Re: sudo vs. su (was Re: new to list, new to debian, new to linux)

To: debian-user@lists.debian.org
Subject: Re: sudo vs. su (was Re: new to list, new to debian, new to linux)
From: "Douglas A. Tutty" <dtutty@vianet.ca>
Date: Fri, 22 May 2009 19:09:17 -0400
Message-id: <[🔎] 20090522230917.GA7909@blitz.hooton>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 956c96920905221550ib634189l3d71fb1d457a4874@mail.gmail.com>
References: <[🔎] 956c96920905220103o117edbacgb423e9eb8dc2edcf@mail.gmail.com> <[🔎] 002701c9dac6$2f013d80$8d03b880$@net> <[🔎] pan.2009.05.22.13.56.17.151688@gmail.com> <[🔎] 20090522183807.GA16565@markshroyer.com> <[🔎] 78582fa40905221202r3efedabege566a47c61144df7@mail.gmail.com> <[🔎] 00c801c9db11$d4f43170$7edc9450$@net> <[🔎] 956c96920905221550ib634189l3d71fb1d457a4874@mail.gmail.com>

On Fri, May 22, 2009 at 05:50:28PM -0500, dwain wrote:
> On Fri, May 22, 2009 at 2:16 PM, George <nutndun@comcast.net> wrote:
> 
> > I was a little disappointed being called out on my suggestions in my
> > original post. Obviously the person isn’t a sys admin and from my
> > understanding the whole purpose of sudo is so the user only has root
> > privileges for that given command instead of during the entire terminal
> > session. I personally see nothing wrong with what I suggested other then
> > using visudo to edit the sudoers file instead of vim.
> >
> 
> i too was disappointed.  i tried su and authentication failed.  how do i
> update my system without being able to log in as root?
> 
> now i don't mind a spirited discussion on the pros and cons of sudo vs. su,
> but my original question still has not been answered; and with this new
> development i am really at a loss.
> 
> you are saying that  sudo and su are not available from a user console, then
> how do i fix this so i can become root when i need to?

Root login from a secure serial console has been described as the
ultimate command line of last resort.  I always have a serial console
set up in inittab (and in grub too for that matter).  I guess if you
can't log in as root (or otherwise get root), you'll need to boot a live
CD such as grml and fix whatever is preventing you from getting root.  

A last resort would be:

1.	physically disconnect the box from the network.
2.	boot a live CD
3.	edit the password file to allow root login without a password
4.	reboot into the system and log in as root
5.	passwd as root and give yourself a root password.
6.	shutdown
7.	reconnect the box to the network.
8.	carry on as normal.

If you want to use sudo for most things, but have root login available,
put the root password in a card in an envelope in a locked location.
You'll know if someone needed the root password by the tear in the
envelope.  Unless it was removed, the root login should be recorded in
syslog as well.

Doug.

Reply to:

Follow-Ups:
- Re: sudo vs. su (was Re: new to list, new to debian, new to linux)
  - From: dwain <dwain.alford@gmail.com>
- Re: sudo vs. su (was Re: new to list, new to debian, new to linux)
  - From: Alex Samad <alex@samad.com.au>

References:
- new to list, new to debian, new to linux
  - From: dwain <dwain.alford@gmail.com>
- RE: new to list, new to debian, new to linux
  - From: "George" <nutndun@comcast.net>
- RE: new to list, new to debian, new to linux
  - From: Thorny <thorntreehome@gmail.com>
- sudo vs. su (was Re: new to list, new to debian, new to linux)
  - From: Mark Shroyer <subscriber+debian@markshroyer.com>
- Re: sudo vs. su (was Re: new to list, new to debian, new to linux)
  - From: S Scharf <ss11223@gmail.com>
- RE: sudo vs. su (was Re: new to list, new to debian, new to linux)
  - From: "George" <nutndun@comcast.net>
- Re: sudo vs. su (was Re: new to list, new to debian, new to linux)
  - From: dwain <dwain.alford@gmail.com>

Prev by Date: Proper ncurses package
Next by Date: Re: sudo vs. su (was Re: new to list, new to debian, new to linux)
Previous by thread: Re: sudo vs. su (was Re: new to list, new to debian, new to linux)
Next by thread: Re: sudo vs. su (was Re: new to list, new to debian, new to linux)
Index(es):
- Date
- Thread