Talk:Sudo

From Wikipedia, the free encyclopedia

This is the talk page for discussing improvements to the Sudo article. This is not a forum for general discussion about the article's subject.
Please sign and date your posts by typing four tildes (~~~~). Put new text under old text. Click here to start a new topic. New to Wikipedia? Welcome! Ask questions, get answers.	Be polite Assume good faith No personal attacks Be welcoming	Article policies No original research Neutral point of view Verifiability

	Free software Portal This article is part of WikiProject Free Software, an effort to create, expand, organize, and improve free software-related articles.
???	This article has not yet received a rating on the assessment scale.
???	This article has not yet received an importance rating on the assessment scale.

Is this just adapted from the man page? :/ Nile 16:01, 2004 Oct 15 (UTC)

Contents 1 License? 2 Examples 3 Is it "substitute user do" or "superuser do"? 4 safety with sudo 5 Advantages, problems 6 Added alternative pronunciation 7 Location of command 8 It's NOT Super-User Do 9 Mac OS X sudo frontend

[edit] License?

The page says sudo is under a BSD-style license, But http://www.sudo.ws/ clearly states it's under an ISC-style license.. —The preceding unsigned comment was added by 24.226.123.233 (talk • contribs).

ISC is modified BSD. NicM 10:29, 26 February 2007 (UTC).

[edit] Examples

Some examples would be really great An example could be: sudo ifconfig,...

Or another, perhaps more humorous example here [1] ? :P 24.226.31.187 00:34, 26 February 2007 (UTC)

[edit] Is it "substitute user do" or "superuser do"?

http://www.sudo.ws/ says it's "superuser do". Most other references I have seen say it's "substitute user do", but this may be historical revisionism, so to say. Both expansions of sudo are apparently widely used, so perhaps the article should just explain this? —Tobias Bergemann 16:01, 14 February 2006 (UTC)

• Todd does NOT know what he's talking about. Granted, he should - but he does not. sudo is based on su where it's substitute user all the way. Further: sudo, like su, only infers root by default: any other user account can be specified. Superuser do is therefore in all respects INCORRECT. —The preceding unsigned comment was added by 62.1.220.135 (talk)

• Todd should know what he's talking about, so I'll trust superuser do. Janizary 21:32, 23 February 2006 (UTC)
• This is an utterance of the ignorant. There is no research to back this random statement up; there is no history of skills on the platform; there are no references whatsoever. If Wiki is to progress beyond this power trip thinking that's currently debilitating things the 'nannies' are going to have to refocus on facts rather than personal prestige. —The preceding unsigned comment was added by 62.1.114.104 (talk)
• Unfortunately in this case, Todd doesn't know what he's talking about. It's one of the most incorrectly used terms in UNIX. The original command is "su" which stands for "substitute user." People call it "super user" because you generally use the "su" command to obtain root privileges. However the "su" command is literally used to substitute users, and it doesn't have to be root. Commonly developers "su" to application accounts and so forth. Sudo is a play on the "su" command by appending the verb "do." Seeing that sudo allows you to perform commands as other users, including non-root users, by definition it's "substitute user do." In my opinion the term "super user" is poor adjective for the real term "root user." The original intent was clear enough without using another adjective to describe it, which changes the definition. Dhanks 03:43, 19 August 2006 (UTC)
• Yes. Obviously. —The preceding unsigned comment was added by 62.1.220.135 (talk)
• Is there some reference that states that sudo's name is tied to su? User:pottmi 08:23, 17 September 2006 (UTC)
• Yes. Brain power. —The preceding unsigned comment was added by 62.1.220.135 (talk)
• Here is the complete and exact text from Todd Miller to me July 25, 2006:'The correct pronunciation is sue due / soo doo for "superuser do".' User:pottmi 08:23, 17 September 2006 (UTC)
• It doesn't matter what TODD C MILLER says. It's WRONG. It doesn't even make SENSE. sudo substitutes users - PERIOD. You can run any command as any other user - period. If you have a user on your system 'Arne', does su then stand for 'Arne user'? Stick to FACTS. —The preceding unsigned comment was added by 62.1.220.135 (talk)

A recent edit removed the "substitute user do" again with the comment "The person who makes something names it, Todd C Miller has said it is superuser do and thus sudo is superuser do." While I agree with this comment I would like to at least add a note to the article to mention that there are sources that claim sudo stands for "substitute user do". I fear that without such a note the article would be changed again back by the next editor who was taught the "substitute user do" expansion at school. — Tobias Bergemann 09:47, 5 March 2007 (UTC)

Then that recent edit is vandalism. Really - stop this childish bickering. Next you'll have to call in ken, dmr, and bwk to slap you around a bit. —The preceding unsigned comment was added by 62.1.220.135 (talk)

Todd C Miller didn't create sudo, it says so there right there in the article. However, is there any reason the program's official website shouldn't be considered canonical on this? Unless there is a citable quote from the original authors, in which case both should be mentioned. NicM 10:51, 5 March 2007 (UTC).

'The person who makes something names it, Todd C Miller has said it is superuser do'. But Miller did not 'make' sudo - he's just breast feeding it today. If Miller were right about everything then everyone else would have to be wrong period - and what's worse: you'd have to CHANGE the syntax (and the code Ms Miller maintains) to no longer allow sudo to 'substitute' for another user at is has always been designed to do.

This type of misconception is normally taken care of in Comp Sci 101 where students invariably guess su and the su in sudo stand for 'superuser'. But that account is normally known as root and any teacher will correct the students if they're wrong.

It's like someone saying the sky is mauve rather than blue and having to contend with that kind of nonsense. If Ms Miller must be right about everything, then the creators of su, and of sudo, and the doyens of Unix from CSRC such as bwk, ken, dmr, aho, doug, and the rest must be all wrong. How logical is that?

