<div dir="auto"><div>Security through Obscurity isn't a good methodology to adopt.</div><div dir="auto"><br></div><div dir="auto">It's kind of like my logic in the very early 00s, thinking that if my primary Windows partition were "D:/" instead of "C:/", I'd be safer. </div><div dir="auto"><br></div><div dir="auto">If you're concerned about a malicious script, then just don't ever run things without first reading them ... Which is why things like "PiHole" offer you the ability to pipe their setup script directly to BASH, but also warm about how dangerous that is.</div><div dir="auto"><br></div><div dir="auto">If anyone were to REALLY compromise your system, they are doing so with exploits that do not rely on the naked use of "sudo" ... Those folks are going to get you through buffer overflow attacks and other wildly ingenious ways I can't even begin to fathom. </div><div dir="auto"><br></div><div dir="auto">Disabling sudo and enabling an alias of the same function, will protect you from 14 year old kids on 4Chan, but not anyone who truly wants to do you harm.</div><div><br></div><div data-smartmail="gmail_signature">--<br>Thanks,<br>Alexander<br><br>Sent from my Google Pixel 7 Pro</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 9, 2024, 10:36 Michael <<a href="mailto:bmike1@gmail.com">bmike1@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">security so I don't get I script that say sudo -rf or..... I guess I don't really need to worry about that, huh?</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 9, 2024 at 1:33 PM Snyder, Alexander J <<a href="mailto:alexander@snyderfamily.co" target="_blank" rel="noreferrer">alexander@snyderfamily.co</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto"><div>Why? </div><div dir="auto"><br></div><div dir="auto">What's the end goal? What are you trying to achieve?</div><div><br></div><div>--<br>Thanks,<br>Alexander<br><br>Sent from my Google Pixel 7 Pro</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 9, 2024, 10:17 Michael <<a href="mailto:bmike1@gmail.com" target="_blank" rel="noreferrer">bmike1@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Good question! I want to disable sudo while allowing its alias to work<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 9, 2024 at 12:29 PM Snyder, Alexander J <<a href="mailto:alexander@snyderfamily.co" rel="noreferrer noreferrer" target="_blank">alexander@snyderfamily.co</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto"><div>I think I lost the thread of this discussion somewhere along the way. What is your desired outcome with this, Michael?</div><div dir="auto"><br></div><div dir="auto">Regardless of the journey, what are you hoping to achieve in the end?</div><div><br></div><div>--<br>Thanks,<br>Alexander<br><br>Sent from my Google Pixel 7 Pro</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 9, 2024, 09:09 Michael via PLUG-discuss <<a href="mailto:plug-discuss@lists.phxlinux.org" rel="noreferrer noreferrer" target="_blank">plug-discuss@lists.phxlinux.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">and I reinstalled my system and got sudo and my alias to work. ai told me to change the permissions of sudo but..... wait I could create an instance of sudo closer up the path and change it's permissions. that should work.</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 9, 2024 at 12:05 PM Michael <<a href="mailto:bmike1@gmail.com" rel="noreferrer noreferrer noreferrer" target="_blank">bmike1@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I'm not antisystemd but that is how ai told me to do it<div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 9, 2024 at 10:28 AM Ryan Petris <<a href="mailto:ryan@petris.net" rel="noreferrer noreferrer noreferrer" target="_blank">ryan@petris.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><u></u><div><div>I don't have an answer for you on the sudo bit, but I saw this in your history:<br></div><div><br></div><blockquote type="cite" id="m_3508710533381415960m_4083721018886439646m_-474134531843226826m_3397994638560171045m_-905229512052528013m_1974169775521838541m_5568813067175653973qt"><div dir="ltr"><div><div> 5 nano ~/set_time_after_internet.sh<br></div><div> 6 chmod +x ~/set_time_after_internet.sh<br></div></div></div></blockquote><div><br></div><div>Not sure if you're anti-systemd or not, but if you use systemd-networkd (or even NetworkManager) along with systemd-timesyncd, this is exactly what happens, the time is set after you get an internet connection.