Documenting commands # or $ before sudo?

smo, 11 months ago

I have a fairly opinionated stance on this. Except in your sudo example where you’re specifically using sudo for a reason, I document all commands as non-root, and do not instruct them to raise privs. Whether or not they have, want or need privs, and how they raise them, is their system not mine.

It’s not exactly user friendly, but I don’t like to encourage people to blindly copy & paste commands that raise privs. That should be a conscious decision where they stop and ask themselves if & why it’s necessary.

reggie, 11 months ago

I dislike when documentations add sudo because what if I am root already or what if sudo is not installed on my machine and I cannot just copy and paste the lines because I have to avoid pasting sudo.

Also fyi ArchWiki also uses the # approach.

StudioLE, 11 months ago

Can’t you just select the text without the sudo prefix…?

bizdelnick, 11 months ago

# is a standard shell prompt for root, and only for root. For commands executed by any other user, including sudo, use $.

In general it is a bad practice to use sudo in documentation because in many distros it is not available by default. I would use su for your example. However system users have no passwords, so you need to become root first, and only after that change user to avoid prompting a password. So I would write

<pre style="background-color:#ffffff;">
<span style="color:#323232;"># su -s /bin/bash www-data
</span><span style="color:#323232;">$ cp /var/www/html/html1 /var/www/html/html2
</span>

or

<pre style="background-color:#ffffff;">
<span style="color:#323232;"># su -s /bin/sh -c 'cp /var/www/html/html1 /var/www/html/html2' www-data
</span>

But if you are sure that sudo is installed and configured on a user’s machine, you may write

<pre style="background-color:#ffffff;">
<span style="color:#323232;">$ sudo -u www-data cp /var/www/html/html1 /var/www/html/html2
</span>

exu, 11 months ago

Agreed that it’s bad practice to use sudo.
Very good idea using su. I never thought of using it like that before.

MimicJar, 11 months ago

I disagree completely.

The bad practice is running commands directly as root. It’s fine if you prefer for your own environment but sudo is the best practice.

Additionally, which distro doesn’t have sudo? I’m sure there are some but by far the majority of distos have and use sudo.

bizdelnick, 11 months ago

Bad practice is not using sudo (I do use it), but assuming that everyone has sudo installed and configured the same way as you have.

Additionally, which distro doesn’t have sudo? I’m sure there are some but by far the majority of distos have and use sudo.

Almost all distros have sudo. But many of them don’t install it by default. Most popular distros except Ubuntu (I mean Debian, Fedora and RHEL clones) provide a choice to user at install time: set the root password or install sudo and enable it for the admin user. In OpenSUSE sudo is installed by default, however it is configured in slightly different way than usually. Etc., etc.

418teapot, 11 months ago

I seem to be in the minority here but I personally prefer using $ and # to denote root. I like this because not everyone uses sudo and might not even have it installed.

That being said, if you already have other commands that are using sudo -u … to run commands as a different user then it might be best to just be consistent and prefix everything with it, but if there is only a few of those maybe a # cp foo bar && chown www-data bar is an alternative.

exu, 11 months ago

Yeah, being consistent is definitely important. I can avoid sudo in many cases, but there are other pages where half the commands need to be executed as some user.
My Nextcloud page has that problem where php scripts need to be executed by the right user. But it also contains the installation instructions and there I can avoid using sudo. It’s like a 50/50 split between using # and sudo -u on that page :/

ProxyZeus, 11 months ago

Personally i prefer the $ sudo because honestly i don’t always notice the symbol at the beginning but sudo is really easy to keep track of whats root and what isn’t

exu, 11 months ago

I hadn’t thought of it like that. Thanks

False, 11 months ago

Neither because it makes it hard to copy paste. If you have to pick one then $ because # is for comments in bash.

bjornsno, 11 months ago

You can just get around this by using some css tricks to display the dollar and pound signs.

exu, 11 months ago

It’s not actually part of the command, just some css to add the prefix visually.

beeng, 11 months ago

That’s OK then. If you can double click the text field the the prefix is not highlighted, then I’m happy :)

james, 11 months ago (edited 11 months ago)

Edit: looks like this is wrong lol, that’s what I get for not verifying. So maybe $ does make more sense!

Original message:

I think I’d go with #.

The non-root user probably doesn’t have permission to run the sudo command as www-data user, but root does.

Unless you previously set permissions for the non-root user to sudo as www-data.

bizdelnick, 11 months ago

The non-root user probably doesn’t have permission to run the sudo command as www-data user, but root does.

You are wrong. E. g. in Debian (and Ubuntu) the default sudoers file contains

<pre style="background-color:#ffffff;">
<span style="color:#323232;">%sudo   ALL=(ALL:ALL) ALL
</span>

that means that any user in the sudo group is permitted to execute any command as any other user. The same for redhat/fedora, but the group name is wheel there.

james, 11 months ago

lol thanks for the correction