This is the
talk page for discussing improvements to the
Sudo article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google ( books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
This article is rated B-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||||||
|
If a sudoer creates a file, which are the permissions on the file? Who is the owner, which mask? An eventually under which environment the commands are invoked? (setenv) These are questions I would like an answer. — Preceding unsigned comment added by 77.56.167.242 ( talk) 01:10, 10 October 2013 (UTC)
Is this just adapted from the man page? :/ Nile 16:01, 2004 Oct 15 (UTC)
Is this a joke? How is Microsoft so arrogant to claim this and I hope no one is stupid enough to accept it.
Patent 6,775,781 is a patent on UAC, not sudo. It's entirely irrelevant to sudo, and it's probably merely a defensive move by Microsoft anyway.
"Recent fears that Microsoft had patented the sudo command were found to be "overblown"" -- Seems biased towards the perspective of these findings. Blakeelias ( talk) 02:04, 19 December 2009 (UTC)
The page says sudo is under a BSD-style license, But http://www.sudo.ws/ clearly states it's under an ISC-style license.. —The preceding unsigned comment was added by 24.226.123.233 ( talk • contribs).
Some examples would be really great An example could be: sudo ifconfig,...
Or another, perhaps more humorous example here [1] ? :P 24.226.31.187 00:34, 26 February 2007 (UTC)
The XKCD comic (link given above) is a very popular one, which is googled up quite often. It would be great to include a link and description, for the text "Sudo make me a sandwich" —Preceding unsigned comment added by 59.92.120.86 ( talk) 06:01, 30 December 2007 (UTC)
http://www.sudo.ws/ says it's "superuser do". Most other references I have seen say it's "substitute user do", but this may be historical revisionism, so to say. Both expansions of sudo are apparently widely used, so perhaps the article should just explain this? — Tobias Bergemann 16:01, 14 February 2006 (UTC)
A recent edit removed the "substitute user do" again with the comment "The person who makes something names it, Todd C Miller has said it is superuser do and thus sudo is superuser do." While I agree with this comment I would like to at least add a note to the article to mention that there are sources that claim sudo stands for "substitute user do". I fear that without such a note the article would be changed again back by the next editor who was taught the "substitute user do" expansion at school. — Tobias Bergemann 09:47, 5 March 2007 (UTC)
from Bob Coggeshall <bob@cogwheel.com>
date 18 November 2008 17:13
subject Re: The meaning of "sudo"
It had no official mnemonic->word translation at inception. We were only looking for a short mnemonic and 'su' plus the word 'do' fit the bill.
I think the earliest man pages wrote the synopsis as as "do super thing", but that was made up by a subsequent developer.
..c
-- Hypocryptickal ( talk) 16:59, 18 November 2008 (UTC)
I wrote an email to Todd Miller:
And he responded:
Since it is used both ways—including by the current maintainer and the original developers, as Hypocryptickal's email showed—, perhaps the entry should reflect that. Wikipedia is descriptive, not prescriptive; whether or not it should be "substitute user, do", we should reflect that both have been and currently are used. Perhaps the current introductory sentence,
Should reflect both usages, becoming
And finally end this debate, letting exhausted Wikipedians rest. The above statement reflects fact, not intent.
could some one please disamb 'Titan' (runas - as part of Titan) —The preceding unsigned comment was added by Oyd11 ( talk • contribs) 19:48, 31 March 2006 (UTC).
I always thought that it was pronounced sue-doe, as in pseudo. It always made sense to me as a pun on su. But that's me and you can't legitimately cite yourself. —Preceding unsigned comment added by 130.179.220.0 ( talk) 17:48, 11 February 2008 (UTC)
Mentioning visudo as a safe way to edit /etc/sudoers would be is a good idea. If you use another text editor and make a typo, you could corrupt the sudoers file, preventing sudo access for everyone! Perhaps calling this out a bit more could save some problems.
