Feedback from a first time user

+1 for that !!!

1 Like

They have just logged in with a password, so they need to use it again oh well 
 just use webmin ACL

TBH, if I got to choose, every single thing should ask a for a password when doing things as “logged in as sudo user”, but I understand the massive outcry that would cause, but in a TERMINAL, yeah no, that should not just escalate to root without asking for pass or even informing me.

And using arguments like “I do not want to type in a long and complicated password” is not a valid argument in 2024.
Use a password manager if needed.

This is what a password should look like: xTEH5yX9XxWskn

Just think of a sudo enabled user loging into webmin as the equivalent of sudo -s, however if you don’t want the user to have a terminal just disable the terminal for the user and just allow them to use other webmin modules

And THAT is exactly my point.
Everything about that is NOT how you do things on linux.
Logging in with username and pass != sudo -s
Logging in with root credentials or TYPING sudo -s in a terminal is.

Not sure if you do not WANT to understand what I mean or


But I have made my point, and it seems something might change according to dev response.

Lets hope the is an option to disable this new feature if it is added

2 Likes

Looking at the Webmin users created, I think this whole argument is a red herring. Virtualmin creates defaults for servers, otherwise, they are manually added.

Take into account webmin only systems they react differently to systems with virtualmin installed

Virtualmin was mentioned in first post. But, if they don’t f’up the Virtualmin version of Webmin with this, well, OK. I know some distro’s seem to differentiate between regular and root terminal. That would be more of a logical choice in a management interface than making someone su.

I personally avoid all that by editing the sudoers an placing NOPASSWD:ALL
I believe this is set by default in RedHat and AlmaLinux not sure about Rocky though.
It is is something you need to set in Debian and Ubuntu.

I’m not getting what you mean by

Because you can do just about anything and everything you want


Edit: clicked on wrong quote to comment on


@jimr1, are you sure you want to log in as a sudo-capable user while having Terminal open as root? @anon50555658 has a point: if you’re logging in as a sudo-capable user, you should use sudo or su to elevate to root. This might not make much sense in the context of Webmin, but it does when working with Terminal.

If you want to be root, then just log in as root. Personally, I never liked using sudo-capable users. I prefer logging in as root and doing whatever I need directly.

1 Like

Why not just log in as root directly?

Only as a sudoer.I log in, But the way Webmin Terminal is set up it goes straight to root so it really doesn’t matter does it?

I actually can agree with @anon50555658 on this because its kinda misleading the purpose of logging in as a sudoer for webmin to begin with.

I have never used the actual user “root” to log into any server for the past decade or so


This is explained above. You can find all sorts of articles on why you shouldn’t use root to login to your system but use another privileged account to do so. Strange we’re talking about what one person finds bad practice by implementing what others find bad practice?

1 Like

Exactly! and all the thousands of kitty scripts knocking on your ssh port will back you up on that


Hackers have a better chance with “root” than a funky sudoer name you’ve created


Is there a reason why Terminal can’t login as the sudoer? Wouldn’t you just pass their credentials?

Even though I don’t disagree, that sounds like security through obscurity.

lol
 If I have a way to cut my chances by at least 50% it’s better than none, right?

I just fixed that yesterday. Now, sudo-capable users will open Terminal as their user and need to use sudo or su to escalate to root. root users will open Terminal as root.

5 Likes

That’s what we’re discussing changing. And, I tend to agree with bedna and Ilia that it is not intuitive. Webmin treats all sudo ALL capable users as root (which was to accommodate systems that don’t have a root user password set
Ubuntu started doing that by default a decade or so ago, leading the charge on that), but that’s not what users new to Webmin expect.

1 Like