trinity-users@lists.pearsoncomputing.net

Message: previous - next
Month: December 2015
Re: [trinity-users] KSysV missfire

From: Gene Heskett <gheskett@...>
Date: Sun, 20 Dec 2015 14:41:55 -0500
On Sunday 20 December 2015 12:32:41 E. Liddell wrote:

> On Sun, 20 Dec 2015 10:12:17 -0500
>
> Gene Heskett <gheskett@...> wrote:
> > To that end, if the package
> > asks for a pw, and gets the 1st users pw as a response, it should be
> > happy and run. There is little or no difference between root and 1st
> > user as 1st user is generally the one who originally setup the
> > system and should know it well.
>
> Don't assume that all systems are single-user desktops. 

Here, that is precisely the case.  Any other "users" are there only to 
separate rights, like nut and amanda.

> Your 
> suggested setup isn't sufficient, for instance, to handle a multi-user
> system that's just gotten a new administrator, as might happen in
> a corporate environment.  Once the old admin's account is scrubbed,
> the original "first user" isn't there anymore, so where should the
> rights end up?  The next user added probably wasn't the new admin, and
> the new admin shouldn't have to use someone else's login name.

Violent agreement there.

OTOH, other than rebooting single and having the new admin set both his 
pw, and roots, and change the username in the /etc/sudoers file if it 
exists, should not be locked out. The machine may have valuable data on 
it that would be lost if a re-install was forced.  OTOH, if the new 
admin doesn't know how to do the above, he is not qualified to admin any 
*nix machine. If they need the data bad enough, they WILL find an admin 
that is capable of installing himself.
>
> TDE shouldn't allow behaviour that sudo doesn't (assuming that
> sudo is even present on the system--it's quite possible to use su
> only and never install sudo!), which seems to be what you're
> advocating here.  It does have to be able to be able to authenticate
> via sudo with user passwords if the system accepts that behaviour
> in other contexts.
>
> Regardless, I expect Michele et al. will do The Right Thing.
>
> E. Liddell

No arguements there as the Right Thing must include the multiuser 
scenario, which doesn't exist in terms of live users here. Thats my 
problem, not yours. All I want is consistency in applying the must use 
root rules.  Since this is obviously a mixed system, its something I'll 
have to put up with in the grand scheme of things.

> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> trinity-users-unsubscribe@... For additional
> commands, e-mail: trinity-users-help@... Read
> list messages on the web archive:
> http://trinity-users.pearsoncomputing.net/ Please remember not to
> top-post:
> http://trinity.pearsoncomputing.net/mailing_lists/#top-posting


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Some mill pix are at:
Genes Web page <http://geneslinuxbox.net:6309/gene/GO704-pix>
trinity-users@lists.pearsoncomputing.net

Re: [trinity-users] KSysV missfire

powered by ezmlm-www (v1.4.5)
