Chadley Wilson wrote:
These are things that get configured once and used a lot. Regular users can use them, root configures them.On Tue, 2004-05-11 at 09:46, Chris Hewitt wrote:
With the Redhat/Fedora model the installation requires making an unprivilaged user and people tend to log in with that. For things requiring root access then yes the root password prompt comes up. Annoying maybe but at least the option is given.
In the MS model, no such unprivilaged user has to be made during installation (I've not used XP so maybe that differs?), so people tend to log in as Administrator so already have the privilages. I manually make an unprivilaged user and log in as that but when I need Administrator privilages for something I simply get a message telling me I cannot do that. I have to log out then log in again as Administrator, do what I need, then log out and log in again as my unprivilaged user. Its not just the time in doing these log out/ins, but in setting up the programs that I had and getting back to the point where I was before.
I think the Redhat/Fedora model is much more user friendly. You could suggest to your customers that they log in as root all the time. They would need to accept that making a mistake could have much more disasterous consequences, which is why non-root access is better.
As to why there should be a performance difference, I do not know.
Thanks for your input Chris,
But as for the administrative stuff I can understand the need for it to require root access and yes the prompts are provided in linux and yes it is good.
After much thought I think that I am able to explain my angle.
Why do things like, kppp setup, disk free, hardware browser, printer
manager, smb mounts, flash drives, digital cameras etc.. need root
access in a home environment/office enviroment.
Only to configure. My cdrom and floppy can be mounted/unmounted by the user logged in when the disk is inserted (and that is default).Take shares and removable media they all require root access and
/etc/fstab controls the access when mounting. Configure it there to allow the user to mount/unmount and access it.although there are work arounds, I find myself driving out to a client only to find that he needs to open a terminal, su to root to mount a flash drive, I check the config files and they are right, and I have done many. He can use his stick, it works, he saw it work, I saw it work, He unplugs it and later plugs it in again now he only has read only access and doesn't have permissions. Get in my car drive there, I see the flash is already mounted, and without un-mounting it I log into a terminl as root and touch a file in the flash dir and guess what suddenly the user has RW access again.Without unmounting? mmmm Thats without changing anything, it seems the system wants root to first access the drive before any other user. O.K so now he reboots his PC and can't get it mounted at all at all because he needs to be root to mount.
The point is: it is his memstick, it has his junk on it, he doesn't care who root is, its not roots memstick it is his. He plugged it in as a user not as root, but he still can't access it unless I am there to configure everything, I tried to chown user on the flash but then he cant access it on his other box because he is not logged in there. so it is a real pain in the you know what.
One very common problem is with smb mounts for some reason when "I"
setup the access the user can mount the shares RW, he is given the
correct permissions from the serving PC and it works (RW). Until you
unmount and remount, for instance when the guy reboots his machine.
First problem starts when you unmount if anything is open, showing or
using the contents of the smb share while attempting to unmount, it
won't ever unmount the share again, even if you close all apps running,
at this point I just reboot, The same unmounting problem occurs in with
the flash.
Open files are a no no when trying to unmount/close. That rule protects data/file integrity.
A little bit if time spent on education is much better in the long run than just removing obstacles. Ever hear the one about "Give a man a fish and he eats for a day. Teach a man to fish and he eats forever.")? It applies to using computers as well.
So to fix this guy I did a very bad :{ thing and feel bad about it to.configuration in /etc/fstab easily solves most of those mount/unmount problems.
But I have plenty of reason for it, My petrol bill is witness to that. In the /etc/passwd file I removed the x from the 2nd column on both the
user and root. now everything works. But its not the right way to do
things.
These sort of things should work like stiffy and CD-Rom mounts. The user
logged in must be king of anything he plugs into his PC, like printers,
scanners, digital cameras, web cam, etc...
System files and and security should be for root. I mean what does root care how the dude installs his printer, if he
shares the damn thing to the whole world he will soon run out of paper
and ink and soon learn his lesson. Also what do the file on a camera or memstick have to with root?
Cost to the user is not really the problem.
A slave with a rootkit installed and access to the internet masquerading as someone else is a much bigger problem for us all (No Password -- a root kit is not even needed).
I understand your point, and as long as the user understands the risks of being root user and the ease of causing severe damage to his system with a simple typo when he is logged in as root, it is, after all, /his/ system.Do you get my point? :'\
Note: for those following this thread, it is not a fight it is a civilised discussion please keep it that way. ;-}
What I would expect in the long run though is that since you have removed the passwords he will get in the habit of using root for routine access and the maintenance will likely go up instead of down. -- because of typo's, configuration changes, and system file deletion/corruptions.
I just think that to many tools and apps require root access where the user should have full rights.