<br></div><div><br></div><div>At least on Arch, enabling systemd-networkd or NetworkManager will result in the services systemd-networkd-wait-online or NetworkManager-wait-online being enabled, which will complete once you have an internet connection; systemd-timesyncd will run after these services and thus the time will be set.<br></div><div><br></div><div>Yet another thing you don't have to worry about if you just embrace systemd...<br></div><div><br></div><div>On Tue, Jul 9, 2024, at 6:23 AM, Michael via PLUG-discuss wrote:<br></div><blockquote type="cite" id="m_3508710533381415960m_4083721018886439646m_-474134531843226826m_3397994638560171045m_-905229512052528013m_1974169775521838541m_5568813067175653973qt"><div dir="ltr"><div>here is my history so you can see what chatgpt directed me to do:<br></div><div><div>bmike1@bmike1-desktop:~$ history<br></div><div> 1 xkill<br></div><div> 2 ls /home<br></div><div> 3 ls /home/bmike1/b<br></div><div> 4 ls /home/bmike1/<br></div><div> 5 nano ~/set_time_after_internet.sh<br></div><div> 6 chmod +x ~/set_time_after_internet.sh<br></div><div> 7 crontab -e<br></div><div> 8 alias aliasforsudo to sudo<br></div></div><div><div> 9 nano ~/.bashrc<br></div><div> 10 source ~/.bashrc<br></div><div> 11 aliasforsudo ls /root<br></div></div><div><div> 12 nano ~/.bashrc<br></div><div> 13 source ~/.bashrc<br></div><div> 14 aliasforsudo ls /root<br></div></div><div><div> 15 source ~/.bashrc<br></div><div> 16 aliasforsudo ls /root<br></div></div><div><div> 17 sudo visudo<br></div><div> 18 nano ~/set_time_after_internet.sh<br></div><div> 19 chmod +x ~/set_time_after_internet.sh<br></div><div> 20 crontab -e<br></div><div> 21 aliasforsudo ls /root<br></div></div><div><div> 22 SUDO<br></div><div> 23 sudo<br></div><div> 24 sudo cp /usr/bin/sudo /usr/bin/sudo.bak<br></div><div> 25 sudo tee /usr/bin/sudo <<EOF<br></div><div> 26 #!/bin/bash<br></div><div> 27 echo "The sudo command has been disabled."<br></div><div> 28 EOF<br></div><div> 29 sudo mv /usr/bin/sudo /usr/bin/sudo.bak<br></div><div> 30 echo -e '#!/bin/bash\necho "The sudo command has been disabled."' | sudo tee /usr/bin/sudo<br></div><div> 31 aliasforsudo ls<br></div></div><div><div> 32 sudo ls<br></div><div> 33 # Create the dummy sudo script<br></div><div> 34 echo -e '#!/bin/bash\necho "The sudo command has been disabled."' | sudo tee /usr/bin/sudo<br></div><div> 35 which sudo<br></div><div> 36 sudo<br></div><div> 37 su<br></div><div> 38 aliasforsudo<br></div><div> 39 aliasforsudo<br></div><div> 40 aliasforsudo<br></div><div> 41 sudo<br></div><div> 42 isud<br></div><div> 43 visudo<br></div><div> 44 aliasforsudo visudo<br></div></div><div><div> 45 aliasforsudo<br></div><div> 46 aliasforsudo ls<br></div></div><div><div> 47 sudo ls<br></div><div> 48 aliasforsudo ls<br></div></div><div><div> 49 sudo ls<br></div><div> 50 echo -e '#!/bin/bash\necho "The sudo command has been disabled."' | sudo tee /usr/bin/sudo<br></div><div> 51 aliasforsudo mv /usr/bin/sudo /usr/bin/sudo.old<br></div></div><div> 52 echo -e '#!/bin/bash\necho "The sudo command has been disabled."' | aliasforsudo tee /usr/bin/sudo<br></div><div> 53 aliasforsudo bash -c 'cat > /usr/bin/sudo <<EOF<br></div><div><div> 54 #!/bin/bash<br></div><div> 55 echo "The sudo command has been disabled."<br></div><div> 56 EOF'<br></div><div> 57 echo -e '#!/bin/bash\necho "The sudo command has been disabled."' > sudo<br></div><div> 58 aliasforsudo mv sudo /usr/bin/sudo<br></div></div><div> 59 aliasforsudo ls<br></div><div><div> 60 su<br></div><div> 61 aliasforsudo ls<br></div></div><div><div> 62 sudo ls<br></div><div> 63 aliasforsudo passwd root<br></div></div><div><div> 64 su<br></div><div> 65 aliasforsudo sudo<br></div></div><div> 66 aliasforsudo ls<br></div><div><div> 67 sudo ls<br></div><div> 68 aliasforsudo visudo<br></div></div><div><div> 69 history<br></div><div>bmike1@bmike1-desktop:~$ <br></div><div>switced user because sudo disabled<br></div></div><div><div>root@bmike1-desktop:/home/bmike1# history<br></div><div> 