I've lost sudo access and I don't really understand why

Thu Mar 19 16:17:32 UTC 2020

On Thu, 19 Mar 2020 14:23:34 +0100, Tom H wrote:
>On Thu, Mar 19, 2020 at 6:36 AM Ralf Mardorf via ubuntu-users
>> <ubuntu-users at lists.ubuntu.com> wrote:
>> On Thu, 19 Mar 2020 15:29:40 +1100, Karl Auer wrote:  
>
>
>>> That said, it's important that you keep opinion and fact distinct,
>>> otherwise less-experienced people on this list might mistake your
>>> opinions for fact.
>>>
>>> Using sudo with a disabled root account are IMHO good security
>>> practice. It is wrong of you to present your differing opinion as
>>> fact.  
>>
>> An install with or without an enabled root account suffers from the
>> same security risks regarding compromise of an account by hackers.  
>
>If root is enabled, a hacker only needs to get its password.
>
>If root is disabled, a hacker needs to get a username and a password

That's incorrect, you need to hack an account that is used for a
session in the first place. IOW you need to get access by a weakness,
not by logging in with username and password. The uid of root is 0 and
the uid of the Ubuntu flavour user who could gain superuser privileges
is always 1000, but it wouldn't make a difference, if it would get any
other uid, since this information and the _username_ is provided
without superuser privileges.

As long as you don't run a session as root, there's no difference.

First get access by a software or hardware weakness to a user session,
then try to get superuser privileges, if you didn't get it already
automatically, or at least access with or without those privileges to
the target. The user session might or might not already include the
target.

However, if superuser privileges via a password should be required, the
same password cracking would be required with or without root account
enabled.

A naive bash example how to get information about the users and their
groups without superuser privileges:

[rocketmouse at archlinux ~]$ for i in 0 1000 1002; do id $i; done
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),19(log)
uid=1000(rocketmouse) gid=1000(rocketmouse) groups=1000(rocketmouse),10(wheel),50(games),91(video),92(audio),93(optical),95(storage),98(power),100(users),150(wireshark),1003(vmanusers),992(realtime),108(vboxusers)
uid=1002(mary_jane_doe) gid=1002(mary_jane_doe) groups=1002(mary_jane_doe)

>When Ubuntu 4.10 was releasead, you couldn't enable root and login to
>the GUI as root without changing some settings.
>
>In both cases, disabling root was a simple security measure,
>independent of the potential newness of the users.

Please give an example.

Your claims are a little bit like arguing that Linux has got no standard
base is a security feature compared to UNIX alike operating systems
that follow a standard. Yes, there is LSB, but
"Debian strived to comply with the LSB, but with many limitations.[20]
However, this effort ceased around July 2015 due to lack of interest and
workforce inside the project.[21] In September 2015, the Debian project
confirmed that while support for Filesystem Hierarchy Standard (FHS)
would continue, support for LSB had been dropped.[22] Ubuntu followed
Debian in November 2015.[23]" -
https://en.wikipedia.org/wiki/Linux_Standard_Base#Limitations_on_Debian

Not every esoteric decision is a way in the right direction, nor is
missing unity a sign of diversity.

Again, sudo is useful, but it neither requires to disable the root
account to use it, nor to make an install more secure.