dd copy output file has root ownership - Aargh!

[bilsch01]

File bs2.bin is not a pre-existing file. I do this:

sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc

Because I used sudo, file bs2.bin gets created with owner = root.

QUESTION #1: How can I get it to come out with owner = username?

I would really like to have the command not require sudo. I really don't
see why that is required because I'm not writing to a root file.

QUESTION #2: Is there a way to do the command without sudo?

TIA. Bill S.

[Grant Taylor]

On 3/14/21 11:28 PM, bilsch01 wrote:
> File bs2.bin is not a pre-existing file. I do this:
>
> sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc
>
> Because I used sudo, file bs2.bin gets created with owner = root.

Yes, that's correct.

> QUESTION #1:  How can I get it to come out with owner = username?

You can run another command to change the ownership. But I don't think
that dd has an option to set the owner of the file. Check the man page.

> I would really like to have the command not require sudo. I really don't
> see why that is required because I'm not writing to a root file.

It very likely requires root permission to read the source file, /dev/sda2.

> QUESTION #2:  Is there a way to do the command without sudo?

Check the permissions on the source file and see if it is part of a
group and if group has sufficient permissions. -- I'll bet dollars to
donuts that other (world) doesn't have permission to read the file.

If there is a group and the group has read permissions, you can add your
user to that group so that you can read the file directly.

Note: You will likely need to log out and log back in to get the new
group to take effect. (There are other ways, but they are not as nice.)

> TIA.   Bill S.

You're welcome.



--
Grant. . . .
unix || die

[William Unruh]

On 2021-03-15, bilsch01 <fy...@always.com> wrote:
> File bs2.bin is not a pre-existing file. I do this:
>
> sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc
>
> Because I used sudo, file bs2.bin gets created with owner = root.
>
> QUESTION #1: How can I get it to come out with owner = username?

sudo chown username bs2.bin

>
> I would really like to have the command not require sudo. I really don't
> see why that is required because I'm not writing to a root file.

No but you are reading a root file
ls -la /dev/sda2

>
> QUESTION #2: Is there a way to do the command without sudo?

Log in as root?
/dev/sda2 is only readable as root or group disk.
You could always put yourself into group disk
edit /etc/groups and put your username in the line starts disk:
(use a comma if there is already an entry on that line.)
If the group which owns that file /dev/sda2 is not disk, do that for
whatever group owns that file.


>
> TIA. Bill S.

[J.O. Aho]

On 15/03/2021 06.28, bilsch01 wrote:

> File bs2.bin is not a pre-existing file. I do this:


> sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc


> Because I used sudo, file bs2.bin gets created with owner = root.


> QUESTION #1: How can I get it to come out with owner = username?

You would need to run another command to change the owner of the file

sudo chown <username> bs2.bin

you replace the <username> with the user name that you want to own the file.

> I would really like to have the command not require sudo. I really
> don't see why that is required because I'm not writing to a root file.

> QUESTION #2: Is there a way to do the command without sudo?

The user that you run as needs to have access to the raw device /dev/sda2

if you run the "ls -l /dev/sda" you should see something like
brw-rw---- 1 root disk 8, 0 Mar 14 10:41 /dev/sda

as you see that the owner is root and group privileges set for disk, the
simplest way is to add your user to the group disk (keep in mind that
the user will then be able to ruin the disk too, so I don't recommend
this), then you would be able to run the command without the use of sudo.

--

//Aho

[Jasen Betts]

On 2021-03-15, bilsch01 <fy...@always.com> wrote:

> File bs2.bin is not a pre-existing file. I do this:
>
> sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc
>
> Because I used sudo, file bs2.bin gets created with owner = root.
>
> QUESTION #1: How can I get it to come out with owner = username?

sudo dd if=/dev/sda2 bs=512 count=1 | dd of=bs2.bin bs=512 conv=notrunc


alternatively:

touch bs2.bin ; sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc

> I would really like to have the command not require sudo. I really don't
> see why that is required because I'm not writing to a root file.

Having the disk not readable by plebs protects users private data, more
important on a multi-user system.

> QUESTION #2: Is there a way to do the command without sudo?

Make the disk readable:

sudo chmod go+r /dev/sda2

After this (probably until you reboot) the original command will be
possible without sudo.


--
Jasen.

[Pascal Hambourg]

Le 15/03/2021 à 06:28, bilsch01 a écrit :
> File bs2.bin is not a pre-existing file. I do this:
>
> sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc

If the file does not pre-exist, conv=notrunc is pointless.

