Talk:Sudo

From ArchWiki
Jump to: navigation, search

Unclear intention of the section discussing hostnames

Hi, in the section "Example entries" I stumbled over this sentence: "To allow a user to run all commands as any user but only the machine with hostname HOST_NAME:" Is this intended to be saying "...on the machine...", like physically, not by ssh for example? Would be great to clarify this! Kay94 (talk) 15:03, 28 July 2017 (UTC)kay94

On not requiring password at console

I don't want to type my password at the console. Nobody else has access to my console unless they break into my house, and if they do that they can just take my computer. I do want to type my password if I'm ssh'd in, because if somebody breaks into my account somehow I'd just as soon they not also have root access. So what exactly is wrong with putting this in pam:

auth	sufficient	pam_succeed_if.so	tty = /dev/tty1

Not that it really matters, for the reasons stated above, but don't forget this won't give sudo access to anyone logged into the console; you still have to be in sudoers.

I put something to this effect in the article, and was reverted. Please let me know what I'm missing. --Chowbok (talk) 22:04, 19 February 2018 (UTC)

Of course use it if you want. But I don't see why it should be listed on the wiki without any security implications - for example a warning quite similar to the one in sudo#Disable_per-terminal_sudo would be appropriate. Also it does not seem very useful to me, since any graphical terminal uses pty rather than tty and you can just as well log in as root to the console to do the administrative things (there is also sudo -s). -- Lahwaacz (talk) 23:28, 19 February 2018 (UTC)

Undo revision 543841

What do you mean by "it's not necessary"? I followed the examples on a fresh arch system and was told by another arch user I had to logout for the changes to take effect. And that was correct.

Johnjay79 (talk) 10:07, 27 September 2018 (UTC)

You may have needed that because of some things other than sudo. I have no idea what you did on your fresh system. -- Lahwaacz (talk) 10:21, 27 September 2018 (UTC)
Okay, can you give me a list of steps I should do to reproduce the problem to your satisfaction with a fresh system? Note I still have to run dhcpcd in order to get an internet connection to download sudo as it does not come installed. Johnjay79 (talk) 10:41, 27 September 2018 (UTC)
What problem? I have no idea what your system looks like or what you're trying to do. Also, I have no idea how you could have played with sudo before adding the warning, but still not having it installed. -- Lahwaacz (talk) 10:51, 27 September 2018 (UTC)