• mlg@lemmy.world
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    1
    ·
    2 months ago

    Our crappy vendor software will only function if IPv6 is disabled network wide. Even if one machine has it enabled, the whole thing breaks

    Lol our former crappy vendor solution required to be run directly from AD Administrator. Pure luck the entire business didn’t collapse before we replaced it.

    A thread I read a long time ago on r/sysadmin

        • 0x4E4F@sh.itjust.worksOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          2 months ago

          Oh, sorry, I misread programs as programmers 😁.

          And no, I don’t think so. Credentials need to be cleared before exectution.

          • Kairos@lemmy.today
            link
            fedilink
            arrow-up
            1
            ·
            2 months ago

            Okay. So you must invoke sudo fr on the exact same shell? It cant be taken from a subsequent script?

            • 0x4E4F@sh.itjust.worksOP
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              2 months ago

              Credentials are inherited by every child process that the parent process invokes. Thus, if you give root credentials to a command, every subsequent command that the original one invokes will have root credentials.

              There are some exceptions, but these are special case scenarios and are literally only a few.

              • Kairos@lemmy.today
                link
                fedilink
                arrow-up
                1
                ·
                2 months ago

                That doesnt at all answer my concern but I’ll interpret the answer as no it doesn’t do that.

                • 0x4E4F@sh.itjust.worksOP
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  edit-2
                  2 months ago

                  Sorry (again 😂, this happens quite a lot with you, lol), it’s early in the morning here, didn’t have my coffee yet.

                  If the question is can privileges be escalate later on while a command or a script is executing, the answer is yes. You can also deescalate them once the root creds stuff is done executing. You just have to make it clear in the script or the command that “you do this with root creds, but then you continue with user creds”.

                  The point I was trying to make with my previous comment was that, if a process (command, script, whatever) is ran with root privileges, every program, command, script it invokes later on is ran with root privileges, unless it’s specifically noted to run this or that part with some other privileges.

  • barsquid@lemmy.world
    link
    fedilink
    arrow-up
    13
    ·
    2 months ago

    Reminds me of software saying to put your docker socket into the docker container you are starting for convenience.

    • flashgnash@lemm.ee
      link
      fedilink
      arrow-up
      9
      ·
      2 months ago

      Could you not just use root to give your user sudo? Seems like a pretty dumb restriction

      • HubertManne@moist.catsweat.com
        link
        fedilink
        arrow-up
        3
        ·
        2 months ago

        Possibly but my role was such Im really only supposed to be working on my project and not monkey with the server which is used by other projects. I don’t think it was a restriction I think it was just laziness by whoever set it up.

        • flashgnash@lemm.ee
          link
          fedilink
          arrow-up
          6
          ·
          edit-2
          2 months ago

          Fair enough. Got a colleague who sudo nanos everything then wonders why he keeps getting permission denied errors later lol

          • 0x4E4F@sh.itjust.worksOP
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            2 months ago

            …file in ~/.config

            - sudo nano /path/to/file… yeah, I wanna fucking save changes… OK, let’s see if it works… damn it, this distro fucking sucks man!

              • 0x4E4F@sh.itjust.worksOP
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                2 months ago

                Jesus 🤦…

                And this is why I never get bonuses. I just can’t be bothered with kissing upper management ass… tried it once… I walked out of the meeting with me telling them “less talking, more doing”… no one from upper management called me ever again. Even if they did have a computer problem, they just told the secretary to call me.

  • dunz@feddit.nu
    link
    fedilink
    arrow-up
    3
    ·
    2 months ago

    Use Sudo -i instead. Sudo su is like cat file | grep pattern vs grep pattern file. You’re wasting resources.

  • fmstrat@lemmy.nowsci.com
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    2
    ·
    2 months ago

    Tell me you use Ubuntu without telling me you use Ubuntu.

    Wait till you try this on Debian or non Ubuntu variants.

      • Laurel Raven@lemmy.zip
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        2 months ago

        Debian doesn’t have sudo by default, you have to install it manually

        Not sure what they mean by “non Ubuntu variants” though since most other distros add it even when they aren’t Ubuntu based

      • 0x4E4F@sh.itjust.worksOP
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        3
        ·
        edit-2
        2 months ago

        Ubuntu uses Snaps for a lot of the software, thus, when you write sudo apt install firefox that is actually an alias for “install firefox from snap”. Snaps get installed locally, not on the system (globally, for all users), but as a user, so you really can’t do much damage when you actually didn’t do anything to the system in the first place.

        Do sudo shit on any other distro that doesn’t have a company behind it, see what happens.

        • fmstrat@lemmy.nowsci.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          True, but not actually the reason, it’s because Debian doesn’t discourage the use of the root account, and su is used instead of sudo.

            • fmstrat@lemmy.nowsci.com
              link
              fedilink
              English
              arrow-up
              1
              ·
              2 months ago

              Because if you have sudo, you have root. Side effect of being a server system, too. During install, if you specify a root password, sudo is not installed. If you don’t, it is. Ubuntu just defaulted to the latter.

              • 0x4E4F@sh.itjust.worksOP
                link
                fedilink
                English
                arrow-up
                1
                ·
                2 months ago

                So that is why I always have to install sudo manually 🤦.

                And I think older versions also left you at root, you had to define a user account manually. I think that’s not the case now as I recall (I haven’t installed Debian in a while).

                • fmstrat@lemmy.nowsci.com
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  2 months ago

                  Yea I switched from Ubuntu on my past few installs to avoid snaps. Glad I did, basically the same experience.