Questions about Debian

Yes I installed Debian 12 Cinnamon from the LInux Collections USB-iso. Very nice! Cinnamon Desktop feels like Linux Mint. Oh, there is a Gnome Software Center for installing packages.

Now, I am trying to get Wordpress Jetpack Desktop Api/Package installed. An after thought is that I had 2 step verification set up with an Flatpak Open Source Package called : Belmoussaoui.Authenticator which is available via the Flathub repository for Debian.

I checked, FlatPak Command is not installed. In order to install this B...Authenticator Flathub Package, I need to use FlatPak command, and to install the FlatPak Command I need to use Sudo.

Following the recommended and secure way to manage users, I use a standard user daily. Well I tried the sudo comand in the Standard User,.. not correct password and not in the sudoers file list.

As you can probably see, I don't use the Sudo command very often. I did one time successfully, but since then had read of updates to the Sudo Command.

My question is. Where do I get the correct and up to date information about using Sudo?

It is not in the hardcopy book I bought- "The Debian's Administrator's Handbook". I copied articles about Sudo from Its Foss, Linux Handbook, Techmint, GeeksforGeeks, HowToGeek , AskUbuntu... TLDR- The Linux Documentation Project provided the Man pages for 'su', 'sudo', sudoers'... but so much is old on that site. Whenever I need to learn a new command, the Man pages are sometimes a bit brief, I need examples. I did search the Debian Forum for Sudo and of course too many results going in so many different directions appeared... Ha!

With Sudo, I really need to understand the larger picture and the details so I don't mess things up. So I go on a treasure hunt over the internet searching.... Sometimes that hunt can take several sessions on a few days. I will say I have not read all of these articles, yet. I get many and compare to make sure I got the right comand info and syntax.

I just thought I would ask. Maybe there is a better way. Where do I go for the most Up to Date information on Debian Linux Commands?

Thanks in advance, rainbowoflight
 


is there not an authentication app in the software manager

otherwise run in order
sudo apt update && sudo apt -y install flatpak
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
flatpak install flathub com.belmoussaoui.Authenticator
flatpak run com.belmoussaoui.Authenticator
 
Yes I hope its just paranoia, and not the other case scenario. Yes I have tried Tails Linux from a usb stick. I want to explore that more.
Blessings and thanks,
It is paranoia. The outgoing administration wasn't great either.
 
<snip>

Following the recommended and secure way to manage users, I use a standard user daily. Well I tried the sudo comand in the Standard User,.. not correct password and not in the sudoers file list.

As you can probably see, I don't use the Sudo command very often. I did one time successfully, but since then had read of updates to the Sudo Command.

My question is. Where do I get the correct and up to date information about using Sudo?

It is not in the hardcopy book I bought- "The Debian's Administrator's Handbook". I copied articles about Sudo from Its Foss, Linux Handbook, Techmint, GeeksforGeeks, HowToGeek , AskUbuntu... TLDR- The Linux Documentation Project provided the Man pages for 'su', 'sudo', sudoers'... but so much is old on that site. Whenever I need to learn a new command, the Man pages are sometimes a bit brief, I need examples. I did search the Debian Forum for Sudo and of course too many results going in so many different directions appeared... Ha!

With Sudo, I really need to understand the larger picture and the details so I don't mess things up. So I go on a treasure hunt over the internet searching.... Sometimes that hunt can take several sessions on a few days. I will say I have not read all of these articles, yet. I get many and compare to make sure I got the right comand info and syntax.

I just thought I would ask. Maybe there is a better way. Where do I go for the most Up to Date information on Debian Linux Commands?

Thanks in advance, rainbowoflight
The default sudo configuration file in debian is /etc/sudoers. In that file is the following with the instructive comment:
Code:
# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

Therefore, all one needs to do to be able to use sudo is to become a member of the sudo group. That is configured with the following commands where first one becomes the root user, then adds the relevant user to the sudo group which will be specified in the /etc/group file after the usermod command has been run:
Code:
su -
Then:
Code:
usermod -aG sudo <username>
Then one needs to reboot or logout and login again for the configuration to take effect. Note that <username> refers to the actual username, e.g. tom. The pointy brackets are not included since they just indicate a parameter is being referred to.

To check whether the user is a member of the sudo group, run the groups command as in the following example where the output shows that user tom is a member of the sudo group:
Code:
[tom@fin ~]$ groups
tom adm tty cdrom floppy sudo audio dip video plugdev users netdev bluetooth lpadmin scanner pipewire systemd-journal
Using this method one doesn't need to touch the /etc/sudoers configuration file.
Note that when sudo asks for a password, it's the user's password it's asking for, not root's.