> Because I used sudo, file bs2.bin gets created with owner = root.
>
> QUESTION #1:  How can I get it to come out with owner = username?

Either change file ownership with chown or modify the command, assuming
the current user has write permission in the current directory :

sudo dd if=/dev/sda2 bs=512 count=1 > bs2.bin

(the redirection is done by the user shell, not by sudo)

> I would really like to have the command not require sudo. I really don't
> see why that is required because I'm not writing to a root file.

Because you are reading a raw device without the filter of filesystem
permissions. What if the partition contains sensitive data that the
current user should not be allowed to read ?

> QUESTION #2:  Is there a way to do the command without sudo?

Yes. A safe way is to create a virtual block device which exports only
the first sector of the partition (with losetup, dmsetup...) and grant
read permission on this device to the user.

[Carlos E.R.]

On 15/03/2021 08.04, J.O. Aho wrote:
>
> On 15/03/2021 06.28, bilsch01 wrote:

...

> > I would really like to have the command not require sudo. I really
> > don't see why that is required because I'm not writing to a root file.
>
> > QUESTION #2:  Is there a way to do the command without sudo?
>
> The user that you run as needs to have access to the raw device /dev/sda2
>
> if you run the "ls -l /dev/sda" you should see something like
> brw-rw---- 1 root disk 8, 0 Mar 14 10:41 /dev/sda
>
> as you see that the owner is root and group privileges set for disk, the
> simplest way is to add your user to the group disk (keep in mind that
> the user will then be able to ruin the disk too, so I don't recommend
> this), then you would be able to run the command without the use of sudo.

But you can run the 'dd' command as another user that does belong to
that group. You can do that with sudo or su.

Of course, the file will then be created as that user.

I don't know of a command that will add some group when executing some
other command.


Another possibility is adding ACLS that give read permission to the
/dev/sda2 device for read by the user that runs dd. However, this change
is temporary in distros that create the /dev tree on the fly.

--
Cheers, Carlos.

[J.O. Aho]

On 15/03/2021 09.23, Carlos E.R. wrote:
> On 15/03/2021 08.04, J.O. Aho wrote:
>>
>> On 15/03/2021 06.28, bilsch01 wrote:
>
> ...
>
>>  > I would really like to have the command not require sudo. I really
>>  > don't see why that is required because I'm not writing to a root file.
>>
>>  > QUESTION #2:  Is there a way to do the command without sudo?
>>
>> The user that you run as needs to have access to the raw device /dev/sda2
>>
>> if you run the "ls -l /dev/sda" you should see something like
>> brw-rw---- 1 root disk 8, 0 Mar 14 10:41 /dev/sda
>>
>> as you see that the owner is root and group privileges set for disk,
>> the simplest way is to add your user to the group disk (keep in mind
>> that the user will then be able to ruin the disk too, so I don't
>> recommend this), then you would be able to run the command without the
>> use of sudo.
>
> But you can run the 'dd' command as another user that does belong to
> that group. You can do that with sudo or su.

The OP asked for not using sudo (and I think that excludes su too as it
will take even more arguments to run the same command).

> Of course, the file will then be created as that user.

If course it will and then we are back at the issue the OP has.

> I don't know of a command that will add some group when executing some
> other command.

There ain't commands that gives you temp group memberships, you need to
give those on a permanent bases and even if there had been a gudo, it
wouldn't be what the OP actually wanted.

> Another possibility is adding ACLS that give read permission to the
> /dev/sda2 device for read by the user that runs dd. However, this change
> is temporary in distros that create the /dev tree on the fly.

Add the user to the disk membership and then use SELinux to limit that
users privileges to just be read. This would require that you are using
SELinux fully, but most people seems to disable it if they are using
SELinux pre-enabled distro and I have a feeling the OP wouldn't be
skilled in setting up SELinux rules, for then OP would have already
thought of this as an option.


--

//Aho

[Anssi Saari]

bilsch01 <fy...@always.com> writes:

> File bs2.bin is not a pre-existing file. I do this:
>
> sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc
>
> Because I used sudo, file bs2.bin gets created with owner = root.
>
> QUESTION #1: How can I get it to come out with owner = username?

I'll answer this since I don't see it covered. It's as simple as:

sudo dd if=/dev/sda2 bs=512 count=1 conv=notrunc > bs2.bin

> I would really like to have the command not require sudo. I really
> don't see why that is required because I'm not writing to a root file.

