🚀 go-pugleaf

On Jun 14, 2009, at 8:24 PM, Patrick Wiseman wrote:

> On Sun, Jun 14, 2009 at 3:13 PM, Rick Thomas<rbthomas55@pobox.com>
> wrote:
>>
>> Bug reported as Bug#533089
>>
>> Sadly, if your diagnosis is correct, it may not be fixable...
>>
>> Oh well, I guess that's what "sudo -i" in a normal terminal is for...
>
> 'sudo -l' you mean?  That (or just 'su' alone) gives me root access
> within a gnome-terminal, at which point I can do what I need to do.
> But that also demonstrates that whatever security concerns are driving
> the disabling of 'Root Terminal' from the menu are completely bogus.
> And it has conveniences (not having to provide a password every time I
> open a new tab, for example) which this workaround doesn't.  Oh, well,
> indeed ....


I meant "-i" -- from the man page for sudo(8)

>  -i  The -i (simulate initial login) option runs the shell specified
> in
>      the passwd(5) entry of the user that the command is being run as.
>      The command name argument given to the shell begins with a `-' to
>      tell the shell to run as a login shell.  sudo attempts to
> change to
>      that user's home directory before running the shell.  It also
> ini-
>      tializes the environment, leaving TERM unchanged, setting HOME,
>      SHELL, USER, LOGNAME, and PATH, and unsetting all other
> environment
>      variables.  Note that because the shell to use is determined
> before
>      the sudoers file is parsed, a runas_default setting in sudoers
> will
>      specify the user to run the shell as but will not affect which
>      shell is actually run.

And you can configure /etc/sudoers so that you never have to provide
a password.  Read the sudoers(5) man page.

I'm not clear on whether the security concerns driving this issue extend
to sub-processes running as root, or just those started as root.
I'll leave that explanation to those with a better understanding of the
issue.

Rick