Pockeyman
00:50, 21 July 2006 (UTC)
Also I feel that a note about command side effects should be mentioned. For instance, it might be good to give a reminder that vi or emacs have shell escape modes. So by giving sudo access to these programs, the users have shell with root privs! Pockeyman 00:50, 21 July 2006 (UTC)
I'm fairly happy with changes I've just done, but there really needs to be an "Advantages" section highlighting *why* sudo is used, and it's advantages over direct root logins or su-ing. The disadvantages/problems are in the article, but just not clearly enough identifiead as such, imho. -- Snori 09:10, 5 August 2006 (UTC)
Typically people (I do) prnounce as initially described (as in sudoku), but I have heard others pronounce the, possibly more correct term using 'do' as in 'doop' and not as in 'dough', as the 'do' is literally the word, 'do'. So I added that to the article. Reikon 20:39, 6 October 2006 (UTC)
(Insert in prnounce.)
I think the default location of the command should also be listed. -- Darth Borehd 05:04, 30 October 2006 (UTC)
By default, it's installed into /usr/bin
.
IlliterateSage
08:45, 3 November 2006 (UTC)
Enough of this nonsense. And no, it doesn't matter what Ms Miller says. Let us quote from the manpage for sudo - which presumably Miller also maintains.
sudo - execute a command as another user
sudo -V | -h | -l | -L | -v | -k | -K | -s | [ -H ] [-P ] [-S ] [ -b ] | [ -p prompt ] [ -c class|- ] [ -a auth_type ] [ -u username|#uid ] command
As is clearly seen, sudo can be used to execute commands as ANY user. root being default changes nothing.
Enough of this nonsense. As you expressly get to decide on which account you execute your commands, as the title of the page says expressly 'execute a command as ANOTHER user', the debate should fairly be closed.
—The preceding unsigned comment was added by 62.1.114.104 ( talk)
cat - concatenate and print files
Lots of UNIX programs have weird, inappropriate names. This is partly because their authors really enjoy jokes (UNIX itself being a homonym for
eunuchs). It's also because keyboard keys used to actually require a fair amount of force to depress, as they actually had to generate some current from the force of the keystroke. Because of this, lots of commands have very succinct names like ed
for editor, or vi
for visual mode in ex
. I bet typing the word "concatenate" more than once a day would be quite the pain in the wrists, so they called it cat
. But who cares? What's in a name? I imagine the name sudo does mean "substitute user do", if it means anything, as su
stands for "substitute user" and not "super user". Remember that su
let's you assume the shell of any user, not just root. (By the way, I don't think people should say things like "enough of this nonsense" to their fellow Wikipedians. That's rude and it's not productive. Instead, do some homework and try to help your fellow man learn.)
Justin Force
19:34, 15 June 2007 (UTC)
I don't think that's clear at all, since almost nobody who understands where sudo came from needs to spell it out. The etymology has little to do with its later abilities: it is because the name came from su. Which stands for substitute user.03:55, 12 January 2008 (UTC)~ —Preceding unsigned comment added by 87.194.94.144 ( talk)
Official versions of history for eunuchs is often inaccurate. This is because lusers often have different man pages then network users. — Preceding unsigned comment added by 2607:FCC8:A552:8200:D869:D7C:2ADF:ED98 ( talk) 21:44, 2 March 2018 (UTC)
Does Mac OS X's graphical frontend to sudo
have a name?
