Okay, I'm starting to like Linux...

All off topic discussions go here. Everything from the funny thing your cat did to your favorite tv shows. Non-programming computer questions are ok too.
User avatar
stephenj
Member
Member
Posts: 140
Joined: Wed Jul 23, 2008 1:37 am
Location: Canada

Re: Okay, I'm starting to like Linux...

Post by stephenj »

Although I'm not using Ubuntu at the moment, to log in as root in GNOME using GDM, goto system -> Administration -> Login Window -> Security. You should find an option for root login.

Another option to use sudo without a password is adding the line "username ALL=(ALL) NOPASSWD: ALL" to "/etc/sudoers"

Yet another option would be using a root terminal (type su in the shell or using "root terminal" in Applications -> Accessories)

I listed these options in reverse desirable order. The best option is the last one. And the first option is a horrible idea which leads one to be rooted.
User avatar
inflater
Member
Member
Posts: 1309
Joined: Thu Sep 28, 2006 10:32 am
Location: Slovakia
Contact:

Re: Okay, I'm starting to like Linux...

Post by inflater »

And the first option is a horrible idea which leads one to be rooted.
I think thats good, because I want to be in charge everytime without typing all the passwords, because I don't execute commands (normally) that I would do harm to the system and trust me, no one from my friends/family can't do more than turn the PC on. ;)

Will now install Ubuntu, back in some minutes (or hours) :P
My web site: http://inflater.wz.cz (Slovak)
Derrick operating system: http://derrick.xf.cz (Slovak and English :P)
User avatar
inflater
Member
Member
Posts: 1309
Joined: Thu Sep 28, 2006 10:32 am
Location: Slovakia
Contact:

Re: Okay, I'm starting to like Linux...

Post by inflater »

I was finally able to login as root to gnome. Yay. I dislike operating systems taking control of me. I am in charge now. :twisted:

Really, it was just wasting time to connect to internet: "sudo stdsl.sh start" or to access e.g. add or remove programs, everytime I had to type the password. What a waste of time (eh, for some users.) OK, this blockage is useful for users that do not want to clobber their systems, but I dont use commands that I am unaware of what the hell are they doing. Especially "rm -rf / " ;)
My web site: http://inflater.wz.cz (Slovak)
Derrick operating system: http://derrick.xf.cz (Slovak and English :P)
User avatar
Brynet-Inc
Member
Member
Posts: 2426
Joined: Tue Oct 17, 2006 9:29 pm
Libera.chat IRC: brynet
Location: Canada
Contact:

Re: Okay, I'm starting to like Linux...

Post by Brynet-Inc »

Running as root is stupid, the way your looking at the issue is flawed.. it shows your familiarity with single user operating systems.

The point of privilege separation is limiting the damage any 1 user can do, on most systems.. a user, (or process started by the user), only has access to resources owned by them.

That means you can't terminate processes not started by you, and you can't trash files outside of your home directory.

If you're going to use a Unix-like operating system, leave your ignorances at the door.. ;)
Image
Twitter: @canadianbryan. Award by smcerm, I stole it. Original was larger.
User avatar
inflater
Member
Member
Posts: 1309
Joined: Thu Sep 28, 2006 10:32 am
Location: Slovakia
Contact:

Re: Okay, I'm starting to like Linux...

Post by inflater »

Sorry, but a distribution that won't give user full admin access is a no good one and I'm glad that, what I did, works.
That means you can't terminate processes not started by you, and you can't trash files outside of your home directory.
Well, I find it TOTALLY ANNOYING if I want to add/remove some program, change the logon screen , change system settings, to give the root password every 10 minutes or so, and I'm the only one user who uses Linux on this machine...

I compare it to Vista's favorite message "Windows needs your permission to continue", which had some bugs: you've ran some install program and you thought it was frozen, nope. The nag screen was minimalized and hidden before the install program's window due to a bug (I think), of which app's window would got focus. Yep, the install program was the first priority.
My web site: http://inflater.wz.cz (Slovak)
Derrick operating system: http://derrick.xf.cz (Slovak and English :P)
User avatar
stephenj
Member
Member
Posts: 140
Joined: Wed Jul 23, 2008 1:37 am
Location: Canada

Re: Okay, I'm starting to like Linux...

