[ec2-beta] document: EC2 Ubuntu sudo Guide

Soren Hansen soren at ubuntu.com
Tue Mar 10 19:15:47 GMT 2009 

On Tue, Mar 10, 2009 at 12:52:43PM -0500, Michael Greenly wrote:
>> Your statement begs the counter-statement: "It shouldn't do something
>> different than every other Ubuntu system unless there's some
>> advantage."
> The advantage is that rsync as root would work and that's an extremely
> likely activity given what this AMI is and how it will be used.

How do you use rsync differently on EC2 compared to a regular Ubuntu
Server install? Also, what is the particular difficulty here? Do you
have a specific use case?

The use of sudo is all about interactive logins.  If you need to log in
as root to do rsync, that's fine. Set up ssh public key authentication,
and you're good. I don't remember ever having to to that, though. I run
rsync as root (via crontab or sudo or whatever) on the destination
machine, and that's all I really need. 

> The problem is that none of the traditional 'sudo' advantages gain you
> anything at this point in this AMIs life cycle.
>
> This AMI doesn't represent a finished product that some one will login
> to and use for anything.
>
> It represents a blank slate that's a starting point from which a
> server will be configured and then re-bundled.

I don't think I follow? People can use these images as is for many
different purposes. Not everyone will rebundle.

> Had it been my decision it would have allowed root log in just like
> all other Linux AMIs.  Then I would of provide a connivance script to
> disable root login and instructions to use it prior to bundling.
> 
> This would have allowed all the conventional EC2 wisdom to just work and
> once the server was being used it would operate as an Ubuntu user/admin
> would expect.

10-15 years ago, virtually all linux documentation started with "log in
as root". :) As I said in my previous e-mail, I don't think that
"everybody else does it" is a very good argument for doing something. If
it were, nothing would ever improve or evolve.

-- 
Soren Hansen                 | 
Lead Virtualisation Engineer | Ubuntu Server Team
Canonical Ltd.               | http://www.ubuntu.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 315 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/mailman/private/ec2/attachments/20090310/a6f0ae9b/attachment-0002.pgp

More information about the Ec2-beta mailing list