Ubuntu

A Disturbing Trend

Leslie Marshall

2 min read

Recently I've been spending time setting up and administering an installation of Ubuntu as a server box. The machine itself is crammed into a corner of the tower room. That simple fact means that I am doing most of the work via a ssh session from my main workstation in the cave.

Considering it's been quite some time since I've lived this much in a bash shell I sometimes find myself having to look up relatively simple tasks. Don't worry, I am cresting the learning curve with a speed approximating that of a man running away from an angry bear.

Having said that, it's often that I exercise my GoogleFu to search for ways of accomplishing simple tasks. All that work of the man page writers gone to waste? Perhaps. But on to my point. The results returned by the owners of the internet often highlight YouTube videos that purport to provide a tutorial. I usually skip those results as I'm not visually oriented.

This morning I decided to actually check out one of these videos. What I discovered led me into a short investigation, in which I would:

  1. Think of something silly to search for
  2. Click on the first video link (if any).
  3. Become infuriated.
  4. Apply disinfectant to my forehead.

The following is an example of what I saw all too often.

All branding has been removed 

A few items to note:

  • Comments have been removed
  • A sidelight with branding that takes up 25% of visual space.
  • The runtime is just over 2 minutes.

AND IT SHOWS YOU THE WRONG WAY OF DOING THIS!

It instructs you to:

-sudo adduser <user_name>
-sudo visudo
-add the following to that file:
-<user_name> ALL=(ALL:ALL) ALL

The problem with this is that there is already a group called sudo in that very file which has these permissions. So this means you can simply use:

sudo adduser <user_name> && sudo usermod -aG sudo <user_name>

This creates the user and then adds that user to the group %sudo which already has the permissions set to ALL=(ALL:ALL) ALL. Why is this preferable to editing the sudoers file? Doing it this way leads to breaking the way security works in Ubuntu. It essentially grants full root access to that user without them having to explicitly claim such permission. Therefore, if you wish to revoke root access you must remember to also edit the sudoers file. Also it leads to loads of cruft in the sudoers file as you create application specific users. By using

sudo adduser <user_name> && sudo usermod -aG sudo <user_name>

you can revoke those privileges by simply doing a

sudo gpasswd -d <user_name> <group_name>

Why the incorrect method? Simple, it bulks up the runtime of the video. Thereby placing the branding in front of the viewer for longer. This brand is for a managed hosting company. They make the simple task of adding a user and assigning that user to a group seem like such a arduous chore. Subtly implying you need their services. In my quick review I found many such videos from various managed hosting and configuration "consultancies" promoted by the owners of the internet.

Now, don't get me wrong. I completely understand that people have to eat. Some of us earn our daily bread doing the "clickety clack" on a keyboard all day. But from my perspective it all comes down to providing value. After all, I've now taken up just as much of your time! Hopefully I've provided some value.

Sign up to get spammed every time I post.

Enter your email
Subscribe