Sudo - A rant

01/13/25 Recently, I was shown [this article](https://www.redhat.com/en/blog/sysadmins-dont-sudo) from David Both titled "Real sysadmins don't sudo" Now, I disagree with the article almost entirely. First off, my issues are with definitions: 1. What is a "real" sysadmin? 2. For that matter, what is a sysadmin? The article hints at a partial definition in the middle with "They lull the users—who are really System Administrators—into thinking that they are..." This tells me that the author thinks anyone with the capability to become root is a sysadmin, and a "real" sysadmin is, at a guess, someone who doesn't make mistakes. If that's the case, I've never met a real sysadmin in my life. *But that's not even what sudo is designed for.* I'll start from the top. > [!quote] To do so is a gross misuse of the sudo command. Sudo is developed to be flexible and adaptable to all environments. If you feel like you're misusing sudo, that's on *you* (or your environment maintainer) to fix. > [!quote] Part of being a system administrator and using your favorite tools is to use the tools we have correctly and to have them available without any restrictions. No, it is not. We (sysadmins) work within the constraints of our environment and corporate requirements such as security. We use the tools we have, not our favorites. Sudo is, first and foremost, a security tool. Its sole purpose in life is to limit access to a potentially dangerous system. > [!quote] I have a particular dislike for how the sudo facility is being used in some distributions, especially because it is employed to limit and restrict access by people doing the work of system administration to the tools they need to perform their duties. I sort-of agree with this on some level. Distrbutions include sudo as standard for three reasons: 1. People will blindly copy/paste commands from the internet and running into "sudo: command not found" is not good UX 2. Some software requires it to function 3. It's a sane system that dosn't interfere with the operations of a nominal OS Relying on sudo as a crutch to prevent you from damaging your systems means you're not using the system as it was designed, and it *will* fail you. > [!quote] We don’t need the training wheels in order to do our jobs. In fact, they get in the way. This is just pure gatekeeping. The idea here is that a "real" sysadmin doesn't need "training wheels" which is.. an interesting take on many levels. I don't even know where to begin here. > [!quote] This is supposed to make the user a little more careful about issuing commands that need elevated privileges such as adding and deleting users, deleting files that don’t belong to them, installing new software, and generally all of the tasks that are required to administer a modern Linux host. No, that is not why distros include it. See above. > [!quote] Forcing sysadmins to use the sudo command as a preface to other commands is supposed to make working with Linux safer. Using sudo in the manner it is by these distros is, in my opinion, a horrible and ineffective attempt to provide novice sysadmins with a false sense of security. ... Partially correct. When someone takes the time to configure it properly, this is how it works. Cyber teams love it, because it enforces one of the basic tenants of least privilege. That's what sudo is. Least privilege. That's the whole point. It does nothing more and nothing less. > [!quote] So let’s be clear about this—these distributions expect the user to perform all of the tasks of system administration. They lull the users—who are really System Administrators—into thinking that they are somehow protected from the effects of doing anything bad because they must take this restrictive extra step to enter their own password in order to run the commands. No. See above. This man has clearly never tried to login as the root user on a workstation. Remember all of those really terrible browser sandbox escapes that happened over the last some odd years and *keep happening*? You know, where a user loads a website and they're now infected with some 0-day? You want to run *that* as *root*? VLC also won't run as root- it performs a check at startup for this very reason. This is a person who obviously still lives in the times of hooking your Windows XP box directly to the internet. > [!quote] The reasoning behind this is that of the lazy sysadmin; allowing the users access to a command or two that requires elevated privileges and that they use constantly, many times per day, saves the SysAdmin a lot of requests from the users and eliminates the wait time that the users would otherwise experience. **NO**. It is, once again, a security tool designed to make security teams happy. Its entire purpose in life is to enforce least privilege. Sudo even provides logging and session replays *for security teams to review later*. > [!quote] The sudo facility was never intended to be used as a gateway for commands issued by a sysadmin. Actually, that's exactly why it was designed. > [!quote] Unix never says please. [...] We sysadmins login as root when we need to do work as root and we log out of our root sessions when we are done. More gatekeeping. Though I might (?) see what's going on here. The author is saying that users are sysadmins and that "real" sysadmins log in as root directly- therefore everyone is actually super cool and special and should just log in as root all the time, because who needs to be able to track who did what and when? *Sysadmin learns this one weird trick. Security teams hate him!* --- Okay, but really: As I mentioned before, sudo is a security tool meant to enforce least privilege and perform audit logging for security review later if needed. If you don't need these functions in your environment, that's perfectly fine. The system is flexible and designed to conform to your environment, even if that environment is effectively just a single user on their home laptop. By default, that's what sudo targets. If you want more, you'll have to configure it to do more. That said, planting your flag on the "I am a real sysadmin and therefore sudo is a constraint that nobody needs" hill is an odd choice and I don't think I would die there That's it. That's my thoughts.