Actually the git clone was performed in /usr/src That directory does not have write permissions for a standard user, I consider that a good thing, so to write to that directory (or make changes with sed) you have to use sudo.
I suppose you could just do the git clone to your home directory, that would actually work just fine and sudo would no longer be needed for that part, but I chose to use the /usr/src directory, and do not see a problem with doing that.
As a linux user I am having a hard time understanding your dislike for sudo, logging into or switching to root user means that you are permanently having root privileges, which is what I see suggested in many older freepbx guides. Sudo on the other hand provides temporary root privileges which is a good thing as opposed to permanent root privileges.
My typical use of sudo is sudo su - which switches to root and loads root userās login environment.
If you keep sudoāing individual commands you are not preserving environment/state between them.
edit: I just learned that sudo -i is the same thing as sudo su - which I have been doing for years. That said, Iām sure the muscle memory will not easily allow me to change my ways, but you can do either one.
Itās NOT permanent, you want your user privileges back, just type
exit
if you are confused as to who you are, type
whoami
at any time, look at your prompt you will quickly notice the difference between the root prompt and the user prompt, you will see whatever ${PS1} in the current environment produces. (echo $PS1)
Thanks for the explanation. sudo su, or sudo -i could be used then. As I said in my other comment, using sudo su for the installation would be fine. I just dont like the idea of the root account being used directly. If somebody were to gain access to the machine as root user, then can install or do anything, such as setting up crypto mining on your machine, or using it as part of a botnet, etc.
Consider me a grandma who has sucked more than a few eggs
That is for normal use, if you clone into your home directory, you can ./configure and build asterisk but not install it as user, the prerequisites will also need root privileges , and as you been told many times, FreePBX install should be run in the root environment and not the user environment with elevated privileges.
No you shouldnāt run vlc as root, nor pulseaudio, nor chromium nor any number of other binaries, linux assumes a multi-user environment where each process has the minimum of what it needs, and wont conflict with two accounts running the same binaries, that is run-time stuff, here you should be the ābig boyā that wonāt screw things up.
When all is said and done, you will see that FreePBX and Apache et al are running safely as Asterisk, BUT to achieve that you just need to be root or suffer all the slings and arrows you have so far had to catch.
You do the same thing on a Mac or Windows when you install a program and have to provide the administrators password. Itās the same thing for the install of freepbx
I do not use Windows. Technically I do, but ONLY for a few games. 99% of the time I am on Linux. Just because Windows does something a particular way does not mean its the correct way.
I have never owned a Mac, but I know OSX is unix based, you mentioned issuing sudo occasionally on your mac so I would assume you are not logged in as user root by default.
I also know some distributions do not disable the root account by default like Ubuntu does, but I believe having the root account disabled is a good thing, and it seems so do the developers of Ubuntu because it has been that way for as long as I can remember.
I do not mean to start a debate on security, I am certainly not an expert in the matter, but sometimes things are obvious or not difficult to educate ones self on. I am not about to tell somebody else how to run their business or computer. I merely meant to express my opinion on the matter and its ok if others donāt agree with me.
Thatās not entirely true any moreā¦ not with Windows 10. As a network administrator, Iāve found that even the local administrator doesnāt have permissions to everything; such as some folders and registry keys. Those permissions are held by the local SYSTEM account.
ā¦ and that, my friends, is a whole new can of worms; running something as the system account instead of the local administrator.
To conclude this discussion, however, it is ābest practiceā to log on as a local user, and then use sudo to run elevated commands. That being said, however, if I have multiple steps to perform, I will usually su to get a root shell prompt, do my work, then exit.
For example, installing FreePBX needs to be done as root; and then you have to configure a bunch of settings, set some permissions, maybe make some symlinks.
Yes, you could do all that with sudu, or if you add yourself to the asterisk group, you could potentially do it with your normal account. For me, I use su to do all of thatā¦ if Iām just making one change, one command, Iāll use sudo.
Iād like to temper this with this statement thoughā¦ Iāve been running some form of *nix since 1986ā¦ broken more than my share of systems, learned what not to do.
If I need a ārootā session, I always log in as a āwheel groupā user and use āsuā to change to root. Most of the systems I run have multiple people that can perform admin actions. Using āsuā drops a note into the log files so I can tell who changed to root and did whatever they did. I resist using āsudoā - itās a hack and easy to misconfigure to allow people to get elevated access without a lot of oversight.
Of course, your mileage may vary and local rules make sense for local systems.
