9:43 another good tip is: !* is all arguments from the last command (not the command itself), super useful if you want to do a bunch of things to the same files !:1 is the first argument !:2 the second etc.. !:1-3 group of arguments !$ last argument !:0 the command only (0th argument)
hey , i just wanna say that your videos are so informative and easy to grasp ,especially for a beginner like me who is still tyring to learn the ABc of linux , a huge thanks buddy
Very informative video as usual, however, please note that allowing sudo access to apt (like in the example at @18:20) makes it trivially easy to escalate into a root shell (by appending -o APT::Update::Pre-Invoke::="/bin/bash" as an argument) and thus should be avoided.
@20:50 -- "NOPASSWD" What if there were some commands where you do not want to be asked for a password, and other commands where you do want to be asked for the password? How would that syntax be laid out in the sudoers file?
Just add multiple lines, one with NOPASSWD and the other without. There might be ordering issues, so try it and if it doesn't work one way, swap the NOPASSWD line before or after the other one for a given user.
Dear Jay thank you very much for all your work and effort educating us with your vast knowledge. I am making my first cybersecurity steps and your videos are an enormous help!
I just learned that if you alias sudo with a trailing space you can get sudo to recognize the aliases defined for the user invoking sudo. ( alias sudo=“sudo “ ) Note the trailing space.
@10:20 as he stated: normally you would not edit/modify that file. Not sure if the same for arch linux. But in artix linux it is required modify that file to uncomment (delete #) the wheel group to allow sudo in that group.
I know it’s been a year since you commented but if you see this … That was a question I had: what is the best practice? Is it best to just add users to sudo group and leave the file alone except for special circumstances?
As a Linux SysAdmin, I avoid using "sudo" for admin of Linux systems. With Debian Linux, "sudo" is not active by default, and the distro expects you to use the "root" account for maintenance. The preferred usage for "sudo" is for giving some elevated privileges to specific users, as you demonstrated. However, "sudo" isn't needed for working on Linux, and it comes down to preference - I feel you should have made that clear in your video. (I do agree that the root account shouldn't be accessible remotely, i.e. you need to logon to the machine as a regular user, then use "su -" to gain root after that.)
I am new to Linux and Im loving your content. I am interested in running Arch Linux. I just watched this video and I notice while going along that visudo is not found in Arch.
I've always pronounced it "pseudo," assuming it was GNU-style wordplay. It's a fake super user account, therefore: 'pseudo' (sudo). Does anyone else think of it this way? :)
Jay, as usual nice presentation. The problem I found when working was big companies like IBM saying "MQ/DB2/WAS/etc can only be updated from root NOT sudo" and we had a method to temporarily change root, turn on insane syslog give it to IBM and change it back after and hope they hadn't installed some pkexec.c elevation stuff. How would you approach that problem ? Thankfully I'm now retired
Another interesting thing is the use of the /etc/sudoers.d/ directory for custom setup. It's a more clear aproach and a better way to manage users and groups privileges.
Thanks! Can you please do an install and walk through of EndeavorOS for beginners that are interested in ARCH,pacman and the AUR but are intimidated by the are way installation?
Yes, there is a user jay. But no need to add him to the sudoers file specifically, because jay is a member of group sudo, which gets its authorisations from the settings for %sudo. In the sudoers file, % refers to a group.
I know this is old, but what's new is that in Debian-12, neither the 'adduser' command nor the 'usermod' command is available.even as 's -'. Any comment? (I enjoy your 'Learn Linux TV' posts!)
Hey Jay, I love your content bro, sorry, this is a bit unrelated, but while watching this video I was playing around and I ran HTOP and grepped for systemd on kali 2024. I slowed my system right down which I can't say I was surprised by. So I thought after a few seconds, I'll Control+C out of this. I did and all was well. I sort of accidentally knocked my mouse and noticed something odd. I noticed that the terminal started printing what I believe was my wireless mouse' current position in some kind of code (coordinates) that constantly changed depending on where I'd move the mouse. I'm a noob. I listen and watch and re-watch again and again to cement it in my head which is what I was doing (listening to you) while doing something else when I noticed this. Could just be my system. Maybe you can replicate it? Maybe you're already well aware of it? Maybe it's nothing? To me it was odd. I know to you it'll be nothing new but it was really interesting mate. Hey, thanks for the time you take and the energy you put in to educate and help others! We need more folks like you mate. Cheers
I love the way you teach, and I learn from you a lot, Thank you for all the great investment. and I will happy if you can create a video about NFS share from Linux to Linux\Windows.
Newish to Linux and I'm sure I should have more insightful questions by now, but what I really want to know is ... what's the font in your terminal emulator? I really like the @ symbol!
Hello, great video but i would like to mention that the last command for the NOPASSWD isn’t correct. I have give it a try and verify that the correct line to type is the next one. Suppose the user is called chris chris ALL=(ALL) NOPASSWD:ALL if you type as you describe then it want work. Al least on Raspberry os 64 bit latest official release chris ALL=(ALL:ALL) NOPASSWD: This will not work. Why?
