On Mon, Mar 25, 2013 at 8:36 AM, Peter Hanisch
On 25/03/13 00:33, Claudio Freire wrote:
On Sun, Mar 24, 2013 at 7:55 PM, Rajko
wrote: TBH I've always considered "sudo su" rather common and standard.
That could be the case in some other distro, but within openSUSE you will find often recommendations to use 'su' and 'su -' and not 'sudo'. Details are buried in the discussions stored in mail list archives, but I would recall if there was any significant chatter about changes regarding this.
Well, I'd consider any recommendation to not use sudo entirely rather ill-suited for most applications where sudo is desired.
Ie: when you want to give sudo powers to users without giving them the root password. Which I'd consider an important use case.
I thought the recommendation was against the specific "sudo su" idiom.
One of the reasons why sudo is also encouraged is logging. On a shared computer, it is relatively trivial to log every command executed via sudo and then aggregate that information via e.g. logwatch or logcheck or any number of monitoring solutions. For this reason, it might be advisable to actually specifically disallow sudo su, since that circumvents said measures, basically using sudo once to gain a root shell, in which you can go crazy.
Yes, but sometimes it is necessary. For instance, when piping. sudo blabla | grep bleh > /etc/somefile won't work, because the redirect happens in an unprivileged bash. And doing sudo bash -c 'all here' is a mess of string quoting that never comes out right. There's also the "sudo su <user>" which I use a lot sometimes to do "sudo su postgres". So, yes, discourage it must be discouraged, but it sometimes has to be done. I hear sudo bash is preferable in those cases... I tend to agree. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org