<Shrug> That would bypass file system permissions entirely for
everyone.

[Carlos E.R.]

On 15/03/2021 14.12, Anssi Saari wrote:
> bilsch01 <fy...@always.com> writes:
>
>> File bs2.bin is not a pre-existing file. I do this:
>>
>> sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc
>>
>> Because I used sudo, file bs2.bin gets created with owner = root.
>>
>> QUESTION #1: How can I get it to come out with owner = username?
>
> I'll answer this since I don't see it covered. It's as simple as:
>
> sudo dd if=/dev/sda2 bs=512 count=1 conv=notrunc > bs2.bin

Pascal Hambourg mentioned this.

--
Cheers, Carlos.

[STALKING_TARGET_77]

This forum is a puss-filled cyst. All that Slimer cares about is that
Slimer gets to inflict his crank call and then hang up and giggle about
it. The fact that Steve the Racist Swine Carroll is an innocent patsy
on the other end of the phone is what's funny. My point of view: Even
if he was merely learning how to scam the government, the idea that earning
wisdom as being one of having "not anything" to show for it doesn't fly
because you'll by definition have the insight to show for it and knowledge
is a dangerous weapon. The image of another one of Slimer's forged accounts,
no doubt. At some point Steve the Racist Swine Carroll will realize his
'friend' is not what he says. I'm getting sick of the nonsense in here.
I'm guessing the sock frenzy circus is in its brain damage mode again.



--
Eight things to never feed your dog!!
https://www.bing.com/search?q=%22functionally%20illiterate%20fraud%22
<https://findwhocallsyou.com/4234911448?CallerInfo>
Steve 'Racist Swine' Carroll

[bilsch01]

On 3/15/21 1:11 AM, Pascal Hambourg wrote:
> Le 15/03/2021 à 06:28, bilsch01 a écrit :
>> File bs2.bin is not a pre-existing file. I do this:
>>
>> sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc
>
> If the file does not pre-exist, conv=notrunc is pointless.
>
>> Because I used sudo, file bs2.bin gets created with owner = root.
>>
>> QUESTION #1:  How can I get it to come out with owner = username?
>
> Either change file ownership with chown or modify the command, assuming
> the current user has write permission in the current directory :
>
> sudo dd if=/dev/sda2 bs=512 count=1 > bs2.bin

pretty slick

[bilsch01]

Thanks.

[bilsch01]

On 3/14/21 11:54 PM, William Unruh wrote:
> On 2021-03-15, bilsch01 <fy...@always.com> wrote:
>> File bs2.bin is not a pre-existing file. I do this:
>>
>> sudo dd if=/dev/sda2 of=bs2.bin bs=512 count=1 conv=notrunc
>>
>> Because I used sudo, file bs2.bin gets created with owner = root.
>>
>> QUESTION #1: How can I get it to come out with owner = username?
>
> sudo chown username bs2.bin
>
>>
>> I would really like to have the command not require sudo. I really don't
>> see why that is required because I'm not writing to a root file.
>
> No but you are reading a root file
> ls -la /dev/sda2
>
>>
>> QUESTION #2: Is there a way to do the command without sudo?
>
> Log in as root?
> /dev/sda2 is only readable as root or group disk.
> You could always put yourself into group disk
> edit /etc/groups and put your username in the line starts disk:

yes that worked.

[bilsch01]

what is "adding ACLS" ?
>

[Pascal Hambourg]

ACLs are Access Control Lists. POSIX file ACLs extend the traditional
Unix permission system. You can get and set file ACLs with getfacl and
setfacl.

man acl
man setfacl
man getfacl

Note that if /dev is a devtmpfs populated by udev as in most current
distributions, any change in its contents is not persistent. Persistent
changes must be done with udev rules.

[Pascal Hambourg]

Le 18/03/2021 à 11:12, bilsch01 a écrit :
> On 3/14/21 11:54 PM, William Unruh wrote:
>>
>> /dev/sda2 is only readable as root or group disk.
>> You could always put yourself into group disk
>> edit /etc/groups and put your username in the line starts disk:
>
> yes that worked.

But it is a very bad idea, as already explained. It allows the user to
destroy the contents of any disk by mistake.

[Carlos E.R.]

CL(5) BSD File Formats Manual ACL(5)

NAME
acl — Access Control Lists

DESCRIPTION
This manual page describes POSIX Access Control Lists,
which are used to define more fine-grained discretionary
access rights for files and directories.