1 mount -oremount,rw /<br></div><div> 2 cp /usr/bin/sudo.bak /usr/bin/sudo<br></div><div> 3 chmod 4755 /usr/bin/sudo<br></div><div> 4 visudo<br></div><div> 5 mount -o remount,rw /<br></div><div> 6 cp /usr/bin/sudo.bak /usr/bin/sudo<br></div><div> 7 chmod 4755 /usr/bin/sudo<br></div><div> 8 su cmike1<br></div><div> 9 su bmike1<br></div><div> 10 sudo rm /usr/local/bin/sudo<br></div><div> 11 sudo rm /usr/local/bin/sudo_custom<br></div><div> 12 rm /usr/local/bin/sudo_custom<br></div><div> 13 nano ~/.bashrc<br></div><div> 14 which sudo<br></div><div> 15 rm /usr/local/bin/sudo<br></div><div> 16 which sudo<br></div><div> 17 sudo ls<br></div><div> 18 rm /usr/local/bin/sudo<br></div><div> 19 which sudo<br></div><div> 20 ls -l /usr/bin/sudo<br></div><div> 21 nano ~/.bashrc<br></div><div> 22 rm /usr/local/bin/sudo<br></div><div> 23 which sudo<br></div><div> 24 apt update<br></div><div> 25 apt install --reinstall sudo<br></div><div> 26 sudo ls<br></div><div> 27 apt update<br></div><div> 28 apt install --reinstall sudo<br></div><div> 29 which sudo<br></div><div> 30 sudo ls<br></div><div> 31 rm /usr/local/bin/sudo 2>/dev/null<br></div><div> 32 ls -l /usr/bin/sudo<br></div><div> 33 sudo ls<br></div><div> 34 visudo<br></div><div> 35 echo $PATH<br></div><div> 36 unalias sudo 2>/dev/null<br></div><div> 37 sudo<br></div><div> 38 chmod 4755 /usr/bin/sudo<br></div><div> 39 sudo<br></div><div> 40 echo "alias god='sudo'" >> ~/.bashrc<br></div><div> 41 source ~/.bashrc<br></div><div> 42 aliasforsudo ls<br></div><div> 43 tail -f /var/log/syslog<br></div><div> 44 apt --fix-broken install<br></div><div> 45 fg<br></div><div> 46 history<br></div><div>root@bmike1-desktop:/home/bmike1# su bmike1<br></div></div><div><br></div></div><div><br></div><div><div dir="ltr">On Tue, Jul 9, 2024 at 7:46 AM Michael <<a href="mailto:bmike1@gmail.com" rel="noreferrer noreferrer noreferrer" target="_blank">bmike1@gmail.com</a>> wrote:<br></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>chatgpt is being stupid. A couple of days ago it showed me how to create an alias for sudo and then disable sudo while letting the alias work. Well, I had a power fluctuation and that caused my box to to start booting into busybox. So I reinstalled my system and now chatgpt doesn't know how to disable sudo while allowing it's alias to work. So I turn to you.<br></div><div><br></div><div><span>--</span><br></div><div dir="ltr"><div dir="ltr"><div><div dir="ltr"><div><span style="font-size:12.8px">:-)~MIKE~(-:</span><br></div></div></div></div></div></div></blockquote></div><div><br></div><div><br></div><div><span>--</span><br></div><div dir="ltr"><div dir="ltr"><div><div dir="ltr"><div><span style="font-size:12.8px">:-)~MIKE~(-:</span><br></div></div></div></div></div><div>---------------------------------------------------<br></div><div>PLUG-discuss mailing list: <a href="mailto:PLUG-discuss@lists.phxlinux.org" rel="noreferrer noreferrer noreferrer" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br></div><div>To subscribe, unsubscribe, or to change your mail settings:<br></div><div><a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer noreferrer noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a><br></div><div><br></div></blockquote><div><br></div></div></div></blockquote></div><br clear="all"><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><span style="font-size:12.8px">:-)~MIKE~(-:</span><br></div></div></div></div></div>
</blockquote></div><br clear="all"><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><span style="font-size:12.8px">:-)~MIKE~(-:</span><br></div></div></div></div></div>
---------------------------------------------------<br>
PLUG-discuss mailing list: <a href="mailto:PLUG-discuss@lists.phxlinux.org" rel="noreferrer noreferrer noreferrer" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a><br>
</blockquote></div>
</blockquote></div><br clear="all"><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><span style="font-size:12.8px">:-)~MIKE~(-:</span><br></div></div></div></div></div>
</blockquote></div>
</blockquote></div><br clear="all"><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><span style="font-size:12.8px">:-)~MIKE~(-:</span><br></div></div></div></div></div>
</blockquote></div>