Kent West wrote:
> The original claim was that sudo provides no benefit on a single-user
> machine.
Correct.
> We both seem to agree that sudo provides logging.
Correct.
> You claim that you don't need logging on a single-user machine, because
> you know what you (the single-user admin) did when, whereas I claim that
> I find it useful to have a record of what I've done when.
While that record may be useful as I have pointed out it is not the only
way that logging of what you've done can be achieved. One doesn't need sudo
to log when one installs things. aptitude, which amazingly as the de facto
standard for Debian currently, logs information so your provided example is
moot. While I'm sure you can contrive other examples the idea of logging
commands as an incidental reminder of other things is hardly a top priority
when people are installing sudo and thus I don't think exactly falls under a
benefit of sudo. Generally speaking when people want to have a reminder of
something they might get better utility of a pen and a pad of post-its than sudo.
> So, are you saying the logging provided by sudo on a single-user machine
> is or is not a benefit?
I'm saying that it is irrelevant on a single-user machine as pretty much
any reason that one would want logging does not apply to a single user machine
and any contrived examples are incidental and generally applicable to a dozen
or three other applications in both the incidental sense or in the specific
sense. IE, want a reminder on the computer, get a PIM application. Etc.
The benefit of sudo logging is so when multiple people are engaged in root
level operations and something gets toasted an individual other than the one
who toasted that something has a snowball's chance in hell of being able to
repair it by first reviewing the logs to:
A: see what was done and.
B: who did it so they can thwack said person's knuckles with a ruler before
C: undoing said damage.
So while *you* find it useful to your memory that on the day you installed
X with using sudo and grepping the logs to find X so you know when Y happened
that is not a benefit of sudo as one can do it by a dozen or three different
means on or off the computer. sudo logging for an audit trail in a multi-user
root level environment, on the other hand, is a fairly unique property to sudo
and is a benefit... just not one to a single-user environment.
> Okay, I can see that you don't find benefit in using sudo. I still
> disagree with the global claim (which is what this entire thread has
> been about) that there is "*NO* benefit" to using sudo on a single-user
> machine.
Would you then agree that the supposed benefits of sudo in a single-user
environment are far outweighed by the troubles of trying to wrangle people
into using it instead of just teaching them good habits (regardless of tools)
and getting them working.
I mean think about the irony here. This thread started because someone
wanted to install some software. Someone else told them how to do it with
root. Someone else came along and told 'em they really should use sudo. If
they don't have sudo (which Debian doesn't install by default AFAIK) then what
do they have to do? Oh, install software as root... which is the very thing
they wanted to do in the first place and told was bad!
I just don't like seeing that 3-4 message exchange every time some newbie
wants to install software. It has to be frustrating for them. Something
tells me when they're looking to install software the fact that sudo can log
that command doesn't even enter their mind as a desirable trait. :P
--
Steve C. Lamb | I'm your priest, I'm your shrink, I'm your
PGP Key: 8B6E99C5 | main connection to the switchboard of souls.
-------------------------------+---------------------------------------------
Attachment:
signature.asc
Description: OpenPGP digital signature