I've lost sudo access and I don't really understand why

[Ralf Mardorf]

On Thu, 19 Mar 2020 15:29:40 +1100, Karl Auer wrote:
>That said, it's important that you keep opinion and fact distinct,
>otherwise less-experienced people on this list might mistake your
>opinions for fact.
>
>Using sudo with a disabled root account are IMHO good security
>practice. It is wrong of you to present your differing opinion as fact.

An install with or without an enabled root account suffers from the same
security risks regarding compromise of an account by hackers. The
original reason for disabling the root account was to provide better
security for those who came from another operating system, not
understanding the root account, thus might mistakes as e.g. starting a
graphical session as root or keeping a root terminal opened. However,
suppressing a root login by the display manager's greeter doesn't
require to disable the root account, it's possible to disable this even
with an enabled root account. A opened root terminal that is idle for
some time could automatically be closed. It all depends on a few
(default) settings. In the same way such settings could make an install
with an enabled root account as secure as with a disabled root account,
an install without an enabled root account could suffer from settings
that makes it really insecure, by allowing to use of sudo without a
password request.

FWIW even with an enabled root account sudo can still be used. Enabling
the root account does not mean that sudo has to be removed, so nobody
does lose sudo security policy features for different users. Those
security policy features don't get lost or even become less secure when
enabling the root account.

I don't claim that sudo is useless, just disabling the root account is
not required to fully benefit from sudo features.