ACL TYPES
Every object can be thought of as having associated with
it an ACL that governs the discretionary access to that
object; this ACL is referred to as an access ACL. In
addition, a directory may have an associated ACL that
governs the initial access ACL for objects created
within that directory; this ACL is referred to as a
default ACL.

...

SEE ALSO
chmod(1), creat(2), getfacl(1), ls(1), mkdir(2),
mkfifo(2), mknod(2), open(2), setfacl(1), stat(2),
umask(1)

...




CHACL(1) Access Control Lists CHACL(1)

NAME
chacl - change the access control list of a file or
directory

SYNOPSIS
chacl acl pathname...
chacl -b acl dacl pathname...
chacl -d dacl pathname...
chacl -R pathname...
chacl -D pathname...
chacl -B pathname...
chacl -l pathname...
chacl -r pathname...

DESCRIPTION
chacl is an IRIX-compatibility command, and is main-
tained for those users who are familiar with its use
from either XFS or IRIX. Refer to the SEE ALSO sec-
tion below for a description of tools which conform
more closely to the (withdrawn draft) POSIX 1003.1e
standard which describes Access Control Lists (ACLs).

chacl changes the ACL(s) for a file or directory. The
ACL(s) specified are applied to each file in the path-
name arguments.

...

SEE ALSO
getfacl(1), setfacl(1), chmod(1), umask(1),
acl_from_text(3), acl(5), xfsdump(8)



--
Cheers, Carlos.

[Smit]

But Apd feels the need to belittle the cult-like herd of convenient friends.
So, yeah, I buy into my own make believe world, fully knowing it's fake,
because it makes me reconsider my code, improving it. Awhile back I did work
on and showed some Ruby for the front end (only works on Wayland) which is
the only thing you can do when trying to avoid Apd's narcissistic crap while
reading with Google Groups. Do not get too egotistical, Apd, sometimes "cigars"
are just that. Frankly I do not really have any hope. F. Russell shared a
specific series of urls several times now, and invited Apd to show which
ones aren't true and provide the testimony to back his allegation. No way
has Apd done so.

I think the person you are attacking is in my kill file.

--
Get Rich Slow
https://search.givewater.com/serp?q=Dustin+Cook+%22functional+illiterate+fraud%22
https://duckduckgo.com/?q=steve+carroll+racist+swine
Dustin Cook the Fraud

[William Unruh]

So does sudo.

[Carlos E.R.]

In theory, when one uses "sudo" one is extra careful.

But when one does as plain user "echo Hello > /dev/sda2" one is not that
careful.


--
Cheers, Carlos.

[Stefen Petruzzelllis]

Remember, you simply have been wrong about EVERYTHING dealing with the number:

1) You denied your number was in my provider's "Caller ID" logs even AFTER
you called me and were shown evidence to the contrary:

<https://youtu.be/xRvaRLlb3b8>

2) You denied the number in the "Caller ID" logs was tied to Johnson City
even though the evidence is contrary:

<https://www.whitepages.com/phone/1-423-491-1448>

<https://findwhocallsyou.com/4234911448?CallerInfo>

3) You denied you gave me public permission to share the number in that
logs, even after you did:

Gremlin <XnsAC15C9...@ruqg2R96.REs>:
-----
You have my permission to post your caller ID logs, snit.
-----

4) You denied the number in that log was tied to you in pubic databases
even though it is:

<https://www.truepeoplesearch.com/results?name=4234911448&Diesel&Gremlin&Dustin_Cook>

<https://www.truepeoplesearch.com/details?phoneno=4234911448&rid=0x0&Diesel&Gremlin&Dustin_Cook>

5) You made up a bizarre story about my having the info changed at TruePeopleSearch,
even though it is very unlikely they would allow people to change OTHER'S
information. And that does not explain this:

<https://www.usphonebook.com/423-491-1448?Dustin-Cook&Diesel&Gremlin>

You claim to know so much about tech and your phone... but you keep getting
EVERYTHING about it wrong. Instead of repeatedly questioning me about circuits
you should focus on whatever is short circuiting in your head. :)

--
Curious how these posts are made? Email: frelw...@gmail.com

[Stefen]

You are quick as a tuna on ice. You installed and did extensive testing and
your "extensive experience" lead you to that conclusion, and...