It's time to let people who actually work with this technology - and are not neophytes at it - have a say in how these important things are presented to the world at Wiki. Being ambitious and wanting to contribute to articles despite an embarrassing lack of experience in the field is simply - the word would have to be either 'arrogant', 'childish', 'immature', or all of the three.

—The preceding unsigned comment was added by 62.1.114.104 (talk)

The website for sudo clearly says it is "superuser do" and so far nobody has provided a useful cite showing the original authors intended otherwise. At best, "substitute user do" could be presented in the article as an occasional alternative. Program names frequently drift from being absolutely appropriate as requirements change or features are added and removed, just becaue it doesn't seem to make sense now doesn't mean it never did (not that it doesn't make sense now: although sudo can be used to change to any user, it is most commonly used for root privileges, and, yes, root on Unix is referred to as the superuser account). Claiming that everyone who disagrees with you is ignorant and childish is not only wrong, but actually is both childish and arrogant. Not to mention believing this is an important thing. NicM 10:55, 20 March 2007 (UTC).

---

could some one please disamb 'Titan' (runas - as part of Titan) —The preceding unsigned comment was added by Oyd11 (talk • contribs) 19:48, 31 March 2006 (UTC).

[edit] safety with sudo

Mentioning visudo as a safe way to edit /etc/sudoers would be is a good idea. If you use another text editor and make a typo, you could corrupt the sudoers file, preventing sudo access for everyone! Perhaps calling this out a bit more could save some problems. Pockeyman 00:50, 21 July 2006 (UTC)

You might also point out that KF and LMH of the MOAB highlighted a few more rabbit holes with sudo: namely never invoke sudo against something you can't control. Running a world writable script or for that matter running anything world writable with sudo is asking for trouble. For obvious reasons.

sudo is a convenience and as always with conveniences it's a question of balancing against security as TCM often has pointed out. sudo can get you pwned. Use of sudo must therefore be discreet. —The preceding unsigned comment was added by 62.1.220.135 (talk)

Also I feel that a note about command side effects should be mentioned. For instance, it might be good to give a reminder that vi or emacs have shell escape modes. So by giving sudo access to these programs, the users have shell with root privs! Pockeyman 00:50, 21 July 2006 (UTC)

Definitely. Running vi or emacs with sudo is nonsense anyway. You run them with copies of your sensitive files and then use sudo if you need to copy/move your files back into place. Obviously. Shell escapes coupled with privilege escalation is downright foolish. —The preceding unsigned comment was added by 62.1.220.135 (talk)

[edit] Advantages, problems

I'm fairly happy with changes I've just done, but there really needs to be an "Advantages" section highlighting *why* sudo is used, and it's advantages over direct root logins or su-ing. The disadvantages/problems are in the article, but just not clearly enough identifiead as such, imho. --Snori 09:10, 5 August 2006 (UTC)

[edit] Added alternative pronunciation

Typically people (I do) prnounce as initially described (as in sudoku), but I have heard others pronounce the, possibly more correct term using 'do' as in 'doop' and not as in 'dough', as the 'do' is literally the word, 'do'. So I added that to the article. Reikon 20:39, 6 October 2006 (UTC)

o

(Insert in prnounce.)

Why "doop", rather than "doom" which is an actual English word? All the meanings of doop given on the wiki page seem pretty obscure, so why would you expect people to know how it is pronounced? --Jwwalker 22:40, 16 October 2006 (UTC)

"doop" is an actual English word. Reikon 00:19, 4 November 2006 (UTC)

Pronunciation is the least of your worries, my child. —The preceding unsigned comment was added by 62.1.220.135 (talk)

[edit] Location of command

I think the default location of the command should also be listed. --Darth Borehd 05:04, 30 October 2006 (UTC)

By default, it's installed into /usr/bin. IlliterateSage 08:45, 3 November 2006 (UTC)

[edit] It's NOT Super-User Do

Enough of this nonsense. And no, it doesn't matter what Ms Miller says. Let us quote from the manpage for sudo - which presumably Miller also maintains.

sudo - execute a command as another user

sudo -V | -h | -l | -L | -v | -k | -K | -s | [ -H ] [-P ]
      [-S ] [ -b ] | [ -p prompt ] [ -c class|- ] [ -a auth_type
      ] [ -u username|#uid ] command

As is clearly seen, sudo can be used to execute commands as ANY user. root being default changes nothing.

Enough of this nonsense. As you expressly get to decide on which account you execute your commands, as the title of the page says expressly 'execute a command as ANOTHER user', the debate should fairly be closed.

—The preceding unsigned comment was added by 62.1.114.104 (talk)

cat(1) says:

cat - concatenate and print files

So cat should quite clearly be called catprint. I'm not even going to start on why anyone would possibly think it was sensible to call editors "vi" and "emacs." NicM 11:00, 20 March 2007 (UTC).

[edit] Mac OS X sudo frontend

Does Mac OS X's graphical frontend to sudo have a name? IlliterateSage 08:43, 3 November 2006 (UTC)

Where did you get this from??!?? Apple do not repeat NOT have a front end to sudo. sudo is simply a program. A program engraved on disk as being owned by root and having the SUID bit set that is prepared - after careful checks - to pass on its command line arguments as another process run as whatever user is requested. Neither Apple nor any other GUI need use some simple 'front end' to sudo.

Apple use their own 'authorization services' which naturally - out of safety considerations - have nothing to do with sudo. sudo runs from its own configuration files and Apple's privilege escalation trampoline runs its own way. They have no connection whatsoever.

This is what is germane to this article, so many similar articles, and discussions thereof: KEEP THE AMATEURS AWAY.

—The preceding unsigned comment was added by 62.1.114.104 (talk)