Tuesday, November 12, 2019

permissions - How to use linux to not get crazy with root privileges



I've got a question for you today my dear Linux friends. I'm a windows user primarily. I use it for my work, watching movies, listening to music, playing games, browsing the net and everything else that comes to my mind.




I've got used to installing new software and development libraries in Linux. It's pretty handy. But one thing I still can't accustom to is this terribly irritating file management. I want to create new directory in let's say /opt folder where I've got lampp for web stuff located but *beep* I can't and same for the files but as you may guess I save files pretty often while making changes in code and it starts to be really problematic to always do things like that in the terminal and all the time typing the password(yes I know I can change sudoers to avoid that with visudo).



I can:




  • Change the permissions for the directory I want

  • Login permanently as root onto the system (like it works in Windows when on account with administrative privileges) but most of the people say it's dangerous??? Well I exactly know what do I do with my system

  • Run program as root with gksudo/sudo but if I run it couple of times through the day?




The question here is rather about work more specifically working with loads of files everyday: saving, removing, unpacking etc. It's pretty straightforward in Windows you just do this and there's no little angel telling you it's wrong and dangerous, it's bad and unsafe and you better don't do that!



I'd like to ask you how do you manage your system to avoid wracking the nerves while doing actions like archive unpacking, file saving or any other action that requires write privileges:




  1. Do you use terminal all the time and type password every time you want to do small thing?

  2. Or do you rather work as root in development process

  3. Or maybe you change the permissions for directory you want




I'd like to know what your workflow on Linux is especially in situations when frequent writing to particular directory available only to root is required. I would appreciate references to some useful tips how to setup a workspace in Linux I would be happy with. Can't life on Linux be easier?


Answer



Quick misconception:



In Windows, you can't log in as "root". You log in as a regular user, some of which (those in the administrative group) can request an elevated security token - very much like sudo on linux. Any time you see a UAC popup, that's the temporary elevation happening.






Windows and Linux actually work very much the same in this regard.




In both, you have a space to call your own: your user folder (C:\Users\\ or /home//).



Actions which only affect yourself all happen within this space (and a few other select spaces, such as /tmp on linux).



When doing software development, your workspace should be inside your home folder. No sudo or UAC prompts will be necessary.



Actions which affect the entire system require root privileges. In linux, you use sudo, and in Windows, you'll get a UAC prompt.



/opt/ is a system directory. Working inside of there is like working inside of C:\Program Files\ or C:\Windows\. Finished applications get put in there, configured once, and then run. They shouldn't be changed by regular users, and shouldn't require much tweaking after they are properly configured. If you try and create a folder in C:\Program Files\, Windows should prompt you to elevate with UAC unless you've disabled that.







If you're doing webdev stuff, it's common practice to configure /home//public_html/ to be exposed as http://localhost/~/ on a development machine. This allows each user to rapidly make and test changes in a local webserver.



This follows the above pattern of user-specific work happening in your user folder, and system-wide changes happening infrequently and requiring root.


No comments:

Post a Comment

hard drive - Leaving bad sectors in unformatted partition?

Laptop was acting really weird, and copy and seek times were really slow, so I decided to scan the hard drive surface. I have a couple hundr...