FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 04-06-2008, 03:45 PM
Karl Larsen
 
Default sudo vs. gksu

Mario Vukelic wrote:
> On Sat, 2008-04-05 at 11:31 -0600, Karl Larsen wrote:
>
>> I am going to run an experiment where I use nothing but sudo with
>> gedit and pay attention to the control files. I use joe as an editor
>> in a terminal and it has never had a problem when used in a root
>> terminal.
>>
>
> 1. Joe is not an X application, and the linked site explains that
> mainly those are affected
> 2. Why run the risk or, even worse, guide newbies into taking this
> risk? gksu has just as many characters to type as sudo and is
> safe for X apps, so why not use it?
>
>
>
Mainly because I have a hard time remembering sudo :-)

That is why I have a root password. I have used su - so long I remember it.


Karl


--

Karl F. Larsen, AKA K5DI
Linux User
#450462 http://counter.li.org.
PGP 4208 4D6E 595F 22B9 FF1C ECB6 4A3C 2C54 FE23 53A7


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 04-06-2008, 06:02 PM
NoOp
 
Default sudo vs. gksu

On 04/05/2008 06:11 AM, Tony Arnold wrote:
> Nils Kassube wrote:
>> Markus Schönhaber wrote:
>>> Mario Vukelic wrote:
>>>> No, gksu _is the right tool to use. sudo should never be used to
>>>> start graphical applications, as this could cause problems:
>>>>
>>>> https://help.ubuntu.com/community/RootSudo (in the "Notes" section)
>>> Since the above page only says "don't do it!" but doesn't explain what
>>> might happen otherwise: what problems are to be expected if one starts
>>> a graphical application with sudo?
>>
>> With sudo some applications access / modify the user's config files as
>> root. From then on they are owned by root and the user can no longer
>> access / modify them. That leads to unusual error messages which only
>> long time users can trace back to the permission problem. With gksu (or
>> kdesu if you use kde) this problem is avoided.
>
> Can you explain how this problem is avoided with gksu, or gksudo? So far
> as I can see using one of these causes the application to run with UID
> of 0, i.e., root. The app has no knowledge of how it was invoked, so any
> files is creates will be owned by root.

That is correct if you _create_ a file with gksu without specifying a
user other than root. However, when _editing_ an existing file, gksu
maintains the environment by default. See:

http://linux.die.net/man/1/gksu

man gksu

If you invoke gksu on it's own, you will be presented with a GUI that
you can use to change the user, maintain the enviroment etc. Or do it
from the command line:

gksu [-u <user>] [options] <command>
gksudo [-u <user>] [options] <command>

Further, gsku will automatically create a ~ temp file of the file being
edited, so you always have a backup.

sudo does not, unless used with the -e option or sudoedit is used.








--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 04-06-2008, 06:09 PM
NoOp
 
Default sudo vs. gksu

On 04/06/2008 12:37 AM, Michael R. Head wrote:
> On Sat, 2008-04-05 at 15:28 +0200, Mario Vukelic wrote:
>> On Sat, 2008-04-05 at 14:11 +0100, Tony Arnold wrote:
>> > Can you explain how this problem is avoided with gksu, or gksudo? So far
>> > as I can see using one of these causes the application to run with UID
>> > of 0, i.e., root. The app has no knowledge of how it was invoked, so any
>> > files is creates will be owned by root.
>> >
>> > Your explanation applies to running any app, not just graphical ones.
>>
>> http://www.psychocats.net/ubuntu/graphicalsudo
>
> That page says that "sudo nano /etc/apt/sources.list" is a good idea.
> It isn't, and for the same reason graphical apps shouldn't be run
> through sudo -- nano will create/edit extra files in your home
> directory. In fact, there's a command called "sudoedit" which solves the
> problem.
>
>>
>

Good catch.
sudoedit invokes the -e command (as in sudo -e):

http://linux.die.net/man/8/sudoedit
<quote>
-e

The -e (edit) option indicates that, instead of running a command, the
user wishes to edit one or more files. In lieu of a command, the string
"sudoedit" is used when consulting the sudoers file. If the user is
authorized by sudoers the following steps are taken:
1.

Temporary copies are made of the files to be edited with the owner
set to the invoking user.

2.

The editor specified by the VISUAL or EDITOR environment variables
is run to edit the temporary files. If neither VISUAL nor EDITOR are
set, the program listed in the editor sudoers variable is used.

3.

If they have been modified, the temporary files are copied back to
their original location and the temporary versions are removed.
If the specified file does not exist, it will be created. Note that
unlike most commands run by sudo, the editor is run with the invoking
user's environment unmodified. If, for some reason, sudo is unable to
update a file with its edited version, the user will receive a warning
and the edited copy will remain in a temporary file.
</quote>


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 04-09-2008, 02:27 PM
Derek Broughton
 
Default sudo vs. gksu

Michael R. Head wrote:

> On Sat, 2008-04-05 at 15:28 +0200, Mario Vukelic wrote:
>> On Sat, 2008-04-05 at 14:11 +0100, Tony Arnold wrote:
>> > Can you explain how this problem is avoided with gksu, or gksudo? So
>> > far as I can see using one of these causes the application to run with
>> > UID of 0, i.e., root. The app has no knowledge of how it was invoked,
>> > so any files is creates will be owned by root.
>> >
>> > Your explanation applies to running any app, not just graphical ones.
>>
>> http://www.psychocats.net/ubuntu/graphicalsudo
>
> That page says that "sudo nano /etc/apt/sources.list" is a good idea.
> It isn't, and for the same reason graphical apps shouldn't be run
> through sudo -- nano will create/edit extra files in your home
> directory. In fact, there's a command called "sudoedit" which solves the
> problem.

Note that with most such situations, it's only a problem if the first time
you use the app you do it with sudo. If you already own the .nano, or
whatever, files then they don't get "reowned" by root (at least not ime).
But I admit I fairly regularly discover some hidden file in my home
directory owned by root - and know that "sudo" was the reason.
--
derek


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 07:22 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org