First time I hear about doas tbh as a Debian user. There's no gurantees it doesn't have any vulnerabilities either so I think I'll keep using (updated) sudo...

The reason why doas is considered more secure is because it has much fewer lines of codes.

Of course not, you do you.

 

The simplicity alone, my doas.conf being a whole line of

 

permit bernd as root

 

is just beautiful in my eyes, I guess

Edit: Of course that line only acts as a sudo-ish replacement for me right now

You can fine-grainly tune it

https://man.openbsd.org/doas.conf.5

I wonder if Bernd uses sudo what it was intended for, or as a way of saying please to the computer.

What was it intended for?

Just upgrade your sudo they fixed it. Doas is not practical because it's not working all the time. I also fell for doas meme and things didn't worked. What I mean? I mean for example you try run program with root (doas) permission and it says like protocol not allowed some bullshit and refuses to work.

But it can be good test for you. Cool kids use non-default one thing.

To make specific non-privileged users to run specific privileged applications they won't be able to, because they have no magic admin password to do so. See sudoers.

If you do administrative stuff just use su -

You're wrong, saying please is also one of the ways how sudo is intended to be used.

It is very inconvenient when you need to do something simple with root privileges in the middle of your non-root session, you'll end up typing three commands instead of one (which also isn't atomic way of doing things). You may forget to exit the root session and that's unsafe.

The computer doesn't understand please. You give commands and the machine executes.

Tell me how adding sudo to every following command is more convenient?

Oh yeah, you can chain apt update with upgrade and issue sudo once but what if something happens while updating and you have to go fixing the mess? Or you want to autoremove too. Or whatever.

How? Will it execute a dd from /dev/zero to all your hard drive by itself? Or are you worried someone with fuck with your computer while you are away? Why not turning your pc off, of locking the screen? If it's your workplace noone has any business at your comp (start breaking fingers for fucking with your station), and if you are at home, do you think your family members are even know what CLI is?

Thousands of sysadmins and devops work with "su -" on daily basis, on your desktop you are your own sysadmin. It's safe.

Besides how sudo would prevent you doing something stupid? You can issue the same idiotic command with sudo the same. If you worried about safety then alias rm -i as rm. Just don't accidentally "yes rm" after that.

Sudo gives a false sense of security for novice sysadmins - and as I wrote on your own desktop you are the sysadmin. It's unnecessarily restrict you and adds nothing to actual safety. It doesn't check the validity of your commands, or if it's dangerous to your system. It's like shitty training wheels which gets in your way.

Lemme tell you the range of people who needs sudo:

- the pajeets on sites like linuxhandbookdotcom and the like

That's it.

Much more because it lets you to control (and know) which commands use root and which do not. Saying su - is more convenient is like saying that having a single root user and always using it is more convenient as in this case you don't need to use any commands.

Do you want to control your machine or do you want to let it control you?

Have too terminals open, one with root and the user acc in the other. They eat very little memory and CPU. Or use Terminator with split view. Or use screen and change between two (or more) virtual shells (one root, one user) with shortcuts.

Now that I'm thinking.

Add "export TMOUT=xxx" - where xxx is a number in seconds (I dunno the max limit, add something sensible, liek 60 for a minute, or 600 for ten minutes) - to root's .bashrc, so after the specified amount of time spent idle the account logs out. This can help minimizing access by others, if one worries about that, and forgetful about logging out.

Now that I'm thinking this further.

If one really use root, it could happen this thing logs him out while waiting for some process to finish, and that might cause some broblems. Maybe some logic can be added which initiates the timeout when no such process run, just the user idles at the prompt.

Or maybe screen has a function which detaches the virtual shell after some idleing, detaching leaves process running, and can log in back and continue the work where left off.

I have multiple sessions open all the time (different servers, bg tasks etc) and now you're saying me I should have x2 of them. Why would I want it?

That's slightly better. This way it's almost the same as sudo. Still, why bother if I can just use sudo instead and it meets my needs straight out of the box? What's your problem with sudo?

What is ans broblem's?

t. didn't read

Pill me

 

Is sudo zogged?

TL;DR keep your software up to date

Which version did it get fixed in?

With sudo? Nothing. I have broblems how it is used and I wrote it already. And I also wrote how it is done. Sysadmins don't use sudo. How it is "usually" used.

Here's a cool article:

https://www.redhat.com/sysadmin/sysadmins-dont-sudo

I don't consider myself a sysadmin, but a user that needs root priviliges to update his single user machine once in a while.

Ok, I've read it. It's highly opionated, the only argument is "I don't like using sudo this way, some people I call sysadmins don't like it so you shouldn't do it as well". That's not what I'd call a great article,why would I care what someone else calls "cringe-worthy"?