Post by stephenj »

If you want to run a script that connects to the 'net, I assume you want it to run on startup. Which you can make it do automatically (I believe it would be under "/etc/init.d").

Again, if you don't want to re-enter your password when using sudo, just modify /etc/sudoers or use su! Remember, you're on a network, and a program (like a browser or IM client) may run code that you don't want to execute.
User avatar
Solar
Member
Member
Posts: 7615
Joined: Thu Nov 16, 2006 12:01 pm
Location: Germany
Contact:

Re: Okay, I'm starting to like Linux...

Post by Solar »

inflater wrote:Sorry, but a distribution that won't give user full admin access is a no good one and I'm glad that, what I did, works.
A good friend of mine had her laptop set up by me, since she isn't very good at computers. (Some out there really do need a browser and a word processor and nothing else.) Boy was she happy when I told her, "there's nothing you can do that would destroy the system. You can wipe out your data, so make sure you make your backups, but you can't hurt the OS."

And boy am I happy when not being root kept me from doing something stupid, again. Between a console's command history, the "!" feature, and the unavoidable typos from time to time, there's bound to be an accident sooner or later.

(Imagine: New USB stick (empty), old USB stick (valuable data). Insert new stick, mkfs, mount, some file operations, umount, switch to new stick, using command history to get to the mount command, hit "up" one time too often while in a hurry...)
Every good solution is obvious once you've found it.
User avatar
inflater
Member
Member
Posts: 1309
Joined: Thu Sep 28, 2006 10:32 am
Location: Slovakia
Contact:

Re: Okay, I'm starting to like Linux...

Post by inflater »

(Imagine: New USB stick (empty), old USB stick (valuable data). Insert new stick, mkfs, mount, some file operations, umount, switch to new stick, using command history to get to the mount command, hit "up" one time too often while in a hurry...)
...and nothing would prevent you from formatting if you used SUDO before mkfs, which you had to. ;)
there's bound to be an accident sooner or later.
Yep, but I've grew on DOS/Win95 and still am using the command line sometimes, and guess what? I never accidentaly typed format c: ;)
My web site: http://inflater.wz.cz (Slovak)
Derrick operating system: http://derrick.xf.cz (Slovak and English :P)
quok
Member
Member
Posts: 490
Joined: Wed Oct 18, 2006 10:43 pm
Location: Kansas City, KS, USA

Re: Okay, I'm starting to like Linux...

Post by quok »

inflater wrote:
(Imagine: New USB stick (empty), old USB stick (valuable data). Insert new stick, mkfs, mount, some file operations, umount, switch to new stick, using command history to get to the mount command, hit "up" one time too often while in a hurry...)
...and nothing would prevent you from formatting if you used SUDO before mkfs, which you had to. ;)
Just being pedantic here, but you do not need to be root to create a filesystem. By default, mkfs is not on a standard user path, but you can always call it yourself. The only thing preventing a standard user from running mkfs on any block device is the permissions set on that device. You either have to be root, or in some special group (usually 'disk') to be able to write directly to a device file, which is how mkfs works.

Anyway, the password prompting feature of sudo would generally prevent you from accidentally running mkfs. Yes, sudo caches credentials for a period (5 minutes by default), so you're not always prompted for a password. I hate to say it, but you're right, if sudo (in it's default config) was used in Solar's example then nothing would prevent you from inadvertently running mkfs on the old usb stick. It's for that reason entirely that I disable the password caching on systems I admin, so anyone needing to run multiple commands in a row as root need to use 'sudo -s' or /bin/su to get a root shell instead. I don't run Ubuntu, so I have no idea how sudo is set up there. The purpose of sudo though is that it can be set up to be more restrictive than /bin/su. You can specify what commands a user (or group) is allowed to run via sudo. That's something you cannot do with /bin/su.

