[GRLUG] Distro's - was GRLUG test comment

Adam bultman adamb at glaven.org
Thu May 4 17:11:42 EDT 2006

Ron Lauzon wrote:
> David Pembrook wrote:
>> I don't like how they tried to remove the su to root concept (there is 
>> no root password so you can't "su" and must use sudo). I got done with 
>> my install and was scratching my head like a lot of other uses 
>> thinking "they never asked for my root password". 
> I didn't like that either.
> I recently got a copy of Ubuntu from Penguicon, so I've started a 
> project to make the system to everything (more or less) that I can do on 
> my current Mandriva install.
> I didn't like the "You want to do something that you normally don't do, 
> but just type in your password and I'll let you do it."  So there's 
> basically no root security.
Yes, there's root security.  It's just that in order to get people who 
aren't hardcore nerds to use it, it has to be easier than, "Well, first 
log out of X, and then log in as root.  Then, you can do what you 
wanted, and hope that the changes work, and are global changes. And that 
if you are changing resolutions, that X works at all.  Or if you don't 
like that, you can go to your console, and then type 'su - root, and 
then enter the root password, and then edit /etc/X11/xorg.conf, read in 
the file, add what you need, or if you can't find what you need or 
understand it, read the man pages or google for it and hopefully you 
won't stumble into one of the many linux users who are complete jerks. "   

"Normal Users" don't really feel like fiddling with that, and I bet you 
that 99% of users will throw the cd away, install windows, and forever 
pipe up with "Oh, linux? Is that where it's a huge pain to do the most 
mundane of tasks that I can do on windows without batting an eye? Yeah, 
linux sucks. Don't use it."

> I can see why they did this, though.  It's more Windows-ish and the home 
> users will have an easier time of it.
No, windows-ish is logging in as root all the time and running as root 
constantly. Which too many people in linux do to get around things that 
ubuntu makes easier for end users.   Using sudo is a way of allowing a 
user that doesn't understand the guts of linux, or use VI, or know what 
the heck 'bash' is, manage his/her system with a minimum of fuss.  
Without the user's password, sudo is useless, since it asks for a 
password.  Some schmuck walking up to the workstation can't rm -rf, 
because the password is still secret.

> Now, you CAN go back in and change the root user's password.  Then you 
> can su to root without problem.  But you don't need to be root to do 
> that.  Bad.
There's two things you can do: 'visudo' and 'vi /etc/sudoers' (the 
second of which is frowned upon.)

I don't know about some of the people here, but there's a decent amount 
of tweaking I do to a system when I install it; even more so if it's a 
desktop.  Furthermore, many people I know with desktops (and servers)  
that run linux give themselves sudo anyway, since root passwords are the 
"key to the city" and a) should be kept very secret, and b) shouldn't be 
used willy-nilly.


At some point, linux has to make itself usable to the public.  "sudo" is 
a decent, and widely accepted and widely used management tool, and it's 
a very happy middle point between what windows does, and the 'linux 
way', whch is a huge pain in the ass.  The number of people I've seen 
switch to linux I can count on both hands, and each time, they had the 
hardest time grasping the 'this is your root password, and this is your 
user password, and they can't be the same, and they should be difficult 
passwords, and you need to...".    Windows is very popular because it is 
easy, and powerful. Linux is powerful, and difficult, and without making 
it easier, nobody will use it.  You ought to trumpet about 'root 
security' one distributions that require root passwords and normal 
passwords, and then watch as the user sets both passwords to the same 
thing in the name of reducing the headache  or just use root all the 
time to remove the headache totally.



More information about the grlug mailing list