• lemmyng
    link
    fedilink
    English
    arrow-up
    56
    ·
    1 month ago

    Still not as bad as chmod -R 777.

    • Dhs92@programming.dev
      link
      fedilink
      arrow-up
      29
      ·
      1 month ago

      Once had a friend run sudo chmod -R 777 / on a (public) Minecraft server we were running back in highschool. It made me die a bit on the inside.

    • masterofn001
      link
      fedilink
      arrow-up
      25
      ·
      1 month ago

      As a one time noob I may have done this once or more.

      To get one thing working I borked everything.

      Understanding permissions is pretty basic. But understanding permission requirements for system and user apps and their config and dirs can be a bit overwhelming at first.

      Thinking a little change to make your life simpler will break something else doesn’t always register immediately.

      Shit, even recently, wondering why my SSH keys were being refused and realising that somehow i set my private keys world readable.

      Thank god SSH checks file and dir permission.

        • InverseParallax@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 month ago

          Nah, there’s something broken, I think it’s because group render under the container has a different GID than the container so the acl fails and you either sudo or chmod.

          Lxc is still a little wobbly in places.

          • Possibly linux@lemmy.zip
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            1 month ago

            I use podman and since it runs as my user it has exactly same same permissions as me. I just add my user to the proper group and it works.

            Anyway for LXC you could just passthough a folder and then create a file. From there you can look at the file on the host to see who owns it. That will give you the needed information to set permissions correctly

            • InverseParallax@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 month ago

              Ahh, I’m running priveleged containers, I wrote my own scripted framework for containers around lxc in mostly python.

              Basically I fell head over heels in love with freebsd jails and wanted them on Linux, then started running x11 apps in them, it’s my heroin.

              Haven’t used podman outside proper k8s for work, did proxmox for a bit, but it was just a webgui for the same thing.

              There were a bunch of online bug reports about the /dev/dri issue, maybe there’s a better solution now, but since this is my workstation I wasn’t as worried about security.

    • flashgnash@lemm.ee
      link
      fedilink
      arrow-up
      8
      ·
      1 month ago

      Could you not just use root to give your user sudo? Seems like a pretty dumb restriction

      • HubertManne@moist.catsweat.com
        link
        fedilink
        arrow-up
        2
        ·
        1 month ago

        Possibly but my role was such Im really only supposed to be working on my project and not monkey with the server which is used by other projects. I don’t think it was a restriction I think it was just laziness by whoever set it up.

        • flashgnash@lemm.ee
          link
          fedilink
          arrow-up
          5
          ·
          edit-2
          1 month ago

          Fair enough. Got a colleague who sudo nanos everything then wonders why he keeps getting permission denied errors later lol

          • 0x4E4F@sh.itjust.worksOP
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            1 month ago

            …file in ~/.config

            - sudo nano /path/to/file… yeah, I wanna fucking save changes… OK, let’s see if it works… damn it, this distro fucking sucks man!

              • 0x4E4F@sh.itjust.worksOP
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                1 month ago

                Jesus 🤦…

                And this is why I never get bonuses. I just can’t be bothered with kissing upper management ass… tried it once… I walked out of the meeting with me telling them “less talking, more doing”… no one from upper management called me ever again. Even if they did have a computer problem, they just told the secretary to call me.

  • bruhduh@lemmy.world
    link
    fedilink
    arrow-up
    34
    ·
    edit-2
    1 month ago

    Sometimes your package manager asks you for root password every minute while doing few hours long update and cancelling process if you don’t enter anything for few minutes, “yay” aur manager looking at you, and you got to do other things than sit and look in the monitor all day long, things like cleaning house or touching grass for example

  • mlg@lemmy.world
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    1
    ·
    1 month ago

    Our crappy vendor software will only function if IPv6 is disabled network wide. Even if one machine has it enabled, the whole thing breaks

    Lol our former crappy vendor solution required to be run directly from AD Administrator. Pure luck the entire business didn’t collapse before we replaced it.

    A thread I read a long time ago on r/sysadmin

  • corsicanguppy
    link
    fedilink
    English
    arrow-up
    13
    ·
    1 month ago

    Wasn’t it 2017 where they had the race condition in sudo su as the command elevates up to root and drops back down?

    Every other year, sudo su was not unsafe but merely ghetto. ‘sudo su’ is the dutch-rudder of ‘sudo’.

  • barsquid@lemmy.world
    link
    fedilink
    arrow-up
    13
    ·
    1 month ago

    Reminds me of software saying to put your docker socket into the docker container you are starting for convenience.