Learning Linux
- 
 I'm building an ELK stack on CentOS 7. 
- 
 @Dashrender said: Please explain. As I understand it (linux noob here) su is used to run as root where your normal account doesn't have the needed permissions. su = switch user, it allows you to BECOME the other user by changing into that account. Analogous to quickly logging out and back in. sudo = run a command as another user, analogous to Windows "Run As Administrator". It's so that you can run a single command with elevated privileges and not have the entire account be a root level shell. So you don't run things as root accidentally. 
- 
 @Dashrender said: Are you implying that I should have it set some way that when invoking su my user already has permission to do so and therefore isn't verified via the password for root? Correct, in reality to get to su you should be using sudo such as.... sudo -i su
- 
 what prevents a rouge program that's running as me from doing that very thing and gaining root access since they don't have to type in a password? 
- 
 @Dashrender said: I'm building an ELK stack on CentOS 7. The all you do is add your user to the "wheel" group. Wheel is the name of the administrators group. Has been in UNIX since the days of yore. Then in the /etc/sudoers file you just uncomment the field that allows WHEEL access to ROOT with NOPASSWD. 
- 
 @scottalanmiller said: @Dashrender said: I'm building an ELK stack on CentOS 7. The all you do is add your user to the "wheel" group. Wheel is the name of the administrators group. Has been in UNIX since the days of yore. Then in the /etc/sudoers file you just uncomment the field that allows WHEEL access to ROOT with NOPASSWD. Thanks for that explanation - much better than just adding my name to the sudoers file - but I'm still wondering about the virus/malware protection. 
- 
 @Dashrender said: Thanks for that explanation - much better than just adding my name to the sudoers file Yes, that really should not happen. Not realistically. 
- 
 @Dashrender said: but I'm still wondering about the virus/malware protection. Don't go around browsing websites from your server. Problem solved  
- 
 With User Account Control in Windows, if my user has local admin rights, I still get prompted (normally) so even if some malware is trying to run, if I get an unexpected prompt I should be wary and most likely deny the access. Does something like that apply here? in a non gui, I'm not sure how it could. I'm probably over thinking it. In a CLI the only things that are running are those that I type. As for someone gaining access to my account, I guess I just need to make sure I have a good password. 
- 
 @Dashrender said: With User Account Control in Windows, if my user has local admin rights, I still get prompted (normally) so even if some malware is trying to run, if I get an unexpected prompt I should be wary and most likely deny the access. In Linux it will just fail, doesn't even prompt you. 
- 
 @Dashrender said: Does something like that apply here? in a non gui, I'm not sure how it could. I'm probably over thinking it. In a CLI the only things that are running are those that I type. This is what sudo does. It's just proactive instead of reactive. 
- 
 @Dashrender said: As for someone gaining access to my account, I guess I just need to make sure I have a good password. Or use a key. Or a key plus a password. Or add another for of two or even three factor authentication. 
- 
 Make sure you are running fail2ban. 
- 
 awesome, thanks... 
- 
 Had to be done 
- 
  
- 
 Ubuntu uses the sudo group instead of wheel, for some reason. Just a crazy desire to be non-standard. 
- 
 Where did wheel come from? 
- 
 @Dashrender said: Where did wheel come from? https://en.wiktionary.org/wiki/big_wheel big wheel (plural big wheels) (idiomatic) A person with a great deal of power or influence, especially a high-ranking person in an organization. She's a big wheel at IBM.
- 
 LOL - when I think of Big Wheels I think of a three wheeled vehicle for kids... 



