At that time, the introduction of sudo also caused a great deal of controversy in the Debian community. Which of the two do you prefer and why?
sudo, definitely.
Why? Convenience and I truly donāt think there is a difference in security on a home computer.
I also think there isnāt much difference between them in terms of security.
+ 1
Almost always sudo to avoid accidentally running things as root which were not meant to. I donāt trust myself enough
sudo
I would also argue that in itās default configuration it is significantly safer.
With su
it is easy to forget that you are root and do something you might not have intended.
I got trust issues, and most certainly so when it comes to myself, thus I use sudo!
To avoid that, my mostly used distribution does not only make a difference by putting a #
at the end of the prompt, but also changes the font colour to red when working with full admin status. So itās nearly impossible not to see.
I think sudo
only makes kind of sense if a person (which is not me) has to admin a server of mine and thus needs limited root access from time to time. But as Iām the only user I go full speed when working with admin rights. When I perform a system update on EndeavourOS I also do it exclusively using su
. Iām simply used to it and I think itās the logical thing to do. Due to this is my workflow, I always have, at least one terminal with admin rights, on my desktop.
So I donāt have to enter passwords every now and then. Neither for sudo
nor su
.
As far as I remember Canonical was the company who started that abuse of sudo. It was never designed to be used the way it is used nowadays. So the improvments partially put in the new version are, in my opinion, a logical step up.
I think in the end itās just a matter of taste like the question which Linux distribution, which terminal, which editor or which DE/WM one prefers.
My .zshrc does the same thing. It is still pretty easy to overlook when you are going fast and have a lot of terminals open.
I am not sure exactly what this means but I have been using sudo since long before the existence of Canonical. It has been used as long as I can remember as a safer alternative to su.
Perfectly logical, but, as you say, a matter of habit/taste/usage. I used to have an automatic separation by GUI vs terminal - but I canāt count on that anymore with modern Linuxes - and the process has been even more accelerated by Arch and its brethren!
That said - I would like to know how the colour change is implemented on that other setup of yours! Iāve tried to make the GUI use a different theme (partial success) and if in su I have a different prompt to TRY to remind myself, but usually I stay with sudo for the ābreak in routineā it providesā¦
Just give root a colored prompt by changing the prompt conditionally.
Here is one example with bash:
Just remember to make the change in both the .bashrc for your user and the one for root.
Thanks - that helps - but what I am trying for is more like a background colour change for the terminal. The prompt is easier to switch (for me so far). Iāll take a look at this though, and it might head me in the right direction to find out what I want (as opposed to finding what I want)
It probably depends on a specific terminal emulator and I donāt know how to do that automatically But if you are using xterm and a separate terminal for root tasks you can launch it with xterm -bg red
and it will look so horrible you wonāt want to ever use it
edit: Iāve found a package xtermcontrol
on AUR allowing to change the xterm settings at runtime. It maybe scriptable with something like
if [ "$(whoami)" = "root" ]; then xtermcontrol --bg=red; fi
checking for that periodicallyā¦
Great thought! However, if itās the right redā¦
It should be possible some way to get xfce-terminal to do that too, but that will come after some other āprojectsā Iāve got going on at the momentā¦
Oh, that probably will be more complicatedā¦
Nice desktop I was talking about xterm bright red window, especially with all this green that comes with zsh-syntax-highlighting
I just changed it on EndeavourOS. My prompt when using root priviliges now looks
[root@DesktopEOS xxxxx]#
The username root is now printed in red.
I just had to replace the line
PS1='[\u@\h \W]\$ '
with
PS1='[\[\033[1;31m\]\u\[\033[0m\]@\h \W]\$ '
in the file /etc/bash.bashrc
I had no doubt that it could be frightening! Of course, that could be a good thing, depending
Hereās hopefully some more spice to the original question.
EndeavourOS happens to have a third alternative in addition to su and sudo, namely su-c_wrapper.
The name refers to āsu -cā command wrapper. The name is deliberately made awkward, and you may alias it to something more convenient, e.g.
alias suc=su-c_wrapper
It is inherently like āsu -cā (because of security), but has a bit of sudo convenience on two things:
- giving max 3 trials to get the password right
- command parameters are given like in sudo
It takes no other options, but just the command to be executed.
For example.the following commands behave almost the same:
su -c "ls -l" su-c_wrapper ls -l suc ls -l # this uses the alias above! sudo ls -l
The first 3 commands, unlike the last, use elevated privileges only during executing the command. As you know, sudo by default ākeepsā the elevated privileges for a few minutes in case you want to give more commands needing elevated privileges.
So there are alternatives. Everyone has to think what is the best solution for the situation at hand. And it is important to know what the alternatives are exactly.
BTW, donāt forget the pkexec command!
But the real question is - why no one knows about it? Did you just write it and put into our computers?
Wellā¦ it has been in your computers for a long time already.
It is not used by default by any of the EndeavourOS packagesā¦ Only if you configure to use it, it will be used.
And please look at the source code at /usr/bin/su-c_wrapper.
It is currently part of the welcome package, but could be separated as an independent one.
And in fact it has been mentioned in the Wiki at Welcome, although not really explained there.