+1 for that !!!
They have just logged in with a password, so they need to use it again oh well ⊠just use webmin ACL
TBH, if I got to choose, every single thing should ask a for a password when doing things as âlogged in as sudo userâ, but I understand the massive outcry that would cause, but in a TERMINAL, yeah no, that should not just escalate to root without asking for pass or even informing me.
And using arguments like âI do not want to type in a long and complicated passwordâ is not a valid argument in 2024.
Use a password manager if needed.
This is what a password should look like: xTEH5yX9XxWskn
Just think of a sudo enabled user loging into webmin as the equivalent of sudo -s, however if you donât want the user to have a terminal just disable the terminal for the user and just allow them to use other webmin modules
And THAT is exactly my point.
Everything about that is NOT how you do things on linux.
Logging in with username and pass != sudo -s
Logging in with root credentials or TYPING sudo -s
in a terminal is.
Not sure if you do not WANT to understand what I mean orâŠ
But I have made my point, and it seems something might change according to dev response.
Lets hope the is an option to disable this new feature if it is added
Looking at the Webmin users created, I think this whole argument is a red herring. Virtualmin creates defaults for servers, otherwise, they are manually added.
Take into account webmin only systems they react differently to systems with virtualmin installed
Virtualmin was mentioned in first post. But, if they donât fâup the Virtualmin version of Webmin with this, well, OK. I know some distroâs seem to differentiate between regular and root terminal. That would be more of a logical choice in a management interface than making someone su.
I personally avoid all that by editing the sudoers an placing NOPASSWD:ALL
I believe this is set by default in RedHat and AlmaLinux not sure about Rocky though.
It is is something you need to set in Debian and Ubuntu.
Iâm not getting what you mean by
Because you can do just about anything and everything you wantâŠ
Edit: clicked on wrong quote to comment onâŠ
@jimr1, are you sure you want to log in as a sudo-capable user while having Terminal open as root? @anon50555658 has a point: if youâre logging in as a sudo-capable user, you should use sudo
or su
to elevate to root. This might not make much sense in the context of Webmin, but it does when working with Terminal.
If you want to be root, then just log in as root. Personally, I never liked using sudo-capable users. I prefer logging in as root and doing whatever I need directly.
Why not just log in as root directly?
Only as a sudoer.I log in, But the way Webmin Terminal is set up it goes straight to root so it really doesnât matter does it?
I actually can agree with @anon50555658 on this because its kinda misleading the purpose of logging in as a sudoer for webmin to begin with.
I have never used the actual user ârootâ to log into any server for the past decade or soâŠ
This is explained above. You can find all sorts of articles on why you shouldnât use root to login to your system but use another privileged account to do so. Strange weâre talking about what one person finds bad practice by implementing what others find bad practice?
Exactly! and all the thousands of kitty scripts knocking on your ssh port will back you up on thatâŠ
Hackers have a better chance with ârootâ than a funky sudoer name youâve createdâŠ
Is there a reason why Terminal canât login as the sudoer? Wouldnât you just pass their credentials?
Even though I donât disagree, that sounds like security through obscurity.
lol⊠If I have a way to cut my chances by at least 50% itâs better than none, right?
I just fixed that yesterday. Now, sudo-capable users will open Terminal as their user and need to use sudo
or su
to escalate to root. root users will open Terminal as root.
Thatâs what weâre discussing changing. And, I tend to agree with bedna and Ilia that it is not intuitive. Webmin treats all sudo ALL
capable users as root
(which was to accommodate systems that donât have a root user password setâŠUbuntu started doing that by default a decade or so ago, leading the charge on that), but thatâs not what users new to Webmin expect.