|author||Chloe Kudryavtsev <firstname.lastname@example.org>||2019-03-07 18:45:24 -0500|
|committer||Chloe Kudryavtsev <email@example.com>||2019-03-07 18:45:24 -0500|
[Working] Remove su-related TODO
The reality of the situation is kind of complicated. Canonical su(1) is based on PAM, and PAM can require whatever it wants. The default however, does not require a special group. Further, alpine uses busybox by default, which also has no such requirements.
1 files changed, 0 insertions, 1 deletions
diff --git a/modules/Working/pages/post-install.adoc b/modules/Working/pages/post-install.adoc
index 0cc7db0..cd562ba 100644
@@ -28,7 +28,6 @@ Once your user has been created, if the utility you used has not asked you to se
Sometimes, you'll want to do something that *does* require administrative powers.
While you may switch to a different tty and log in as root, this is often inconvenient.
You may gain root privileges ad-hoc using either the built-in busybox utility `su`, or the common external utility `sudo`, available in the package named the same way.
-// TODO: verify that `su` truly does not require any special group.
`sudo`, unlike `su`, will require additional configuration.
The `visudo` utility that comes with it allows you to safely edit the `sudoers` file which configures it.
The difference between `sudo` and `su` comes down to which side the permissions come from - `su` allows you to temporarily log-in as another user (and thus requires that you enter the password of the user you wish to log in as), while `sudo` allows you to perform commands (including login shells) as the target user, assuming the configuration gives you that right (meaning that your password is the one used for authentication).