Message: previous - next
Month: August 2020

Re: [trinity-users] Beowulf/Buster upgrade - password problems - firewall - the saga resumes

From: J Leslie Turriff <jlturriff@...>
Date: Sun, 30 Aug 2020 19:34:54 -0500
On 2020-08-30 17:46:58 William Morder via trinity-users wrote:
> On Sunday 30 August 2020 11:19:03 Sl�vek Banko wrote:
> > On Saturday 29 of August 2020 13:11:01 William Morder via trinity-users
> Sorry to take so long to respond. I was AFK and lost in the physical world,
> and dealing with the problems of living in meatspace.
> > wrote:
> > > Okay, so I solved part of the sudoers list / root password problem.
> > > Turns out that I had not downloaded quite all the sudo packages,
> > > particularly some of the tde-trinity packages, or kde-trinity
> > > transition packages, or something in that lot.
> >
> > If you do not set a root password and use sudo, then the tdesudo-trinity
> > package is appropriate to ensure that all tdesu calls are actually
> > tdesudo => instead of su and root passwords will use sudo and the user's
> > password.
> The mysterious E (for Enigmatic) raised the issue of su against sudo; and
> I've also heard Nik mention that su is better for the single home user,
> which is myself. Until now, sudo + tdesudo has always done the trick for
> me, but if it is less secure, and my system will work, then at least I
> ought to make myself aware of the distinctions. I've tried out su, but so
> far I don't see any benefit, and only hear about the perils of sudo.
> It is possible that I can change my habits, so I will look into su. But if
> anybody can explain why su or why *not* sudo, I would be grateful, as the
> technical descriptions I can find online, or in my Linux guides, do not
> guide me toward any decisive points, and I see no reason to change what
> works. However, I will suppose that E knows something that I don't on this
> point, so I am considering how to implement such a change in my working
> habits.
> > > I wonder if developers can be persuaded to create firestarter-trinity
> > > packages, updated to handle ipv6? Gufw does have some nice features,
> > > but it is good to be able to see my connections, in real time --
> > > especially when it seems that it was being hijacked, or derailed, by a
> > > tor exit node. It seems a pity that such a great package should be
> > > deemed obsolete, and not worth adapting or upgrading, but there may be
> > > technical reasons that make it unavoidable.
> >
> > Firestarter is a GTK+ application - it somewhat diminishes the motivation
> > for inclusion in the TDE tree. Did you try KMyFirewall? I've never used
> > it, but it's an application that's already incorporated into TDE.
> >
> > > Bill
> >
> > Cheers
> Yes, I gathered that Firestarter is probably not worth the effort. Anyway,
> after reading Michael's praise of gufw, I decided I ought to explore that
> option more deeply, but the last couple days have been busy. I did try
> KMyFirewall, and while it looks like it has loads of features, I've never
> been able to get it to do anything more than start up; beyond that, so far
> as I can tell, it does NOTHING. For now I will look into ufw/gufw, as I can
> see a way forward there.
> Thanks to all the other comments and suggestions. (I'll respond to more of
> them individually, as I have time again.)
> I've mentioned before that I wanted to make some hardware upgrades, and
> needed to get a few items that would not only help me in my work, but
> indeed will bestow upon me superpowers. :-} So I have been making the nest
> ready for the new arrivals; yesterday was a big day, and I am still
> exhausted.
> For these upgrades, I needed to search out the software packages, which are
> posted; for Brother printers, in particular, the deb packages were always
> really old (Hardy 8.04 = Debian pre-Wheezy, I believe). Now, however, I
> noticed that packages were being kept current for certain models, so it
> looked more promising: I could keep a printer working for a few years into
> the future, without force-installing old packages.
> My machine already violates the laws of nature, as well as plain common
> sense; a little of that sort of thing is already too much. Then, when I
> tried to upgrade my Jessie system, I found that the Devuan netinstall disc
> for Jessie no longer could download packages; which, I surmised, had been
> moved to the archives, meaning that the download URLs in the netinstall
> disc would not work. (That's one advantage to using a full installation
> disc.) So I was forced into upgrading, like it or not, since I only had the
> netinstall discs for Devuan.
> When I had tried to upgrade from Devuan Jessie to Ascil/Stretch, I ended up
> with networking problems, but when I tried a new installation of
> Beowulf/Buster, it went well, and moreover it proves much faster to get
> from nothing to a working system (with a working TDE desktop).
> It used to take me about 5 hours to install the Jessie system, sometimes
> longer, sometimes a few days, if I didn't follow all the steps exactly
> right; but with Beowulf/Buster, the initial installation is less than an
> hour, and getting TDE installed is only a little longer -- so maybe less
> than two hours to reinstall completely -- and now that I have packages
> already downloaded, it will be faster yet.
> Michael did raise one interesting possibility, and maybe I ought to direct
> it to the developers: Is it possible to download *all* the packages in the
> TDE repositories (that is, that will run on my system), rather than having
> to pick through and guess? I have lists of packages from Jessie and
> earlier, but then I have to weed out the obsolete packages. What I want is
> to create my own local repository, to use when I have connection problems
> or Internet is down.
> In Debian, for example, I can download not only the installation discs, but
> also all the current packages (which usually takes about 3 or 4 discs, I
> believe). I thought that I had already downloaded tdesudo, for instance,
> but it got lost in the shuffle; also some of the repositories in my
> sources.list had been marked as sid instead of jessie (which worked better
> for me at the time), but with an upgrade to Beowulf/Buster, it is
> preferable to stick with stable, beowulf or buster (which are equivalent,
> at present), depending on which repository I'm using.
> Anyway ... so now Beowulf/Buster with TDE is installed, and my system is
> stable, and I feel confident in deleting all my old packages that are
> eating up space on that hard drive. I miss some of the old favorites that
> have fallen out, but I've also discovered newer packages that fill the
> void, and usually improve upon what I had, so now I have found a way
> forward again.
> Thanks to the devs for all their hard work, as well as to everybody who
> helped out with suggestions and comments. This was rather a rush job for
> me, as I do not yet have a test machine that I can use for experiments, and
> I needed to get my desktop up and running quickly, within a few days, as I
> was pressed to make some decisions in the real world, here at home, and I
> had deadlines and commitments and so on. Now this part is done, and I can
> relax a little.
> Bill

	Probably because I use a distro that was inherited from the server world 
(OpenSuSE), I have almost never used sudo, and seldom used su either; I just 
select New Root Shell from the Konsole window, enter the root password, and 
continue on.  For file management, there's Privileged File Manager (Konqueror 
using the root account) as well.  In what is effectively a single-user 
environment, I see little danger beyond shooting ones'self in the foot by 
forgetting which konsole I'm on, but I fix that by changing the color of my 
command prompt to magenta.  (I use the Linux Colors schema, which is easy on 
the eyes.) My personal prompt is green.
	(See attached)