Wrong syntax. You have not specified commands for the NOPASSWD directive. They way you have typed it, NOPASSWD: would be the only command that user could use. And the command NOPASSWD: doesn't exist, of course.
Unless I'm misunderstanding your comment, that CVE specifically refers to polkit not sudo. Unless you're referring to a vulnerability chain, but vulnerabilities and chaining vulnerabilities is not uncommon.
@@LearnLinuxTV I was basically referring to a comment in the Veeam Newsletter (formally "Veeam R&D Forums Digest"), trying to poke some fun: "Another way to look at it: that sudoers file was completely optional for the past 12 years, as anyone in the know could just run any command as root"
There's a "request assistance" page on the main website. But I'm already working on new Linode content, so it's possible that content might already address your question.
So you don't tell people how to install sudo since you have it already that is a bit messed up I thought this was LEARNING to do not I have it already if you don't tough sht
I've been a Linux user for 15 years without knowing some of the basics you're teaching. Thank you!
Me too!!!
9:43
another good tip is: !* is all arguments from the last command (not the command itself), super useful if you want to do a bunch of things to the same files
!:1 is the first argument !:2 the second etc..
!:1-3 group of arguments
!$ last argument
!:0 the command only (0th argument)
I'm using sudo for many years now. Thanks to your video I'm understanding the /etc/sudoers file for the first time.
Outstanding as always. I've been a Linux user for a few years now, but I always learn something from your videos. Thank you so much!
Love your Linux lessons - straight to the point without a lot of fluff. 👍 Fever distractions.
hey , i just wanna say that your videos are so informative and easy to grasp ,especially for a beginner like me who is still tyring to learn the ABc of linux , a huge thanks buddy
Channel underrated. Thanks for these lectures.
Thanks Sir..this video is really informative.. thanks again.
sudo -l command as well as visudo with different options of fixing the sudo file was fantastic!! 😃
Very informative video as usual, however, please note that allowing sudo access to apt (like in the example at @18:20) makes it trivially easy to escalate into a root shell (by appending -o APT::Update::Pre-Invoke::="/bin/bash" as an argument) and thus should be avoided.
I think you have the most, if not the only, useful linux channel. Thank you man 🙏
Awesome video as usual, I love this series. Thanks Jay!
THANK YOU THANK YOU THANK YOU! Really saved me SO much trouble! Subbed!
@20:50 -- "NOPASSWD"
What if there were some commands where you do not want to be asked for a password, and other commands where you do want to be asked for the password?
How would that syntax be laid out in the sudoers file?
Just add multiple lines, one with NOPASSWD and the other without. There might be ordering issues, so try it and if it doesn't work one way, swap the NOPASSWD line before or after the other one for a given user.
Thank you for the lecture
Great video! Now the thing i put or edit on sudoers files makes more sense. Hope in the future you tackle ACL.
I love you man , thank you so much for these videos. I have a question. In what order am I to go through the Linux essentials playlist ?
Thank you as always Jay! You're the best.
You are!
Dear Jay thank you very much for all your work and effort educating us with your vast knowledge. I am making my first cybersecurity steps and your videos are an enormous help!
I’m glad my videos are a great help to you. Thank you so much for your kind comment.
I just learned that if you alias sudo with a trailing space you can get sudo to recognize the aliases defined for the user invoking sudo. ( alias sudo=“sudo “ ) Note the trailing space.
Sweet, the for tip
Thx for tip
@10:20 as he stated: normally you would not edit/modify that file. Not sure if the same for arch linux. But in artix linux it is required modify that file to uncomment (delete #) the wheel group to allow sudo in that group.
I know it’s been a year since you commented but if you see this …
That was a question I had: what is the best practice?
Is it best to just add users to sudo group and leave the file alone except for special circumstances?
@@hvacmisadventures best practice is to leave it unless required otherwise.
@@Liam_Tomhet thanks man 🫡
It never gets to old ;)
As a Linux SysAdmin, I avoid using "sudo" for admin of Linux systems. With Debian Linux, "sudo" is not active by default, and the distro expects you to use the "root" account for maintenance. The preferred usage for "sudo" is for giving some elevated privileges to specific users, as you demonstrated. However, "sudo" isn't needed for working on Linux, and it comes down to preference - I feel you should have made that clear in your video. (I do agree that the root account shouldn't be accessible remotely, i.e. you need to logon to the machine as a regular user, then use "su -" to gain root after that.)
I am new to Linux and Im loving your content. I am interested in running Arch Linux. I just watched this video and I notice while going along that visudo is not found in Arch.
Great video Jay. I am a newbie, and I'm still trying to understand the commands in the terminal.
I've always pronounced it "pseudo," assuming it was GNU-style wordplay. It's a fake super user account, therefore: 'pseudo' (sudo). Does anyone else think of it this way? :)
Jay, as usual nice presentation.
The problem I found when working was big companies like IBM saying "MQ/DB2/WAS/etc can only be updated from root NOT sudo" and we had a method to temporarily change root, turn on insane syslog give it to IBM and change it back after and hope they hadn't installed some pkexec.c elevation stuff.
How would you approach that problem ?
