OSDev.org

mgdt wrote:Steve the Pirate: I don't like some of the things linux does. I plan to have a different style of using permissions. I dont like sudo, if i took that out wouldnt basing it on linux be useful (as many things wont work or everyone has super user access?)

Not all linux is Ubuntu

Now, it appears that you want both
1) an already working kernel
2) your own os design
The problem with that is that you need to be lucky to find both of them in one package, which regrettably is only a small chance. So either you set your principles aside and use an existing kernel design, or write one yourself.

Whatta hell is wrong with sudo? If you've ever worked as an Unix administrator, you should know that the alternatives are awful: either you share root passwords with other admins, multiplex root by having several passwd-entries for the account 0 (which creates all kinds of nasty side-effects, but is common) or you put everyone (every administrator that is) in one group, and put the group in /etc/sudoers and nobody needs to remember any root passwords (until the system boots into singleuser and prompts for root-password to let you figure out what the hell broke, because nobody remember to change the single-user init scripts when they installed sudo). IMHO, sudo is the best solution. It's not like you need to use it other than for administratory work anyway.

That said, sudo itself it nothing but a normal process, given the setuid attribute, such that it can look into /etc/sudoers to see what you are allowed to do as other users (it can be used for a lot more than just root access) and then prompts you a password to check you are who you claim to be. Any you can always get a real root-shell with "sudo -s" (assuming /etc/sudoers gives you full access).

Anyway, taking sudo out of even Ubuntu is probably a question of "apt-get remove sudo" or something similar. Remember to set a root password before you try though, or you won't be able to get it back easily.

Combuster: working kernel and "your own os design ", then you say "find both of them in one package" Find my own OS design in someones package? lol. Did you mean a OS design? (instead of my own?).

I have a prototype running on a console. I want to be able to port this to PC (or something that has EFI).

mystran: Haha, how does sudo work? it sounds like sudo is a proccess that has and can give admin access (for a temp time). And has a list or group of admin accounts that it checks when you enter your user/pw.

Where did ubuntu come from? I never mentioned that.

Right now i feel like writing an interface for gfx, input and sound (emulate with sdl). Then write the code to boot and setup the interface with EFI later. I probably will pay someone to do it if people like the OS. I just have a feeling that windows is going to rape the speed of my OS. Through virtual memory and page files and such.

Has anyone tried to do anything like i am currently trying to do?

mgdt wrote: mystran: Haha, how does sudo work? it sounds like sudo is a proccess that has and can give admin access (for a temp time). And has a list or group of admin accounts that it checks when you enter your user/pw.

Well sudo is setuid root, so it can spawn processes as anyone it feels like. It has a configuration file /etc/sudoers (normally, at least) which has a set of rules about who can do what.

Basicly, you say "this user (or group) can run as this other user (on a given host) this program". So you could say that "mgdt" is allowed to run as "root" on a computer called "foobar" a program called "/usr/sbin/foobar" and then when you say (as mgdt on foobar) "sudo /usr/sbin/foobar" it'll let you do that. Normally it ask you your password (your own, just to check that if you left your console open it's really you) if you didn't just run something as sudo. If you try to do something else, and there's no matching entry, it'll deny your request.

Typically on your own machine, you use a ruleset something like: That says that root and mgdt are allowed to do whatever they feel like, as whoever they feel like. You could also use a group like "admin" or "wheel" or something to control who's allowed that much power.

It's pretty flexible. You can make it works just like traditional 'su' requiring the password of the target-user, or you can make it require no-passwords whatsoever. You can make it send mail every time it's used, you can control whether the "authenticated recently" applies globally or only on per-TTY basis, you can control whether environment is cleared (to prevent LD_PRELOAD attacks and similar, when user is allowed some small set of commands) and well... you get the point.

Where did ubuntu come from? I never mentioned that.

Well somebody mentioned, probably because Ubuntu doesn't give you root-password at all when you install it (there's just ! in /etc/shadow preventing authentication as root). It just gives the initial user membership in admin-group, and has a default /etc/sudoers that says anyone in admin group can do whatever they feel like:
That's straight from my Ubuntu box sudoers, just stripping comments.

That was a very good reply mystran, thank you very much.

While designing the admin part of my os I am going to keep in mind everything you said and do it in a style similar if not exactly the same as that.

mgdt wrote:Find my own OS design in someones package? lol.

That was EXACTLY what I meant. Sadly enough, that was also what you were asking for.
Remember, your ideas may match other people's ideas...

I have a prototype running on a console. I want to be able to port this to PC (or something that has EFI).

As suggested before, build your own linux distro. That way you have a console to run your program in.

I have a free copy of Windows XP Embedded through MSDNAA (Microsoft Developer's Network Academic Alliance). If you know anyone who's enrolled into a programming course at college, you may be able to talk them into giving you their MSDNAA login.

No, I won't share mine Since it activates over the Internet and I don't want mine to suddenly stop working.