IlliterateSage
08:43, 3 November 2006 (UTC)
Sudowin a pretty interesting project. There doesn't seem to be much to say about it that the author doesn't say on the project page, though. Justin Force 19:16, 15 June 2007 (UTC)
It's worth noticing that sudo does not exist to avoid using the root password. This is common usage in the new Mac/Ubuntu approach but in fact by default it requires the root password, and this is how it is used in most Linux distributions e.g. openSUSE. I have updated the main page accordingly and this is referenced back to the manpage. —Preceding unsigned comment added by 213.202.144.193 ( talk) 12:15, 4 November 2007 (UTC)
I stand corrected on that one, must have re-read the manpages with crossed eyes. Thanks for the spot. —Preceding unsigned comment added by 193.120.161.13 ( talk) 08:53, 9 November 2007 (UTC)
Yeah, the entire point of sudo is totally to avoid giving out the root password, and to allow the admins to have a say in who gets to run stuff as root. Always has been. su does need the password of the user you are changing to, unless you are root. Note that this means you have full root access with "sudo su -" which asks you for your password, and not root's (because the su command is ran as root, and thus needs no password). 73.189.247.236 ( talk) 16:49, 8 July 2019 (UTC)
"A user must confirm his identity to sudo by supplying his password before running the target program" This is false, since sudo has the NOPASSWD option. No mention of this option is included in this article. I'll make a change, if no one objects. Llamabr ( talk) 03:48, 8 January 2008 (UTC)
because "sudo -u adam command" would run command as adam, therefore it is subsitute user do. also the su command stands for substitute user. —Preceding unsigned comment added by 213.89.128.252 ( talk) 00:23, 18 August 2008 (UTC)
Removed the whole section since it only had the one sentence and the image it referred to was deleted. I thought about putting in an external link, but it really didn't seem worth it. Still, it's there if someone wants to put it back in. Cosmo0 ( talk) 23:03, 7 May 2010 (UTC)
Pardon the temerity guys, but that was a very helpful way to think of sudo for me, which is why I inserted it into the intro parenthetical.
Manueluribe ( talk) 21:27, 11 September 2010 (UTC)
The article 'Sudo Fun' in the external links section doesn't appear to be a guide to sudo as described, but a description of some of the security issues with sudo on Mac OS X. I think it isn't exactly relevant to this article. Tweisbach ( talk) 01:46, 1 October 2010 (UTC)
For security reasons never grant user sudo privileges for any tool that is capable to open then edit and save config files (like vim, emacs, etc) unless you also grant this user full root access. ( via 'sudo -i').
Azzxxx ( talk) 15:52, 6 January 2011 (UTC)
The 1985 posting of the source code of sudo to the usenet group net.sources is available in the archive of such groups at archive.org: https://archive.org/download/usenet-net/net.sources.mbox.zip The message ID in question is: 2622@sunybcs.UUCP. It did not contain any version of the "sudo lecture". JesseW, the juggling janitor 07:48, 15 June 2015 (UTC)
The file /etc/sudoers may contain a list of users to execute a subset of commands while having the privileges of the root user or other specified user.
The middle portion of that sentence seems poorly worded and should probably be re-written.
Perhaps something as follows?
"The file /etc/sudoers may contain a list of users authorized to execute a subset of commands as if they had the privileges of the root user or other specified user. "
But "may contain" is still ambiguous. Is that "may" meaning might / possibly will? Or "may" meaning is allowed to?
Toddcs ( talk) 19:37, 13 December 2016 (UTC)
Would it be worthwhile to mention here that some Linux distributions, such as Ubuntu in its many forms, is set up so that all system administration is done via sudo, with no root password set by default, and your first user is automatically a member of wheel? Other distros, such as Fedora (the one I use) require you to set a root password before the system is installed. Again, your first regular user is in wheel by default, but that's an option that you can unselect if you prefer. I'd just add it, but I'm not completely sure it's needed. Thoughts? JDZeff ( talk) 00:15, 23 February 2018 (UTC)
As the title says, seems the entire site is now different. Usx9 ( talk) —Preceding undated comment added 16:48, 26 March 2020 (UTC)
Shouldn't the vulnerability discovered in 2021 be covered (was present for more than 10 years)?
E.g., covered in Security Now, episode 804, from 01 h 19 min 47 secs to 01 h 27 min 39 secs.
