• vsis@feddit.cl
    link
    fedilink
    English
    arrow-up
    34
    ·
    1 year ago

    wrong: you press esc multiple times to make sure you are in normal mode.

    • hemko@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      22
      arrow-down
      1
      ·
      1 year ago

      You shouldn’t really use editor with sudo, but instead use sudoedit to edit files restricted to root user

      SUDO_EDITOR=nano sudoedit /etc/fstab

      This accomplishes the same function while running the text editor as unprivileged user

      • Doctor xNo@r.nf
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        2
        ·
        edit-2
        1 year ago

        Why?

        Files from user: nano

        Files from root: sudo nano

        Files from another user: sudo nano (and if new sudo chown after)… 😂

        Never had any problems with this in over 10 years… 😅😂

        • Hawk@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          14
          arrow-down
          2
          ·
          1 year ago

          Doing sudo nano will not load your user configuration, sudoedit will. I had plenty of problems with this, but I assume you don’t have any custom configuration.

          • Samuel C@lemmy.world
            link
            fedilink
            arrow-up
            8
            ·
            edit-2
            1 year ago

            One reason why sometime I don’t do sudoedit is that I make a lot of changes to the config/restart service/see it works/edit etc… sudoedit only write to the file when exiting, so that flow won’t work…

            for example when having adding a new host on nginx and some configuration and see if everything work (sudo vim/systemc nginx restart/curl https:// domain loop)

            but yeah in general i’ll just use sudoedit (which alias to se for me) for my root editing

          • Doctor xNo@r.nf
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            edit-2
            1 year ago

            I just have a root custom config too. 🤷‍♂️ This even allows me to easily use different configs for root than for the user.

            Made with ‘sudo nano’, fyi. 😂

        • hemko@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          2
          ·
          1 year ago

          As mentioned, to prevent running your text editor with root permissions. It’s just security optimization

          • Doctor xNo@r.nf
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            1
            ·
            1 year ago

            Let me rephrase my question:

            Why would I not want to open nano as root?

            No offense, but that sounds like more OCD behavior. 😅 I don’t need or want protection against myself, and I even loath the whole “that’s not how you’re supposed to do it”-mentality of linux (where when commands know very well what you want, instead of doing it, just tell you you forgot something). 😅

              • Doctor xNo@r.nf
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                2
                ·
                edit-2
                1 year ago

                But, in that example:

                If I’m the admin it doesn’t matter I use it.

                If I’m not it’s not my problem that I could get more privileges than allowed. I’d probably even use the possibility then. 😅

                So it poses a risk if you allow none-admin users to do that on your system, but I still don’t see why I must choose to not use nano as root myself. 😅

                Anyway, good practice to me is ease-of-use instead of with 7 protections against things that rarely happen.

                Like, I’m pretty sure you are better protected from burglars if you also lock all doors inside your house, but I’m definitely not doing that either. 😅

                Edit: Also, if you have users on your system, just chroot/vroot/lxc them, so they be free to ‘sudo nano’ too… 😅

            • hemko@lemmy.dbzer0.com
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              1
              ·
              edit-2
              1 year ago

              It’s not any OCD behavior, but simply the best practices. You’ve probably at least minimally familiar with the principal of least privilege? The idea is to minimize scope of a potential problem , was it malicious attack or user error, by restricting access to minimum required to perform a task. It may feel like fighting pedantically (and I’ve been fighting this more than I’d care to) but it will save your ass one day.

            • scinde@discuss.tchncs.de
              link
              fedilink
              arrow-up
              2
              arrow-down
              1
              ·
              1 year ago

              It’s probably to protect against any potential security vulnerabilities in the text editor program itself, not to protect you from yourself.

                • scinde@discuss.tchncs.de
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  1 year ago

                  Sure, but sudo is specifically designed with security in mind as a security program, whereas text editors are not (although I am more likely to trust vim than vscode). Running a malicious program as the user and not as root can help mitigate the impact it could do, even though it will still be able to do a lot as a user.

              • Venia Silente@lemm.ee
                link
                fedilink
                English
                arrow-up
                2
                ·
                1 year ago

                You can say that just about anything.

                sudo grub sudo boot sudo root=/dev/disk/linux sudo kernel-6.1.image sudo init sudo elogind sudo xterm sudo bash sudo nano

                • scinde@discuss.tchncs.de
                  link
                  fedilink
                  arrow-up
                  3
                  ·
                  edit-2
                  1 year ago

                  Again, like I replied to the other comment, most of the programs you need root for are designed with security in mind and are inherently more secure and have less vulnerabilities than a non security focused program (that is not to say that it is impossible for a security program to have vulnerabilities -it certainly occurred before and keeps occurring- they just have a lot fewer). But even if you need root permissions for a non security focused program, you still shouldn’t let any program have it, the whole point is to minimize the surface of attack.

      • Huschke@lemmy.world
        link
        fedilink
        arrow-up
        8
        arrow-down
        1
        ·
        1 year ago

        Alternatively you could use my favorite approach, Visual Studio Code. Just open the file with it, edit it and upon saving you will be promoted if the file needs admin rights to save.

          • Huschke@lemmy.world
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            1 year ago

            Vscode does have a lot of shortcuts, so you could always study them in detail and impress others that way. 😅

        • MalReynolds@slrpnk.net
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Yup, s/vsc/kwrite/ personally, it’s lighter, but why shouldn’t I have a pretty for my config editing needs…

        • Doctor xNo@r.nf
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          1 year ago

          So for any supposedly malicious activity (infected) it wants to do, it just has to hold until you save and give admin access? 😅

          • Huschke@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            Yes, but if you want to argue along those lines, you could also have an infected version of vim on your system just waiting to do malicious stuff until you give it sudo access.

  • SigHunter@feddit.de
    link
    fedilink
    arrow-up
    24
    arrow-down
    2
    ·
    edit-2
    1 year ago

    until the moment you realize that somehow you are not on your native keyboard layout and where the hell is : and ! in this weird language??!

  • Im_old@lemmy.world
    link
    fedilink
    arrow-up
    11
    arrow-down
    1
    ·
    1 year ago

    Ok ok, I know it’s a meme, but gentle reminder that :x is :w and :q combined (save and exit). I got taught that in high school (it was a dec unix with real vt120 terminals) and luckily for me I remembered that even if I didn’t touch vi for a few years afterwards.