|
General software and network General OS-independent software and network questions, X11, MTA, routing, etc. |
View Poll Results: Do you su or sudo? | |||
su only: nothing can improve on a classic! | 7 | 25.00% | |
sudo only: it's su on steriods! | 7 | 25.00% | |
I use both! | 13 | 46.43% | |
I only use the root account! | 1 | 3.57% | |
Voters: 28. You may not vote on this poll |
|
Thread Tools | Display Modes |
|
|||
Do you su or sudo?
It has been awhile since we have had a site-wide poll!
All members of the BSD family have su(1). Some members make sudo available in their base installations, while others make it available as a package. Which is your preference & why? As a bonus, for those running sudo(8), do you customize the default policy in any way? |
|
|||
I use both, but I only use su(1) to switch users in the administration of PostgreSQL. Otherwise, I use sudo(8) approximately 95% of the time.
As for sudo(8) customizations:
|
|
|||
Using sudo because it's in OpenBSD by default, and use it mainly to mount/write/delete files on some external hdds. Also I'm using sudo to add/delete/update packages.
|
|
||||
I use both, but I only use su for non-root userids (such as for PostgreSQL, just like ocicat).
I use "sudo -s" if I want a root shell, rather than a single command. My only modification to the default config is to enable sudo use without passwords (all of my systems have controlled access). |
|
||||
I use su and/or a root shell. This combination was not in the poll so I didn't cast a vote so as not to pollute the statistics. The times I've looked at sudo, I found it totally opaque and decided not to use something I didn't understand. When I do admin tasks there's usually lots to do, so a root shell is very convenient. I know this is not considered good practice and I'm not recommending it to anyone. It has worked for me on home systems that are not regularly connected to the 'net. (Having written this, it seems likely I'll now go and delete the root filesystem by accident. )
|
|
|||
I use both, for various reasons.
|
|
||||
For a brief moment I considered voting for "I only use the root account!" just for the fun of it
Anyway, I just use su, for two reasons: 1) I'm typically either the only user, or just one of a few who all have root access. 2) I always forget to type sudo before my commands. Actually, I think the order might be reversed ...
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
|
|||
My home machine(s) I use sudo maybe 5% of the time. I think after trying a linux (or two) distro, I got pretty tired of all the sudo stuff.
|
|
||||
I use sudo on the desktop machines but on production servers, I use only su.
__________________
religions, worst damnation of mankind "If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”. vermaden's: links resources deviantart spreadbsd |
|
||||
If I need a root shell (ie doing more than one thing as root) I use sudo su - to make sure I get a full root session (root ENV, root shell, root prefs, etc).
Otherwise, I use just sudo <command> for everything. Mainly to get an audit log of what I did and when. Especially on remote systems or ones I don't interact with very often. |
|
|||
sudo is soooooo buntus...
|
|
|||
I can only assume you are referring to Ubuntu. Note that sudo(8) is currently maintained by one of the OpenBSD developers. It is not a Linuxism imported into the *BSD world.
If you object to the restrictions that sudo places on users/administrators, note that this can be fine-tuned. A primary reason I created this thread was to advocate that sudo doesn't have to be taken with its default configuration. It is quite configurable. An administrative problem with su(1) is that knowledge of the root password provides total access to a system. With sudo, an access policy can be constructed to provide limited access, & the root password doesn't have to be disclosed. From an administrative standpoint, this is a win when considering security. |
|
||||
We make fairly heavy use of sudoers file at work. Our backups account, for example, can run rsync without a password, but only when connecting from the backups servers. Our vidcon tech can manage/edit gatekeeper-related stuff on the firewalls but nothing else. Our helpdesk can run specific commands on remote servers, but only when connecting from the board office. And so on.
Much nicer than having 15-odd people knowing the root password. But, the nicest thing about sudo is that every invocation is logged so we have an audit trail. Someone logged in as root (via console, su, ssh if enabled) can screw something up and we wouldn't know who did what or when. |
|
|||
My belief and practice - probably due to the blatant use of sudo in Ubuntu and the fact that anyone can su to root in many Linux distributions- is to use su and limit what each user can do.
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
sudo issue | rpindy | OpenBSD General | 6 | 31st May 2010 04:12 PM |
Vulnerabilities in sudo closed | J65nko | News | 0 | 1st March 2010 05:16 PM |
Installing sudo | rex | FreeBSD General | 4 | 24th October 2008 12:40 AM |
SUDO Wildcards | jcatrysse | FreeBSD Security | 2 | 30th June 2008 07:18 AM |