just su

Re: Debian 12.9 and use of sudo for regular accounts

On 2025-02-21, Jonathan Dowland wrote: > On Fri Feb 21, 2025 at 2:36 PM GMT, Greg wrote: >> If you had to pick a man page to be inscrutable, this wouldn't be the >> one. > > I mean, for me, it is: don't tell me worse ones. I don't think I want to > see them… > It is? How odd. I've never used it

Re: Debian 12.9 and use of sudo for regular accounts

On 22/2/25 06:49, Tom Dial wrote: On 2/20/25 22:17, jeremy ardley wrote: On 21/2/25 09:40, Tom Dial wrote: The TL;DR here is that for maintaining personal workstations and servers it makes more sense to log in as root, do the work as required, then log out. Or there is "sudo -i"

Re: Debian 12.9 and use of sudo for regular accounts

On 2/20/25 22:17, jeremy ardley wrote: On 21/2/25 09:40, Tom Dial wrote: The TL;DR here is that for maintaining personal workstations and servers it makes more sense to log in as root, do the work as required, then log out. Or there is "sudo -i" to get an interactive root shell

Re: Debian 12.9 and use of sudo for regular accounts

On Fri Feb 21, 2025 at 2:36 PM GMT, Greg wrote: If you had to pick a man page to be inscrutable, this wouldn't be the one. I mean, for me, it is: don't tell me worse ones. I don't think I want to see them… -- Please do not CC me for listmail. 👱🏻 Jonathan Dowland ✎j...@debian.o

Re: Debian 12.9 and use of sudo for regular accounts

On Fri, Feb 21, 2025 at 9:37 AM Greg wrote: > > On 2025-02-21, wrote: > > > >> > The straight, but blunt, answer here, I think, is to read the man pages > >> > for sudo and sudoers > > >> In principle I agree with this advice but the sudoers m

Re: Debian 12.9 and use of sudo for regular accounts

On 2025-02-21, wrote: > >> > The straight, but blunt, answer here, I think, is to read the man pages >> > for sudo and sudoers >> In principle I agree with this advice but the sudoers manpage is >> notoriously, famously inscrutable. > > Start with the E

ssh root login (was: Debian 12.9 and use of sudo for regular accounts)

etwork to localhost and different port. With key login and forwarding it is a bit more convenient than sudo, e.g. rsync setups are easier to have in batch mode. YMMV There are still ways to improve security based upon this idea, e.g. usage of different keys and/or tunneling the login with user ssh to root

Re: Debian 12.9 and use of sudo for regular accounts

On Fri, Feb 21, 2025 at 09:12:49AM +, Jonathan Dowland wrote: > On Fri Feb 21, 2025 at 1:40 AM GMT, Tom Dial wrote: > > The straight, but blunt, answer here, I think, is to read the man pages > > for sudo and sudoers > > In principle I agree with this advice but t

Re: Debian 12.9 and use of sudo for regular accounts

On Fri Feb 21, 2025 at 1:40 AM GMT, Tom Dial wrote: The straight, but blunt, answer here, I think, is to read the man pages for sudo and sudoers In principle I agree with this advice but the sudoers manpage is notoriously, famously inscrutable. -- Please do not CC me for listmail. 👱🏻

Re: Debian 12.9 and use of sudo for regular accounts

On 21/2/25 09:40, Tom Dial wrote: The TL;DR here is that for maintaining personal workstations and servers it makes more sense to log in as root, do the work as required, then log out. Or there is "sudo -i" to get an interactive root shell and avoid prepending every command

Re: Debian 12.9 and use of sudo for regular accounts

On 21/2/25 09:40, Tom Dial wrote: The TL;DR here is that for maintaining personal workstations and servers it makes more sense to log in as root, do the work as required, then log out. Or there is "sudo -i" to get an interactive root shell and avoid prepending every command

Re: Debian 12.9 and use of sudo for regular accounts

On Thu, Feb 20, 2025 at 5:46 PM Nicolas George wrote: > Jeffrey Walton (HE12025-02-20): > >and members of sudo can run any command. > > Is it because of this last line: > > > rootALL=(ALL:ALL) ALL > > > > sudoALL=(ALL:ALL) ALL > # U

Re: Debian 12.9 and use of sudo for regular accounts

On Thu, Feb 20, 2025 at 6:42 PM Jeffrey Walton wrote: > > Hi Everyone, > > I have a fresh Debian 12.9 install. My user account is part of sudo > group, and members of sudo can run any command. No... the "sudo" user can run any command: > sudo ALL=(ALL:ALL) ALL

Re: Debian 12.9 and use of sudo for regular accounts

The straight, but blunt, answer here, I think, is to read the man pages for sudo and sudoers (i.e., the /etc/suduoers file that does access control for the sudo command. The command is very flexible and can be tuned to allow specified sudoers to use elevated privilege only to execute specific

Re: Debian 12.9 and use of sudo for regular accounts

Jeffrey Walton writes: > Hi Everyone, > > I have a fresh Debian 12.9 install. My user account is part of sudo > group, and members of sudo can run any command. However, I get an > error when trying to use sudo: > > $ sudo ls > [sudo] password for jwalton: >