Note though, Solar didn't mention sudo at all. I look at it from this point of view... If you ran through Solar's example on a single user machine, what would prevent it? Nothing. On a standard unix machine? The fact that normal users cannot write to a block device file. You'd have to become root somehow to mount the device, as well as to format the device. Sure, the example is flawed if sudo with password caching is used, or if you hit up arrow too many times inside a root account. But just using different user accounts (privilege separation) makes it safer. You always need to be careful when running as any administrative user. It's designed so that average joe can't harm the system by doing stupid things, but once you become root (almost) all those restrictions go away. An example of a restriction that will not go away: you can't run mkfs on a device file that contains an active (i.e., mounted) filesystem.

I'd also like to point out that while nobody else in your household may run linux on that machine, it does not mean you're the only user on it. Run 'ps aux'. Look at the output. See things like 'root', 'nobody', 'daemon', etc? Those are all USERS. Sure, most of them are system accounts, and you may be the only user account on there, but once again, privilege separation. If a process running as nobody goes awry, the most it can affect is anything else the nobody system account has access to. For another example, look at your windows xp or vista box's task manager. You'll notice the same thing; processes running under system accounts or user accounts. Those are there for the same reason.
inflater wrote:
there's bound to be an accident sooner or later.
Yep, but I've grew on DOS/Win95 and still am using the command line sometimes, and guess what? I never accidentaly typed format c: ;)
Perhaps the only reason you never accidentally typed 'format c:' is because of the huge "This will destroy all your data!" warning you received the first time you did it. That makes not doing it again a learned behavior. Or perhaps you once typed 'format c:' instead of 'format d:' and only caught it because that same warning is followed by a "continue?" prompt. To put this in the context of Solar's example above, you also can't run that command accidentally because there's no command history or command recall in DOS.

Yes, accidents happen, and judging by your experiments with high voltage electricity and the injuries you've received from that, it's only a matter of time until you've learned that the hard way. Hopefully you won't get yourself nominated for a Darwin award in the process.

//EDIT: Fixed botched quoting attempt.
Last edited by quok on Mon Sep 08, 2008 11:02 am, edited 1 time in total.
User avatar
AJ
Member
Member
Posts: 2646
Joined: Sun Oct 22, 2006 7:01 am
Location: Devon, UK
Contact:

Re: Okay, I'm starting to like Linux...

Post by AJ »

quok wrote:To put this in the context of Solar's example above, you also can't run that command accidentally because there's no command history or command recall in DOS.
As we're being pedantic, there is. Certainly it's there by default on My Win2K and WinXP boxes and before that there was doskey which once run allowed command recall.

Cheers,
Adam
User avatar
inflater
Member
Member
Posts: 1309
Joined: Thu Sep 28, 2006 10:32 am
Location: Slovakia
Contact:

Re: Okay, I'm starting to like Linux...

Post by inflater »

you can't run mkfs on a device file that contains an active (i.e., mounted) filesystem.
That is a reasonable restriction, in case you would mix up these "sda1, sda2" partitions and accidentaly formatted your mounted e.g. ntfs partition. The problem is, when your partition isn't mounted... ;) Thats the reason why I like GUI when doing this things and programs with reasonably better security (you cant compare Partitionmagic to parted...)
there's no command history or command recall in DOS.
False. http://en.wikipedia.org/wiki/Doskey ;)
//EDIT: Damn... AJ beat me to it :D

But I agree with you on some points. Its just, its annoying to write passwords all over again. I think running su or su -i doesnt affect GUI applications (in fact, running SUDO with a X application can result in system inability to log in or to behave strangely next boot... believe me, look at some old pages of this thread where I had to reinstall linux xyz times).
Or GKSUDO wanted my password to e.g. add remove programs in gnome (there the SU command doesnt work) etc.
Yes, accidents happen, and judging by your experiments with high voltage electricity and the injuries you've received from that, it's only a matter of time until you've learned that the hard way.
Don't worry. I know whats the taste of 230V on your (dry) hand and I know too, whats the taste of a frankfurter directly electrocuted through 230V. :lol:

BTW these injuries I mentioned in the signature weren't really injuries... I just slashed my fingers xyz times against the hard sharp soldered edges of the PCB boards...
My web site: http://inflater.wz.cz (Slovak)
Derrick operating system: http://derrick.xf.cz (Slovak and English :P)
quok
Member
Member
Posts: 490
Joined: Wed Oct 18, 2006 10:43 pm
Location: Kansas City, KS, USA

Re: Okay, I'm starting to like Linux...