Since you mentioned the Debian Administrator's Handbook, it outlines another means of achieving sudo for a user in section 8.9.4. as follows:

8.9.4. Sharing Administrator Rights

When installed, the sudo package gives full root rights to members of the sudo Unix group. To delegate other rights, the administrator must use the visudo command, which allows them to modify the /etc/sudoers configuration file (here again, this will invoke the vi editor, or any other editor indicated in the EDITOR environment variable). Adding a line with username ALL=(ALL) ALL allows the user in question to execute any command as root.

One needs to become root, as in the above code with the su command, then run:
Code:
visudo
As described in the above quote from the handbook, add the following line to the /etc/sudoers file:
Code:
<username> ALL=(ALL) ALL
where <username> is the name of the relevant user, e.g. tom
One could also use: <username> ALL=(ALL:ALL) ALL

Note that when running visudo, in debian it's likely that the default text editor it opens is nano, so one needs to be able to save and exit using nano's commands. After modifying the file as described above, press:
crtl+x
nano will ask: Save modified buffer?, so press
y
nano will name the file to write with: File name to write: <filename>, so press:
<enter>
The file should be written.
Again, to activate the amended sudo facility, logout and login or reboot.

If by chance, you don't know your root password, then that has to be fixed before any of the above is possible.
 
Last edited:
dons mod hat

Reminder: Political discussion is not allowed. Thanks.
 
Sorry, coming late to the party.
What is it with LMDE and privacy concerns?
 
But once there it will last at least two years or longer.
What's up buddy. Hey can you elaborate on this? Is it no good after that?
 
What is it with LMDE and privacy concerns?
Personally, I don't think there are any more than most Linux systems, Linux is inherently more secure than the likes of Windows, Google,Android, & etc
Because those moving mainly from Windows, have had it drummed into their skulls that you must have a firewall antivirus, & mailware filters, they can't understand why most of Linux users only have a firewall,

Now let us be honest, Linux is inherently more secure, IT IS NOT 100% secure, to make any computer system totally secure then you need to first, remove the secondary component situated betwixt the seat back and keyboard, as that is by far the weakest part of the system
 
Personally, I don't think there are any more than most Linux systems, Linux is inherently more secure than the likes of Windows, Google,Android, & etc
Because those moving mainly from Windows, have had it drummed into their skulls that you must have a firewall antivirus, & mailware filters, they can't understand why most of Linux users only have a firewall,

Now let us be honest, Linux is inherently more secure, IT IS NOT 100% secure, to make any computer system totally secure then you need to first, remove the secondary component situated betwixt the seat back and keyboard, as that is by far the weakest part of the system
I see, so still the same old song.
Bootkitty came around in the news, but most computers should have the BIOS patched up I believe.
 
What's up buddy. Hey can you elaborate on this? Is it no good after that?
Yes, it's still good, Just that normally debian team releases a new stable about every two years. But not always. So it good and will be updated for quite some time even after new stable is announced. It's just a stable distro that keeps on keeping on :)
 
Hi All,

Its so exciting to receive replies. You all want to help. That is really a show of a nice community.

Brickwizard- yes there is a few authenticator apps in the software center.
I had a good laugh when I was able to resolve the following:
Immediately after installing one of the authenticator apps a pop up window appeared and said this:

"Unlock Login KeyRing--- Authentication required. The password you use to login to your computer no longer matches that of your login KeyRing. Enter Password."

Well I entered all my passwords and it did not like it. Luckily this was easily resolved by uninstalling the app. This app is called "numberstation" Interestingly once un-installed the Software Center page for the app did not reappear, instead a black circle with a horizontal white line appeared. It was sort of like those European road signs. I have a picture of it. Not sure where to report this error...

Blessings! Rainbowoflight
 
Hi Again,
1- I am reacting out to Wordpress in hopes they will help me access my account without the 2step authentication....

2- I wanted a better solution than 2step authentication to my cell phone. Cell phones are so easily misplaced or ... they are just a target for the unwanted hacker.

3- I guess there are times when I want to reinstall a fresh version of Linux quickly. If I goof and loss some functionality. To spend time on or go back into a partially functioning system to go through all the authentication-accounts could be disastrous.

4- I can have the 2 step authentication on an old iPhone without a SIM card and stays on the premises. Then Apple is constantly checking in on that phone.