Thankfully I'm now retired
Another interesting thing is the use of the /etc/sudoers.d/ directory for custom setup. It's a more clear aproach and a better way to manage users and groups privileges.
Thanks! Can you please do an install and walk through of EndeavorOS for beginners that are interested in ARCH,pacman and the AUR but are intimidated by the are way installation?
@Darren hey man I just switched from Ubuntu to Endeavour. That would be a great video.
i think this channel is more targeted towards server linux than desktop. For arch content u should ermano ferrari
I am new to linux, so I am sorry if I ask silly question. Isn't there a user jay in the system and if so shouldn't information about it be in sudoers?
Yes, there is a user jay. But no need to add him to the sudoers file specifically, because jay is a member of group sudo, which gets its authorisations from the settings for %sudo.
In the sudoers file, % refers to a group.
More videos like this, please!
Why is the 'jay' user not in the sudoers file?
jay is a member of the sudoers group
I know this is old, but what's new is that in Debian-12, neither the 'adduser' command nor the 'usermod' command is available.even as 's -'. Any comment? (I enjoy your 'Learn Linux TV' posts!)
Thanks Jay! Great content
Hey Jay, I love your content bro, sorry, this is a bit unrelated, but while watching this video I was playing around and I ran HTOP and grepped for systemd on kali 2024. I slowed my system right down which I can't say I was surprised by. So I thought after a few seconds, I'll Control+C out of this. I did and all was well. I sort of accidentally knocked my mouse and noticed something odd. I noticed that the terminal started printing what I believe was my wireless mouse' current position in some kind of code (coordinates) that constantly changed depending on where I'd move the mouse. I'm a noob. I listen and watch and re-watch again and again to cement it in my head which is what I was doing (listening to you) while doing something else when I noticed this. Could just be my system. Maybe you can replicate it? Maybe you're already well aware of it? Maybe it's nothing? To me it was odd. I know to you it'll be nothing new but it was really interesting mate. Hey, thanks for the time you take and the energy you put in to educate and help others! We need more folks like you mate. Cheers
With regard to that botched sudoers file, does the errant "ALL" affect just user tux, or is the file then just botched for all use?
neofetch next? :)
I love the way you teach, and I learn from you a lot, Thank you for all the great investment.
and I will happy if you can create a video about NFS share from Linux to Linux\Windows.
Very very good your explain. Thanks a lot
Is it possible to make specific sudo commands to require password
Is this for linux admin?
Anyway, if you do sudo, somehow it will consider your home directory as /root, how can I keep it as /home/user?
I'll leave the video with something New. Sudo !! Is a good one
how do i set password to my root when using ssh root@ip
nice video. tks
Guys help!!!!!
When I try to put my password, it says password invalid. I don't why tho cuz it's literally is my account password, what should I do?
I like to see ESXI with VM of Ubuntu GPU passthrough in this channel.
Newish to Linux and I'm sure I should have more insightful questions by now, but what I really want to know is ... what's the font in your terminal emulator? I really like the @ symbol!
Fira Code, I guess
@@adaum79 Amazing, thanks!
Hello, great video but i would like to mention that the last command for the NOPASSWD isn’t correct.
I have give it a try and verify that the correct line to type is the next one. Suppose the user is called chris
chris ALL=(ALL) NOPASSWD:ALL
if you type as you describe then it want work. Al least on Raspberry os 64 bit latest official release
chris ALL=(ALL:ALL) NOPASSWD:
This will not work. Why?
Wrong syntax. You have not specified commands for the NOPASSWD directive. They way you have typed it, NOPASSWD: would be the only command that user could use. And the command NOPASSWD: doesn't exist, of course.
Sudo? The thing that CVE-2021-4034 has made superfluous?
Unless I'm misunderstanding your comment, that CVE specifically refers to polkit not sudo. Unless you're referring to a vulnerability chain, but vulnerabilities and chaining vulnerabilities is not uncommon.
@@LearnLinuxTV I was basically referring to a comment in the Veeam Newsletter (formally "Veeam R&D Forums Digest"), trying to poke some fun:
"Another way to look at it: that sudoers file was completely optional for the past 12 years, as anyone in the know could just run any command as root"
Clear and concise!!!!!!!!!!!
How can I reach you I need to get some more lesson on linode
There's a "request assistance" page on the main website. But I'm already working on new Linode content, so it's possible that content might already address your question.
using linux for the first time, sudo asks me for a password, which password is that? the one that I use to log in or the super user one?
the one that use to log in
thank you for the content, A++++
Created a ‘tux’ user without any further changes and this user can reboot the machine running RaspberryOS - That doesn’t seem appropriate…
excelent!
Thnx
My pleasure :)
excellent thabkyou
Sudo win lottery
Get in line, lol.
great 👍; bis bis …
Great
sudo apt install doas, sudo dnf install doas, or sudo pacman -S doas is what I've heard is the best use of sudo.
doas* ;p
Q is a stupid option
can you tich me sir linux
So you don't tell people how to install sudo since you have it already that is a bit messed up I thought this was LEARNING to do not I have it already if you don't tough sht
As root "apt install sudo"
Edit: replace apt with your package manager dnf pacman etc
thx