Re: Debian 12.9 and use of sudo for regular accounts

On Thu, Feb 20, 2025 at 5:46 PM Nicolas George wrote: > > Jeffrey Walton (HE12025-02-20): > >and members of sudo can run any command. > > Is it because of this last line: > > > rootALL=(ALL:ALL) ALL > > > > sudoALL=(ALL:ALL) ALL

Re: Debian 12.9 and use of sudo for regular accounts

Jeffrey Walton (HE12025-02-20): >and members of sudo can run any command. Is it because of this last line: > rootALL=(ALL:ALL) ALL > > sudoALL=(ALL:ALL) ALL ? But does it mean the previous one gives sudo privileges to all members of the root group? Or is

Re: Debian 12.9 and use of sudo for regular accounts

On 21.02.2025 03:29, Jeffrey Walton wrote: ... sudoALL=(ALL:ALL) ALL I've rebooted the machine twice. I know the failure is not due to stale login information. Does anyone know why I cannot use sudo in this case? Jeff Your line misses % for some reason. sudo in your case i

Debian 12.9 and use of sudo for regular accounts

Hi Everyone, I have a fresh Debian 12.9 install. My user account is part of sudo group, and members of sudo can run any command. However, I get an error when trying to use sudo: $ sudo ls [sudo] password for jwalton: jwalton is not in the sudoers file. $ groups jwalton cdrom

Re: Root, sudo and installing packages [WAS Re: user is not in the suder's file]

On Wed, Feb 5, 2025 at 8:57 PM K0LNY ?? wrote: > Hi Andrew, > Using other distros, like Ubuntu and Raspbian, I would get tired of typing > sudo in front of everything, so I would just do sudo su and become root > for > everything, You do not need to do sudo su, you can just ty

Re: Root, sudo and installing packages [WAS Re: user is not in the suder's file]

K0LNY ?? wrote: > Hi Andrew, > Using other distros, like Ubuntu and Raspbian, I would get tired of typing > sudo in front of everything, so I would just do sudo su and become root for > everything, so I wouldn't have to constantly be reminded that as a regular > user, I can

Re: Root, sudo and installing packages [WAS Re: user is not in the suder's file]

even more. Nowadays systemd and tools like NetworkManager and udisks2 give local users reasonable privileges, so system administrator role should not be used annoyingly often. I suspect either wrong expectations or wrong ownership of files in the home directory due to unnecessary usage of sudo

Re: Root, sudo and installing packages [WAS Re: user is not in the suder's file]

; > installing things as root? > > I know that there are issues if some packages are installed with root > > privileges on other systems. > > Thanks. > > I'm not quite sure I understand what you mean here. Root can do most things: > sudo is effectively allowing an

Re: Root, sudo and installing packages [WAS Re: user is not in the suder's file]

On Wed, Feb 05, 2025 at 01:38:17PM -0600, K0LNY ?? wrote: > Hi Andrew, > Using other distros, like Ubuntu and Raspbian, I would get tired of typing > sudo in front of everything, so I would just do sudo su and become root for > everything, so I wouldn't have to constantly be r

Re: Root, sudo and installing packages [WAS Re: user is not in the suder's file]

K0LNY ?? wrote: > Using other distros, like Ubuntu and Raspbian, I would get tired of typing > sudo in front of everything, so I would just do sudo su and become root for > everything, so I wouldn't have to constantly be reminded that as a regular > user, I can't do som

Re: Root, sudo and installing packages [WAS Re: user is not in the suder's file]

Hi Andrew, Using other distros, like Ubuntu and Raspbian, I would get tired of typing sudo in front of everything, so I would just do sudo su and become root for everything, so I wouldn't have to constantly be reminded that as a regular user, I can't do something, and I had been

Root, sudo and installing packages [WAS Re: user is not in the suder's file]

sues if some packages are installed with root > privileges on other systems. > Thanks. > > Glenn Hi Glenn, I'm not quite sure I understand what you mean here. Root can do most things: sudo is effectively allowing an unprivileged user to "become" root for a few commands (and

Re: synaptic workalike that WILL run on sudo with wayland.

Stefan Monnier writes: > Sometimes I used cloned another system, and other times I used > Debootstrap running from one of the "images" provided by the board maker > (all those images suck, IMO: they're never designed with updates in mind). Indeed, thanks. Previously I've dismissed these patched

Re: synaptic workalike that WILL run on sudo with wayland.

>> I've never used Debian's installer on those boards, and don't even know >> if Debian officially "supports" them. > So how do you install Debian on those ARM boards? Put some image on > whatever storage they have? Sometimes I used cloned another system, and other times I used Debootstrap running

Re: synaptic workalike that WILL run on sudo with wayland.

Stefan Monnier writes: > I've never used Debian's installer on those boards, and don't even know > if Debian officially "supports" them. So how do you install Debian on those ARM boards? Put some image on whatever storage they have? In fact, that's what I've done with my Raspberry Pi Computer Mo

  1   2   3   4   5   6   7   8   9   10   >