5- It would be nice to have a Raspberry Pi do the authentication via wifi or wired, and also make it a music box... I know there are music box RaspberryPi case articles and programs I saw them. Not sure if there is an authentication app that can do the trick on a Pi. More treasure hunting, a learning curve. It can become a goal, not an immediate fix.

In the mean time. I really like all of the encouragement to use Sudo. I really like the way to add a user into the Sudoers file without editing the file. I don't feel that comfortable with adding or changing that file yet. I am in the learning stage.

Interms of Linux that means reading stuff I don't quite understand, just exposing myself to the ideas.

In reading I have found that the Sudo suite of commands does allow for very specific customization by user. There is an example file of customization within the "Debian File System" in Debian 12 Bookworm. There is an example of a large corporation management on https://www.komar.org/pres/sudo/ it was linked from sudo.ws site. The gist was that the Sudo suite of commands has the intention of allowing a SuperUser Administrator to safely distribute limited tasks among other users without increasing risk to the whole system. Just amazing. And the https://www.sudo.ws/docs/man/sudoers.man/#SUDOERS_FILE_FORMAT file explains how to do it. I skimmed through this explanation but it may still be way over my head. Ha!

I am a standard user not a real strong administrator yet. So its a bit crazy to take on the full breadth of the administrative commands in Sudo. it just creates risk exposure if I am to go over the internet to sudo apt -y install flatpak.... (Thanks for the -y option the yes option) I probably need yes to all questions...

Perhaps I will create a 3rd user to do admin-assistant tasks like adding packages. Then I can temporarily add that admin-assistant to the sudoers just to do these operations. And un-sodofiy the admin-assist to be a standard user again.

This way I can leave my standard account safely alone. It is where all my data is stored.... That is before I know how to customize that sudoers' file... This can be my temporary fix. Really I probably only need access (as far as I know) to APT Command.

But there are more ways to skin a cat- "Make Use Of" has an article for alternatives to sudo: https://www.makeuseof.com/sudo-alternatives-linux/

This article suggests: 1- pkexec 2- doas 3- su 4- dzdo (mostly Oracle Linux)

There was a suggestion somewhere in the articles that I have read about using FireJail a container instead of going loopy trying to figure out how to configure Sudoers file. Because there were some tech forum articles asking about sudoers configurations and they were getting a bit loopy, they them selves were admitting that it was not such a good fix. Or they did not understand I don't know. All I know is they did not feel like they found a solution.

This means I definitely need advise from you as to the best way to march forward learning.... and applying.

I have read your replies quickly.
Now I will go through them with more care.
I may have missed juicy details and helpful information.

Blessings, Rainbowoflight
 
Debian and other Linux distros sometimes tie the login keyring to the original user password, and changes to the password can cause confusion like the one you encountered.

Is this really tied to the Distro? Or the desktop?

I've noticed in the Distro I use, keyring is a thing in KDE, but is virtually non-existant in MATE.
Also it seems on several distro's, if you don't install a Xwindows GUI ( command line only )
no keyring is used. ( I suppose you could install it after the fact if you wanted ?)
I notice Gnome calls it keyring, but KDE calls it wallet.

I don't know, just curious.

Edit: It seems if you already have desktop environment installed, and then use the command line console,
then somethings still apply.
 
Last edited:
Is this really tied to the Distro? Or the desktop?

I've noticed in the Distro I use, keyring is a thing in KDE, but is virtually non-existant in MATE.
Also it seems on several distro's, if you don't install a Xwindows GUI ( command line only )
no keyring is used. ( I suppose you could install it after the fact if you wanted ?)
I notice Gnome calls it keyring, but KDE calls it wallet.

I don't know, just curious.

Edit: It seems if you already have desktop environment installed, and then use the command line console,
then somethings still apply.
I'm pretty sure it's dependent on both, though I would have to say DE-tied if I had a gun to my dead...

Some DEs like Gnome and Cinnamon will be heavily integrated with gnome-keyring (thus I assume the same with KDE and wallet), others like XFCE4 (and maybe MATE -- IIRC didn't they have a mate-keyring or something?) don't even have their own (XFCE4 uses gnome through gnome services).
So it'll be more tied-in based on the DE, but the distro may package it in a less-than-modular fashion and add it as a dependency for a DE that wouldn't normally use/support it. Example case: Debian ships gnome-keyring with XFCE4, though luckily I can remove it without killing my desktop. Since I don't use Gnome, I have no idea if removing gnome-keyring would cause drama with some Gnome Apps.

So that's why it's somewhat ambiguous. Depends on both.
 
Top