Does Steve Carroll believe the nonsense Tattoo Vampire is spewing? Steve
Carroll can create a virtual machine. Rips what that Mac can do to shreds!

It is a well know fact when Tattoo Vampire habitually uses the word 'innocent'
the way CNN does, to the point where the word becomes a conspiracy itself.

--
Do not click this link!
https://www.bing.com/search?q=Dustin+Cook+the+functional+illiterate+fraud
<https://www.truepeoplesearch.com/results?name=4234911448&Diesel&Gremlin&Dustin_Cook>
https://www.bing.com/search?q=steve+carroll+the+racist+swine
Steve Carroll the Racist Swine

[Silver Slimer]

Linux offers the least of everything to the average user. Do you have a
CCNA certification?

I'm about to KF him, myself. Like all losers, he's constantly looking for
some way to abuse, no matter how ridiculous the accusation. I will not read
his response to this post. He's cornered, wants to pretend he is innocent,
and will berate. Most likely starting with a cocky "<snip>", as if what
I've written is *so* off base. That BADish "response" was it, for me. Too
much glue for you, gluey.

Lines of text containing words from J. J. Lodder twisted horridly by Silver
Slimer. No one here has ever read my script, much less found a bug; still,
in the back of my mind, I'm thinking, "That's wrong, how embarrassing",
but nobody knows that.

--
This broke the Internet
<https://www.truepeoplesearch.com/results?name=4234911448&Diesel_Gremlin_Dustin_James_Cook>
Dustin Cook the functionally illiterate fraud

[Curt]

So does dropping the whole shebang from the Empire State Building.

The idea behind there being a deliberate, express, conscious *process*
of transition (sudo) from that of a regular user to a state of elevated
privilege is to enhance the privileged user's awareness of this very
state, which is by definition *ephemeral*. So the equivalency your
establishing here is false.

[Curt]

you're
> establishing here is false.

Oops.


--

[William Unruh]

On 2021-03-23, Curt <cu...@free.fr> wrote:

Sudo is far too easy to be a "deliberate, express, conscious *process*".
If you were asked to enter the root password, it could be, but just
typing four letters hardly makes it "deliberate, express, conscious
*process*".

Dropping the whole thing from the Empire State building (I would have to
book and airline ticket, get on a plane to New York, buy a ticket to the
obersvation deck, and manage to throw the thing over the plexiglass
anti-suicide barriers to do that) I agree is a "deliberate,
express, conscious *process*". Typing sudo is not.
I will agree that it is a little bit more-so than putting yourself into
the disk group, after which you never again have to think at all,
but not terribly much more-so..

[Peter Köhlmann]

Am 23.03.21 um 17:40 schrieb William Unruh:

> On 2021-03-23, Curt <cu...@free.fr> wrote:
>> On 2021-03-19, William Unruh <un...@invalid.ca> wrote:
>>> On 2021-03-18, Pascal Hambourg <pas...@plouf.fr.eu.org> wrote:
>>>> Le 18/03/2021 à 11:12, bilsch01 a écrit :
>>>>> On 3/14/21 11:54 PM, William Unruh wrote:
>>>>>>
>>>>>> /dev/sda2 is only readable as root or group disk.
>>>>>> You could always put yourself into group disk
>>>>>> edit /etc/groups and put your username in the line starts disk:
>>>>>
>>>>> yes that worked.
>>>>
>>>> But it is a very bad idea, as already explained. It allows the user to
>>>> destroy the contents of any disk by mistake.
>>>
>>> So does sudo.
>>>
>>
>> So does dropping the whole shebang from the Empire State Building.
>>
>> The idea behind there being a deliberate, express, conscious *process*
>> of transition (sudo) from that of a regular user to a state of elevated
>> privilege is to enhance the privileged user's awareness of this very
>> state, which is by definition *ephemeral*. So the equivalency your
>> establishing here is false.
>
> Sudo is far too easy to be a "deliberate, express, conscious *process*".
> If you were asked to enter the root password, it could be, but just
> typing four letters hardly makes it "deliberate, express, conscious
> *process*".
>

sudo ain't sudo. There are real differences in setup. Most Debian
derived distros have the setup you describe, that is typing sudo will
enhance your privileges. Other distros have setup sudo quite different,
you need to type in roots password (SuSE for example does) after typing
the sudo line. You can change your setup, naturally. You can cange SuSEs
setup to the described one, or you can chnage Ubuntus setup to the way
SuSE does.

[Carlos E.R.]

