Request for review - update/software management tutorial (updated links)

Paul W. Frields stickster at gmail.com
Sun Apr 3 21:59:06 UTC 2005 

On Sun, 2005-04-03 at 22:28 +0100, Stuart Ellis wrote:
> On Sun, 2005-04-03 at 15:55 -0500, Tommy Reynolds wrote:
> > Uttered "Paul W. Frields" <stickster at gmail.com>, spake thus:
> > 
> > > > It's really a workaround for the fact that sudo isn't configured by
> > > > default. I didn't think that I could safely use sudo in the example
> > > > commands, since even if the Hardening Guide was up and could be linked
> > > > to, there's no guarantee that the user/admin would have successfully
> > > > gone through the setup beforehand.
> > > 
> > > I like the idea of using sudo as well, but Stuart's obviously right in
> > > the more global sense of not making assumptions when you're writing a
> > > doc.  But... do I sense the need for a sudo-tutorial? :-)
> > 
> > Ahem.  Since the postulated reader has the root password anyway (or
> > "su -c" ain't gonna work anyway) then why not a single paragraph
> > about adding an entry to "/etc/sudoers"?  That done, all that
> > off-putting, error-prone "su -c 'quote this junk'" disappears.
> > 
> > You may want to add an admonition to clean up after ones self...
> 
> Hmm.  I'd like to be able to promote sudo (or at least handle root
> commands nicely), and it definitely doesn't take much text to explain
> the basic setup:
> 
> http://members.cox.net/tuxxer/s1-chapter3-sudo.html
> 
> If all example commands use sudo I guess it means either having a
> boiler-plate bit of text for all tutorials that use CLI (to keep
> consistency), or having a standard little article that we could link to.

I would like to avoid any use of boilerplates, since they add to the
maintenance load for any given set of documents. That's why I mentioned
a "sudo-tutorial." Said tutorial does not need to be a long expository
document covering all sudo options. It merely needs to cover enough to
make any references to it useful.  Then everyone can link to it and
maintenance is constrained to a single point for the sudo issue.

**Side note to Charles:  As far as "system hardening" goes, adding
an /etc/sudoers definition such as the one shown in the link above is
probably not a great idea.  Is it truly "hardening" a system to provide
a backdoor to the root account?  I would leave out the part about
NOPASSWD for purposes of your guide.

> It's almost the sort of thing you might stick in a FAQ, or some other
> high-profile central document.

Like a sudo-tutorial? ;-)

>    Could the Release Notes perhaps be
> stretched with a "recommended post-installation configuration" section,
> or similar ?

Hmm... There are just as many people for whom any use of sudo is ill-
advised, as those for whom it may be a godsend.  Therefore I would not
think the Release Notes is a good place for this.  The Release Notes
generally answer the question, "What is this?", "Is there anything I
need to know before I install it?" and "How has it changed from the last
release(s)?"

All right, I'll yield....

-- 
Paul W. Frields, RHCE                          http://paul.frields.org/
  gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233  5906 ACDB C937 BD11 3717
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/docs/attachments/20050403/35945409/attachment.bin

More information about the docs mailing list