Post by quok »

inflater wrote:
there's no command history or command recall in DOS.
False. http://en.wikipedia.org/wiki/Doskey ;)
//EDIT: Damn... AJ beat me to it :D
Oops, I completely forgot about doskey. May I reiterate my point, though, by saying the default shell did not have command history? It was only available after running doskey. While recent command shells in Windows do have such behavior by default, I'm going to discount them by saying those shells aren't DOS, but DOS-like. That is, they don't run from command.com. I should also specify when I say DOS, I mean MS-DOS. I've never used DR-DOS or FREEDOS, and they may very well have this behavior by default. Also, the last I used DOS was 6.22, way way long ago. I've used Linux almost exclusively since late '95 or early '96, so my memory may very well be foggy and I could be missing some other detail in MS-DOS that allowed this behavior.
inflater wrote:But I agree with you on some points. Its just, its annoying to write passwords all over again. I think running su or su -i doesnt affect GUI applications (in fact, running SUDO with a X application can result in system inability to log in or to behave strangely next boot... believe me, look at some old pages of this thread where I had to reinstall linux xyz times).
Or GKSUDO wanted my password to e.g. add remove programs in gnome (there the SU command doesnt work) etc.
Often times security, inconvenience, and annoyance go hand in hand. If you want to run su and allow X apps, don't specify '-' or '-l'. Then you won't lose your DISPLAY env variable, so your GUI apps should work. There may also be other settings that are preventing it.
User avatar
inflater
Member
Member
Posts: 1309
Joined: Thu Sep 28, 2006 10:32 am
Location: Slovakia
Contact:

Re: Okay, I'm starting to like Linux...

Post by inflater »

quok wrote:That is, they don't run from command.com
Wiki on DOSKEY article wrote:It was included as a TSR program with MS-DOS and PC-DOS versions 5 and later, and with Microsoft's Windows 95/98/Me.
I know some people using MS DOS nowadays, but nobody uses something like DOS 3.0. (DOS 4, I think, was never released.), and believe it or not, DOS in Win9x is like as a normal DOS, just a newer version (for example Win95 used its own DOS, DOS 7.0 or such, and wasnt normally available as standalone but it is now downloadable.. ilegally).

The other thing goes for the NT platform, say NT 4.0, 2000, XP and the "hybrids" WinME and Vista. NT uses its own DOS emulation, NTVDM, that same for old 16-bit applications (WOW.exe, "Windows on Windows"), and they usually have doskey or any other functions built in.
My web site: http://inflater.wz.cz (Slovak)
Derrick operating system: http://derrick.xf.cz (Slovak and English :P)
User avatar
Solar
Member
Member
Posts: 7615
Joined: Thu Nov 16, 2006 12:01 pm
Location: Germany
Contact:

Re: Okay, I'm starting to like Linux...

Post by Solar »

(For the records, I don't install sudo on my machines. If I have to do something as admin, I "su -" and drop all notions of being in a hurry...)
Every good solution is obvious once you've found it.
User avatar
Combuster
Member
Member
Posts: 9301
Joined: Wed Oct 18, 2006 3:45 am
Libera.chat IRC: [com]buster
Location: On the balcony, where I can actually keep 1½m distance
Contact:

Re: Okay, I'm starting to like Linux...

Post by Combuster »

I only install sudo to be able to sudo shutdown and sudo reboot without having to log in as root.
"Certainly avoid yourself. He is a newbie and might not realize it. You'll hate his code deeply a few years down the road." - Sortie
[ My OS ] [ VDisk/SFS ]
Post Reply