-- Mortense ( talk) 02:23, 7 February 2021 (UTC)
A discussion is taking place to address the redirect Baron samedit. The discussion will occur at Wikipedia:Redirects for discussion/Log/2021 February 13#Baron samedit until a consensus is reached, and readers of this page are welcome to contribute to the discussion. signed, Rosguill talk 20:14, 13 February 2021 (UTC)
This is the
talk page for discussing improvements to the
Sudo article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google ( books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
This article is rated B-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||||||
|
If a sudoer creates a file, which are the permissions on the file? Who is the owner, which mask? An eventually under which environment the commands are invoked? (setenv) These are questions I would like an answer. — Preceding unsigned comment added by 77.56.167.242 ( talk) 01:10, 10 October 2013 (UTC)
Is this just adapted from the man page? :/ Nile 16:01, 2004 Oct 15 (UTC)
Is this a joke? How is Microsoft so arrogant to claim this and I hope no one is stupid enough to accept it.
Patent 6,775,781 is a patent on UAC, not sudo. It's entirely irrelevant to sudo, and it's probably merely a defensive move by Microsoft anyway.
"Recent fears that Microsoft had patented the sudo command were found to be "overblown"" -- Seems biased towards the perspective of these findings. Blakeelias ( talk) 02:04, 19 December 2009 (UTC)
The page says sudo is under a BSD-style license, But http://www.sudo.ws/ clearly states it's under an ISC-style license.. —The preceding unsigned comment was added by 24.226.123.233 ( talk • contribs).
Some examples would be really great An example could be: sudo ifconfig,...
Or another, perhaps more humorous example here [1] ? :P 24.226.31.187 00:34, 26 February 2007 (UTC)
The XKCD comic (link given above) is a very popular one, which is googled up quite often. It would be great to include a link and description, for the text "Sudo make me a sandwich" —Preceding unsigned comment added by 59.92.120.86 ( talk) 06:01, 30 December 2007 (UTC)
http://www.sudo.ws/ says it's "superuser do". Most other references I have seen say it's "substitute user do", but this may be historical revisionism, so to say. Both expansions of sudo are apparently widely used, so perhaps the article should just explain this? — Tobias Bergemann 16:01, 14 February 2006 (UTC)
A recent edit removed the "substitute user do" again with the comment "The person who makes something names it, Todd C Miller has said it is superuser do and thus sudo is superuser do." While I agree with this comment I would like to at least add a note to the article to mention that there are sources that claim sudo stands for "substitute user do". I fear that without such a note the article would be changed again back by the next editor who was taught the "substitute user do" expansion at school. — Tobias Bergemann 09:47, 5 March 2007 (UTC)
from Bob Coggeshall <bob@cogwheel.com>
date 18 November 2008 17:13
subject Re: The meaning of "sudo"
It had no official mnemonic->word translation at inception. We were only looking for a short mnemonic and 'su' plus the word 'do' fit the bill.
I think the earliest man pages wrote the synopsis as as "do super thing", but that was made up by a subsequent developer.
..c
-- Hypocryptickal ( talk) 16:59, 18 November 2008 (UTC)
I wrote an email to Todd Miller:
And he responded:
Since it is used both ways—including by the current maintainer and the original developers, as Hypocryptickal's email showed—, perhaps the entry should reflect that. Wikipedia is descriptive, not prescriptive; whether or not it should be "substitute user, do", we should reflect that both have been and currently are used. Perhaps the current introductory sentence,
Should reflect both usages, becoming
And finally end this debate, letting exhausted Wikipedians rest. The above statement reflects fact, not intent.
could some one please disamb 'Titan' (runas - as part of Titan) —The preceding unsigned comment was added by Oyd11 ( talk • contribs) 19:48, 31 March 2006 (UTC).
I always thought that it was pronounced sue-doe, as in pseudo. It always made sense to me as a pun on su. But that's me and you can't legitimately cite yourself. —Preceding unsigned comment added by 130.179.220.0 ( talk) 17:48, 11 February 2008 (UTC)
Mentioning visudo as a safe way to edit /etc/sudoers would be is a good idea. If you use another text editor and make a typo, you could corrupt the sudoers file, preventing sudo access for everyone! Perhaps calling this out a bit more could save some problems.
