From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1ROyeU-0007KG-5f for garchives@archives.gentoo.org; Fri, 11 Nov 2011 21:28:46 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E692921C0AA; Fri, 11 Nov 2011 21:28:34 +0000 (UTC) Received: from mail-ww0-f53.google.com (mail-ww0-f53.google.com [74.125.82.53]) by pigeon.gentoo.org (Postfix) with ESMTP id 24BB021C029 for ; Fri, 11 Nov 2011 21:27:36 +0000 (UTC) Received: by wwf27 with SMTP id 27so1370184wwf.10 for ; Fri, 11 Nov 2011 13:27:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:organization :x-mailer:mime-version:content-type:content-transfer-encoding; bh=MI7LPVKMSLpDNn85Q0Kiiq+M77w/7OwrY2MFWUUsW50=; b=NhdlPdB7iXIHZaXniqIrlLiv8AWLvuMN8uFbb9huieItlOGnW9YsC5yEIo/VuOeOWV q1vxF2rNorwEOIY0y8kg+bbaz0LbfZ9VISccAeG8s6P0D+F4JsNks1h3Nk6IoWcmo8Yh FUxws3BO6ArRFgvo8rpolIXFfey84qcuqNP7k= Received: by 10.227.208.77 with SMTP id gb13mr9927433wbb.4.1321046855871; Fri, 11 Nov 2011 13:27:35 -0800 (PST) Received: from rohan.example.com ([196.215.144.97]) by mx.google.com with ESMTPS id eu16sm14933420wbb.7.2011.11.11.13.27.33 (version=SSLv3 cipher=OTHER); Fri, 11 Nov 2011 13:27:35 -0800 (PST) Date: Fri, 11 Nov 2011 23:27:30 +0200 From: Alan McKinnon To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] [OT] Binary install distro Message-ID: <20111111232730.36227d33@rohan.example.com> In-Reply-To: <4EBD8361.7080407@gmail.com> References: <4EBC1707.5030103@gmail.com> <4EBD3738.9090203@gmail.com> <4EBD4224.7070307@gmail.com> <20111111211831.68ab7c63@rohan.example.com> <4EBD8361.7080407@gmail.com> Organization: Internet Solutions X-Mailer: Claws Mail 3.7.8 (GTK+ 2.24.4; x86_64-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Archives-Salt: 3d7284cd-a414-46fc-b593-f6ffb44a4f88 X-Archives-Hash: 1493dfc1efed1597718d92eb888ea36e On Fri, 11 Nov 2011 14:19:45 -0600 Dale wrote: > ine is a single user machine both for me and my brother. That said, > if I did have other users on my machine, they wouldn't even be in the > wheel group so sudo wouldn't happen either. They would be able to do > user things but nothing else. > > That said, I know sudo fixes some problems and has its reason for > existing. Me, its just like the init thingy, I haven't found a good > reason yet to have one so no need adding it. That will likely change > shortly but hopefully not today. I found a workaround on kubuntu > tho. Just set the root password so you can login as root and carry > on. ;-) Even I have a gas pocket in my brain from time to time. :-D > Yeah, that's the way you do it. I don't have sudo on my own machines for the same reason (except the Ubuntu ones, I can't be bothered removing it) but at work I'd be slaughtered by Risk if I didn't have it. Without sudo the only way to let users do anything more than what regular users can do is to give them the root password. Seeing as the root password is randomly generated, forgotten, and kept in a sealed envelope in a safe, that's not really an option. Sudo lets me fine-grain control exactly what users can do, like let the web team install and update sites, let team leaders update team crontabs, and more. Plus everything is logged. If some chop deletes important files, I want a timestamped record telling me who and when :-) So in a corporate environment, sudo is an absolute necessity. It's also very useful for personal machines, especially newbies. Having to enter their password every time encourages them to think about what they are running and treat root privs with a little more respect. It doesn't always work out though - I still have idiots on the above-mentioned multi-user machines who blindly run "apt-get install gnome" on a SuSE host. At least they can't argue when I call them on it (due to the magic feature called "logs") -- Alan McKinnnon alan.mckinnon@gmail.com