tags 905478 - moreinfo thanks Andreas Henriksson - 08.08.18, 21:58: > Control: tags -1 + moreinfo […] > On Mon, Aug 06, 2018 at 10:39:54AM +0200, Martin Steigerwald wrote: […] > > I understand that you wrote quite something in NEWS.Debian already. > > I lower the priority of the report to wishlist. It may still help to > > explain it to users a bit more carefully. But as I know some of the > > reasons now, I am fine with it either way. > > I only documented changed behavior in NEWS. I have no intention to > document long-standing best practises in detail in that file as it > does not belong in a NEWS file. I quickly mentioned 'su' vs 'su -' as > a hint for people to read up as many people still seem to be > unknowing of the difference. I think a better place to document this > is as Ted already suggested in some generic handbook.
Thing is here: It breaks existing workloads. And I have the gut feeling, not *just* mine. So no matter what long-standing, under-communicated, probably mostly undocumented best practices are in place in your opinion, it IMO is likely to produce an uproar with users once next Debian version is released. Anyway, I won´t be who may be addressed by this kind of uproar… and I am not responsible for taking care of your well-being or the well-being of anyone who may be addressed by it. I just think, providing some practical hints could help to smooth the transition for all those who used "su" for decades. > > I bet I will go with configuring sudo to take over SSH agent > > environment variables to the root session. As this is on my laptop, […] > Please summarize (in 2 or less sentences or I won't have time to read) I am not responsible for how much time you have. > what you still thinks needs to be done in util-linux package to close > this bug report! As things currently stand I'm leaning towards > tagging this wontfix and close the bug report because u-l is IMO not > the place to document generic sysadmin best practises. Well, I´d at least include some practical hints in next Debian release notes about this. This might also be a better place than within util- linux. So maybe reassigning to release notes would do. It could also be in README.Debian of util-linux of course For example how to make available certain environment variables via other means: % cat /etc/sudoers.d/defaults Defaults env_keep+=SSH_AUTH_SOCK (edited with visudo -f) [moved downwards] > […] Please lock your root account today and stop using su. […] I do not intend to lock the root account, I see no reason to. Instead I did the following on my laptop: Defaults rootpw Defaults timestamp_timeout=0.5 I know this may not be suitable for different scenarios. (So at least there is some documentation that may ease migration for people who used "su" for decades, at least in this bug report.) Ciao, -- Martin