On 23/03/2021 17.40, William Unruh wrote:
> On 2021-03-23, Curt <cu...@free.fr> wrote:
>> On 2021-03-19, William Unruh <un...@invalid.ca> wrote:
>>> On 2021-03-18, Pascal Hambourg <pas...@plouf.fr.eu.org> wrote:
>>>> Le 18/03/2021 à 11:12, bilsch01 a écrit :
>>>>> On 3/14/21 11:54 PM, William Unruh wrote:
>>>>>>
>>>>>> /dev/sda2 is only readable as root or group disk.
>>>>>> You could always put yourself into group disk
>>>>>> edit /etc/groups and put your username in the line starts disk:
>>>>>
>>>>> yes that worked.
>>>>
>>>> But it is a very bad idea, as already explained. It allows the user to
>>>> destroy the contents of any disk by mistake.
>>>
>>> So does sudo.
>>>
>>
>> So does dropping the whole shebang from the Empire State Building.
>>
>> The idea behind there being a deliberate, express, conscious *process*
>> of transition (sudo) from that of a regular user to a state of elevated
>> privilege is to enhance the privileged user's awareness of this very
>> state, which is by definition *ephemeral*. So the equivalency your
>> establishing here is false.
>
> Sudo is far too easy to be a "deliberate, express, conscious *process*".
> If you were asked to enter the root password, it could be, but just
> typing four letters hardly makes it "deliberate, express, conscious
> *process*".

In my machine, sudo requires a password.


--
Cheers, Carlos.

[William Unruh]

On 2021-03-23, Carlos E.R. <robin_...@es.invalid> wrote:
>>
>> Sudo is far too easy to be a "deliberate, express, conscious *process*".
>> If you were asked to enter the root password, it could be, but just
>> typing four letters hardly makes it "deliberate, express, conscious
>> *process*".
>
> In my machine, sudo requires a password.

Yes, you can set it up that way as well. Its advantage over just doing
su is then not great, except of course it will only run that one
command (although if that command is su, or bash, it would be almost
equivalent to su, except that the environment will be messed up)

>
>

[STALKING_TARGET_22]

Out-and-out gobbledygook by an uneducated, tall-tale telling, deceitful,
colluding laughingstock who would not be honest if his life depended
on it.

This is truly a hobby of mine. What Troll Killer Snit does is certainly
technically correct. Was that meant to be to Troll Killer Snit? Lots
of posters continue replying to Troll Master Steve Carroll. To be honest,
I can't blame Troll Killer Snit for being pissed but, truly, I do not
understand why he writes here at all. Troll Killer Snit is more interested
in conversations as found in a formal group and trolling forums will
just lead to frustration. "Somewhere between 1993 or 2001 I trusted Troll
Killer Snit - the completely irrational liar" - Troll Master Steve Carroll.

--
I Left My Husband & Daughter At Home And THIS happened
https://duckduckgo.com/?q=%22FUNCTIONAL+ILLITERATE+FRAUD%22
https://www.bing.com/search?q=dustin+cook%3A+functionally+illiterate+fraud
https://swisscows.com/web?query=%22functionally%20illiterate%20fraud%22
Dustin Cook is a functional illiterate fraud

[Carlos E.R.]

One advantage in my machine is that it does not require root's password,
and that the admin controls what exact commands can be accessed.

--
Cheers, Carlos.

[John Hasler]

William Unruh wrote:
> Yes, you can set it up that way as well. Its advantage over just doing
> su is then not great, except of course it will only run that one
> command

Which is exactly why it's a good idea: only those commands which
actually need root get it.
--
John Hasler
jha...@newsguy.com
Dancing Horse Hill
Elmwood, WI USA

[Curt]

On 2021-03-24, John Hasler <jha...@newsguy.com> wrote:
> William Unruh wrote:
>> Yes, you can set it up that way as well. Its advantage over just doing
>> su is then not great, except of course it will only run that one
>> command
>
> Which is exactly why it's a good idea: only those commands which
> actually need root get it.

My only point was, whether you use sudo or su, and ignoring the red
herring of "easiness," this "process" (a particular action intended to
produce a particular result) of becoming root-like or root serves a
purpose in and of itself: it is to elevate the awareness of the user at
the same time as her privileges, in order that she take special care
after the process is performed. How and why this concept appears to
elude Mr. Unruh is left as an exercise for the reader.

[Carlos E.R.]

I agree.

--
Cheers, Carlos.