Pockeyman
00:50, 21 July 2006 (UTC)
Also I feel that a note about command side effects should be mentioned. For instance, it might be good to give a reminder that vi or emacs have shell escape modes. So by giving sudo access to these programs, the users have shell with root privs! Pockeyman 00:50, 21 July 2006 (UTC)
I'm fairly happy with changes I've just done, but there really needs to be an "Advantages" section highlighting *why* sudo is used, and it's advantages over direct root logins or su-ing. The disadvantages/problems are in the article, but just not clearly enough identifiead as such, imho. -- Snori 09:10, 5 August 2006 (UTC)
Typically people (I do) prnounce as initially described (as in sudoku), but I have heard others pronounce the, possibly more correct term using 'do' as in 'doop' and not as in 'dough', as the 'do' is literally the word, 'do'. So I added that to the article. Reikon 20:39, 6 October 2006 (UTC)
(Insert in prnounce.)
I think the default location of the command should also be listed. -- Darth Borehd 05:04, 30 October 2006 (UTC)
By default, it's installed into /usr/bin
.
IlliterateSage
08:45, 3 November 2006 (UTC)
Enough of this nonsense. And no, it doesn't matter what Ms Miller says. Let us quote from the manpage for sudo - which presumably Miller also maintains.
sudo - execute a command as another user
sudo -V | -h | -l | -L | -v | -k | -K | -s | [ -H ] [-P ] [-S ] [ -b ] | [ -p prompt ] [ -c class|- ] [ -a auth_type ] [ -u username|#uid ] command
As is clearly seen, sudo can be used to execute commands as ANY user. root being default changes nothing.
Enough of this nonsense. As you expressly get to decide on which account you execute your commands, as the title of the page says expressly 'execute a command as ANOTHER user', the debate should fairly be closed.
—The preceding unsigned comment was added by 62.1.114.104 ( talk)
cat - concatenate and print files
Lots of UNIX programs have weird, inappropriate names. This is partly because their authors really enjoy jokes (UNIX itself being a homonym for
eunuchs). It's also because keyboard keys used to actually require a fair amount of force to depress, as they actually had to generate some current from the force of the keystroke. Because of this, lots of commands have very succinct names like ed
for editor, or vi
for visual mode in ex
. I bet typing the word "concatenate" more than once a day would be quite the pain in the wrists, so they called it cat
. But who cares? What's in a name? I imagine the name sudo does mean "substitute user do", if it means anything, as su
stands for "substitute user" and not "super user". Remember that su
let's you assume the shell of any user, not just root. (By the way, I don't think people should say things like "enough of this nonsense" to their fellow Wikipedians. That's rude and it's not productive. Instead, do some homework and try to help your fellow man learn.)
Justin Force
19:34, 15 June 2007 (UTC)
I don't think that's clear at all, since almost nobody who understands where sudo came from needs to spell it out. The etymology has little to do with its later abilities: it is because the name came from su. Which stands for substitute user.03:55, 12 January 2008 (UTC)~ —Preceding unsigned comment added by 87.194.94.144 ( talk)
Official versions of history for eunuchs is often inaccurate. This is because lusers often have different man pages then network users. — Preceding unsigned comment added by 2607:FCC8:A552:8200:D869:D7C:2ADF:ED98 ( talk) 21:44, 2 March 2018 (UTC)
Does Mac OS X's graphical frontend to sudo
have a name?
