Have to use sudo for almost everything

sudo

If I understand the Linux philosophy correctly, sudo should be used sparingly, and most operations should be performed as an under-privileged user. But that doesn't seem to make sense, since I'm always having to input sudo, whether I'm managing packages, editing config files, installing a program from source, or what have you. These are not even technical stuff, just anything a regular user does.

It reminds me very much of Window's UAC, which people either disable, or configure to not require a password (just a click). Furthermore, many people's Windows users are administrator accounts as well.

Also, I've seen some people display commands that require sudo privileges without sudo. Do they have their system configured in such a way that sudo is not required?

Best Answer

You mentioned these system adminstration functions

managing packages, editing config files, installing a program from source

as things that

anything a regular user does

In a typical multiuser system these are not ordinary user actions; a systems administrator would worry about this. Ordinary users (not "under privileged") can then use the system without worrying about its upkeep.

On a home system, yes, you end up having to administer the system as well as using it.

Is it really such a hardship to use sudo? Remember that if it's just your system there's no reason why you can't either pop into a root shell (sudo -s - see this post for an overview of various means of getting a root shell) and/or configure sudo not to prompt for a password.

Related Solutions

Ways to execute shell command as root

There are several sudo-like tools (calife, op, super, …) — see How do I run a command as the system administrator (root) — but you could spend your life on unix systems without encountering them (they've all been displaced by sudo). In practice, if you need to call scripts as root, either arrange for all your machines to have passwordless sudo, or to allow ssh logins as root. There's not much of a security difference between the two: either way, the script must have all the credentials necessary to reach the root account.

If you only want your scripts to be able to execute specific commands, use specific entries for these commands in /etc/sudoers, or specific keys with a command= line in ~root/.ssh/authorized_keys.

Why can’t I use sudo on OpenBSD

The error message tells you what is wrong even if it doesn't tell you exactly how to fix it.

adminvpn is not in the sudoers file.

sudo lets you run commands as the administrator. In order to be able to use sudo, you need to be made an administrator. Accounts are not made administrators by default.

Run the command visudo (as root, of course) and add a line like the following:

adminvpn ALL=(ALL) ALL

Save the file and exit. You can now run any command as root with sudo.

Note that visudo will run your favorite editor, as indicated by the environment variable VISUAL. If you haven't configured that, you'll get vi. If you're uncomfortable with vi, install another editor (e.g. pkg_add nano) and add a line like export VISUAL=nano to ~/.profile; run the command in your interactive shell as well for it to take effect in the current session.

Unless configured otherwise, sudo requires you to type your own password. Knowledge of the root password is not necessary, that's the point of sudo`. The point of typing your password is to make sure it isn't someone else typing while you left your keyboard unattended.

By the way, OpenBSD isn't the most beginner-friendly unix out there. If you want a gentler learning curve, try Ubuntu.

Best Answer

Related Solutions

Ways to execute shell command as root

Why can’t I use sudo on OpenBSD

Related Question