On Sun, 2005-04-03 at 22:28 +0100, Stuart Ellis wrote:
On Sun, 2005-04-03 at 15:55 -0500, Tommy Reynolds wrote:
Uttered "Paul W. Frields" stickster@gmail.com, spake thus:
It's really a workaround for the fact that sudo isn't configured by default. I didn't think that I could safely use sudo in the example commands, since even if the Hardening Guide was up and could be linked to, there's no guarantee that the user/admin would have successfully gone through the setup beforehand.
I like the idea of using sudo as well, but Stuart's obviously right in the more global sense of not making assumptions when you're writing a doc. But... do I sense the need for a sudo-tutorial? :-)
Ahem. Since the postulated reader has the root password anyway (or "su -c" ain't gonna work anyway) then why not a single paragraph about adding an entry to "/etc/sudoers"? That done, all that off-putting, error-prone "su -c 'quote this junk'" disappears.
You may want to add an admonition to clean up after ones self...
Hmm. I'd like to be able to promote sudo (or at least handle root commands nicely), and it definitely doesn't take much text to explain the basic setup:
http://members.cox.net/tuxxer/s1-chapter3-sudo.html
If all example commands use sudo I guess it means either having a boiler-plate bit of text for all tutorials that use CLI (to keep consistency), or having a standard little article that we could link to.
I would like to avoid any use of boilerplates, since they add to the maintenance load for any given set of documents. That's why I mentioned a "sudo-tutorial." Said tutorial does not need to be a long expository document covering all sudo options. It merely needs to cover enough to make any references to it useful. Then everyone can link to it and maintenance is constrained to a single point for the sudo issue.
**Side note to Charles: As far as "system hardening" goes, adding an /etc/sudoers definition such as the one shown in the link above is probably not a great idea. Is it truly "hardening" a system to provide a backdoor to the root account? I would leave out the part about NOPASSWD for purposes of your guide.
It's almost the sort of thing you might stick in a FAQ, or some other high-profile central document.
Like a sudo-tutorial? ;-)
Could the Release Notes perhaps be stretched with a "recommended post-installation configuration" section, or similar ?
Hmm... There are just as many people for whom any use of sudo is ill- advised, as those for whom it may be a godsend. Therefore I would not think the Release Notes is a good place for this. The Release Notes generally answer the question, "What is this?", "Is there anything I need to know before I install it?" and "How has it changed from the last release(s)?"
All right, I'll yield....