fixing typos and minor adjustments to content

livialima · Apr 1, 2024 · 2a5aac8 · 2a5aac8
1 parent 4f45c50
commit 2a5aac8
Showing 1 changed file with 7 additions and 5 deletions.
diff --git a/docs/03.md b/docs/03.md
@@ -42,7 +42,7 @@ However, if you really, *really* want to use `root`, there are ways to do it in
 
 However, if you created a VM [locally](https://linuxupskillchallenge.org/00-Local-Server/) or with [other VPS providers](https://linuxupskillchallenge.org/00-VPS-small/), it is very likely that you have your `root` user readily available.
 
-Stop using root. If you followed the guides, you should have created a regular user and adding it to a sudoers group, like this:
+Stop using root. If you followed the guides, you should have created a regular user and added it to a sudoers group, like this:
 
 `adduser snori74`
 
@@ -63,7 +63,7 @@ Your server is protected by the fact that its security updates are up to date, a
 ## THE POWER OF SUDO
 
 * Use the links in the "Resources" section below to understand how `sudo` works
-* Use `ls -l` to check the permissions of `/etc/shadow` - notice that only `root` has any access. Can you use `cat`, `less` or `nano` to view it?
+* Use `ls -l` to check the permissions of `/etc/shadow` - notice that only `root` has any access. Try `cat /etc/shadow`, can you view the contents of the file?
 * This file is where the hashed passwords are kept. It is a prime target for intruders - who aim to grab it and use offline password crackers to discover the passwords.
 * Now try with `sudo`, e.g. `sudo cat /etc/shadow`
 * Test running the `reboot` command, and then via `sudo` (i.e. `sudo reboot`)
@@ -73,7 +73,7 @@ Once you've reconnected back:
 * Use the `uptime` command to confirm that your server did actually fully restart
 * Test fully “becoming root” by the command `sudo -i`. This can be handy if you have a series of commands to do "as root". Note the change to your prompt.
 * Type `exit` or `logout` to get back to your own normal “support” login.
-* Use `less` to view the file `/var/log/auth.log`, where any use of `sudo` is logged
+* Use `cat /var/log/auth.log`, to see the last few times `sudo` was logged
 * You could "filter" this by typing: `grep "sudo" /var/log/auth.log`
 
 *Normally invoking the `sudo` command will ask you to re-confirm your identity with your password. However, this can be changed in the sudoers configuration file so it does NOT prompt for a password.*
@@ -82,7 +82,7 @@ Once you've reconnected back:
 
 We will go into detail of the many things you can do to your server, but here are some examples of simple administrative tasks that require `sudo`.
 
-If you wish to, you can now rename your server. Traditionally you would do this by editing two files, `/etc/hostname` and `/etc/hosts` and then rebooting - but the more modern, and recommended, way is to use the `hostnamectl` command; like this:
+If you wish to, you can now rename your server. Traditionally you would do this by editing two files, `/etc/hostname` and `/etc/hosts` and then rebooting - but the more modern, and recommended, way is to use the `hostnamectl` command, like this:
 
 `sudo hostnamectl set-hostname mylittlecloudbox`
 
@@ -112,12 +112,14 @@ Confirm:
 
 The major practical effects of this are (1) the timing of scheduled tasks, and (2) the timestamping of the logs files kept under `/var/log`. If you make a change, there will naturally be a "jump" in the dates and time recorded.
 
-## WRAP
+## WITH GREAT POWERS COMES GREAT RESPONSIBILITY
 
 As a Linux sysadmin you may be working on client or custom systems where you have little control, and many of these will default to doing everything as `root`. You need to be able to safely work on such systems - where your only protection is to double check before pressing `Enter`.
 
 On the other hand, for any systems where you have full control, setting up a "normal" account for yourself (and any co-admins) with permission to run `sudo` is recommended. While this is standard with Ubuntu, it's also easy to configure with other popular server distros such as Debian, CentOS and RHEL.
 
+Even with that, it's important to take the necessary precautions before making global changes, to prevent accidentally locking yourself out or other issues. Practices like using a test environment, checking for syntax errors and typos, and keeping an eye on the log files, will eventually become second nature.
+
 ## EXTENSION
 
 * [How To Edit the Sudoers File](https://www.digitalocean.com/community/tutorials/how-to-edit-the-sudoers-file)