[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: As seen above: use of su vs sudo

Hash: SHA1

On Tue, Aug 07, 2018 at 12:22:53PM +0100, James Allsopp wrote:
> As far as I can see "su -" saves a lot of grief if you're the only admin on
> a system. Tried sudo ing to a protected directory? Doesn't work. Tired of
> entering your password every couple of minutes?

There's "sudo -s" for that, as in "gimme a root shell".

> sudo does mean that the admin actions of a particular user are logged, but
> unless you lock down what they can do, they can change/delete the logs
> easily enough.

That's not the main point of sudo. Yes, you can control it in many
fine-grained ways, which is a boon if you want to give (somewhat
restricted) powers to e.g. a backup script.

> I think this just degenerates into a religious war [...]

This makes as much sense as having a religious war in the workshop
on whether a Phillips screwdriver is "better" than a circular saw.

Ever tried to tighten a Phillips screw with a circular saw?

Enjoy your tools. Get to know them, and pick. Me, I've never needed
su since I got the hang of sudo, but why would I want to force anyone
to do the same?

OTOH, I don't like the idea of a passwordless root (my dislike comes
from the first time I went with that and stood in front of a machine
with a broken root file system telling me to enter the root password
to fix things :-)

- -- tomás
Version: GnuPG v1.4.12 (GNU/Linux)


Reply to: