systemdlete | It's no wonder that proxmox is not in our repo--guess what it depends on? >( | 00:23 |
---|---|---|
systemdlete | proxmox describes itself as open source... | 00:25 |
systemdlete | I suppose I could try building it sans systemd | 00:25 |
systemdlete | that is, if their source code has such an option | 00:26 |
cws6969 | i am using doas | 13:01 |
cws6969 | The following line is the configuration | 13:01 |
cws6969 | permit persist setenv { PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" } test-user-name as root | 13:01 |
cws6969 | but "PATH" doesn't seem to work | 13:01 |
cws6969 | doas modprobe cramfs | 13:01 |
cws6969 | doas: modprobe: command not found | 13:01 |
cws6969 | Cannot execute commands in /usr/sbin | 13:01 |
cws6969 | os devuan 4 | 13:01 |
hagbard | cws6969: did you use su ? | 13:05 |
cws6969 | not use su | 13:06 |
hagbard | In case of using su putting "ALWAYS_SET_PATH yes" in /etc/default/su would help. | 13:06 |
hagbard | How did you login as root? | 13:06 |
hagbard | ah, ok, u used doas. never heard of that, sorry. | 13:08 |
hagbard | but su would also work to do something as a different user | 13:08 |
cws6969 | general user , id=1000 | 13:08 |
cws6969 | su Greater scope of authority , more dangerous | 13:11 |
hagbard | to replace sudo, I have definied this function, that uses su, in my .bashrc: suc() { su -s /bin/bash -c "$(printf "%q " "$@")"; } | 13:11 |
fsmithred | cws6969, did you try using the full path to the command with doas? doas /usr/sbin/modprobe cramfs | 13:22 |
Guest30 | no . it will automatically find , in the $PATH | 13:27 |
Guest30 | @hagbard suc() { su -s /bin/bash -c $@ } | 13:30 |
cws6969 | @hagbard "suc" Cannot execute command with arguments | 14:08 |
rrq | https://en.wikipedia.org/wiki/PATH_(variable) | 14:11 |
* joerg wonders what's wrong with sudo that justifies a "doas" | 18:53 | |
phogg | joerg: sudo is far more complicated than is required for its most common use case | 18:56 |
joerg | hmm >>doas was developed by Ted Unangst for OpenBSD as a simpler and safer sudo replacement.[4][5] Unangst himself had issues with the default sudo config, which was his motivation to develop doas.[2]<< | 18:56 |
phogg | For a tool which needs to be very secure being simpler is obviously better, if you can be. | 18:57 |
_ds_ | I think that this was intended earlier: | 18:57 |
_ds_ | suc() { su -s /bin/bash -c "$@" } | 18:57 |
joerg | emphasis on "default" I guess, which reminds me on rationale for inventing polypaudio etc | 18:57 |
phogg | joerg: It's somewhat difficult to configure sudo without introducing unintentional local root exploits. It's a lot harder to do that with doas. | 18:58 |
* joerg thought this class of concerns was the domain where solutions like vipw, visudo >>performs basic validity checks, and checks for syntax errors…<< excel and are the solution of choice | 19:19 | |
joerg | seems simple enough to augment the editor to give hints and check for oopsies of all kind | 19:20 |
joerg | hmmm, maybe inspired by visudo? https://i.imgur.com/UarMbMF.png | 19:23 |
* joerg takes it to #devuan-offtopic | 19:24 | |
* used____ shudders seeing a visual sudoers editor. | 19:28 | |
joerg | yeah, kinda funny | 19:40 |
used____ | You have to trust someone, eventually... Windows poledit is not much worse. Been a long time. | 20:03 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!