IlliterateSage
08:43, 3 November 2006 (UTC)
Sudowin a pretty interesting project. There doesn't seem to be much to say about it that the author doesn't say on the project page, though. Justin Force 19:16, 15 June 2007 (UTC)
It's worth noticing that sudo does not exist to avoid using the root password. This is common usage in the new Mac/Ubuntu approach but in fact by default it requires the root password, and this is how it is used in most Linux distributions e.g. openSUSE. I have updated the main page accordingly and this is referenced back to the manpage. —Preceding unsigned comment added by 213.202.144.193 ( talk) 12:15, 4 November 2007 (UTC)
I stand corrected on that one, must have re-read the manpages with crossed eyes. Thanks for the spot. —Preceding unsigned comment added by 193.120.161.13 ( talk) 08:53, 9 November 2007 (UTC)
Yeah, the entire point of sudo is totally to avoid giving out the root password, and to allow the admins to have a say in who gets to run stuff as root. Always has been. su does need the password of the user you are changing to, unless you are root. Note that this means you have full root access with "sudo su -" which asks you for your password, and not root's (because the su command is ran as root, and thus needs no password). 73.189.247.236 ( talk) 16:49, 8 July 2019 (UTC)
"A user must confirm his identity to sudo by supplying his password before running the target program" This is false, since sudo has the NOPASSWD option. No mention of this option is included in this article. I'll make a change, if no one objects. Llamabr ( talk) 03:48, 8 January 2008 (UTC)
because "sudo -u adam command" would run command as adam, therefore it is subsitute user do. also the su command stands for substitute user. —Preceding unsigned comment added by 213.89.128.252 ( talk) 00:23, 18 August 2008 (UTC)
Removed the whole section since it only had the one sentence and the image it referred to was deleted. I thought about putting in an external link, but it really didn't seem worth it. Still, it's there if someone wants to put it back in. Cosmo0 ( talk) 23:03, 7 May 2010 (UTC)
Pardon the temerity guys, but that was a very helpful way to think of sudo for me, which is why I inserted it into the intro parenthetical.
Manueluribe ( talk) 21:27, 11 September 2010 (UTC)
The article 'Sudo Fun' in the external links section doesn't appear to be a guide to sudo as described, but a description of some of the security issues with sudo on Mac OS X. I think it isn't exactly relevant to this article. Tweisbach ( talk) 01:46, 1 October 2010 (UTC)
For security reasons never grant user sudo privileges for any tool that is capable to open then edit and save config files (like vim, emacs, etc) unless you also grant this user full root access. ( via 'sudo -i').
Azzxxx ( talk) 15:52, 6 January 2011 (UTC)
The 1985 posting of the source code of sudo to the usenet group net.sources is available in the archive of such groups at archive.org: https://archive.org/download/usenet-net/net.sources.mbox.zip The message ID in question is: 2622@sunybcs.UUCP. It did not contain any version of the "sudo lecture". JesseW, the juggling janitor 07:48, 15 June 2015 (UTC)
The file /etc/sudoers may contain a list of users to execute a subset of commands while having the privileges of the root user or other specified user.
The middle portion of that sentence seems poorly worded and should probably be re-written.
Perhaps something as follows?
"The file /etc/sudoers may contain a list of users authorized to execute a subset of commands as if they had the privileges of the root user or other specified user. "
But "may contain" is still ambiguous. Is that "may" meaning might / possibly will? Or "may" meaning is allowed to?
Toddcs ( talk) 19:37, 13 December 2016 (UTC)
Would it be worthwhile to mention here that some Linux distributions, such as Ubuntu in its many forms, is set up so that all system administration is done via sudo, with no root password set by default, and your first user is automatically a member of wheel? Other distros, such as Fedora (the one I use) require you to set a root password before the system is installed. Again, your first regular user is in wheel by default, but that's an option that you can unselect if you prefer. I'd just add it, but I'm not completely sure it's needed. Thoughts? JDZeff ( talk) 00:15, 23 February 2018 (UTC)
As the title says, seems the entire site is now different. Usx9 ( talk) —Preceding undated comment added 16:48, 26 March 2020 (UTC)
Shouldn't the vulnerability discovered in 2021 be covered (was present for more than 10 years)?
E.g., covered in Security Now, episode 804, from 01 h 19 min 47 secs to 01 h 27 min 39 secs.
-- Mortense ( talk) 02:23, 7 February 2021 (UTC)
A discussion is taking place to address the redirect Baron samedit. The discussion will occur at Wikipedia:Redirects for discussion/Log/2021 February 13#Baron samedit until a consensus is reached, and readers of this page are welcome to contribute to the discussion. signed, Rosguill talk 20:14, 13 February 2021 (UTC)