FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 12-07-2007, 07:21 PM
"Robert P. J. Day"
 
Default Users and Groups

On Fri, 7 Dec 2007, Karl Larsen wrote:

> I just re-started Users and Groups and clicked on Edit and preferences and
> put an x in each of the spaces provided. Then I clicked on Help on the top and
> then Help Contents and neither came up.
>
> The main panel shows nothing but my user data. This is what I saw when I
> first tried to make me a Group member of uucp. I could find nothing that has a
> thing to do with uucp! When I click on my line it is just about my login. I
> gave up.
>
> I used #usermod karl -a -G uucp and that worked. It made karl a member of
> group uucp.
>
> Went back to Users and Groups trying to verify that usermod did the trick.
> This time I clicked Edit again and saw preferences and clicked on that. I saw
> all the things with an x in them and thought this must be right. But just to
> be sure I removed all the x's.
>
> To my amazement all the Users and Groups were displayed. I found uucp and
> with the Group tab saw karl,uucp were group members. So it worked. I pretended
> not to have my karl in the uucp group and clicked on the uucp group and up
> came a Group properties window. It would be simple to find karl on that list
> and put an x in that line.
>
> So my two problems with this tool is the lack of help and the way it is
> found the first time you use it.
>
> There needs to be a way to tell the people working on this application what
> is wrong. It is not a bug but it needs to get to them.

but there's a *reason* it's done this way, karl. typically, when you
start adding new users, you're not going to add them to the system
groups. what you'd normally do is first create some new groups like,
say, "sales", "marketing", "helpdesk" and so on. try it -- create a
new group called "sales". you'll notice that it shows up in the list
when you ask to see the list of current groups.

now when you create new users, you can choose to add them to your new
(non-system) groups. that's the way it's *supposed* to work. you're
not supposed to commonly add users to the *system* groups -- that's
why those groups are, by default, not displayed. if, by chance, you
really *need* to do that, it's still available. but that's not
displayed by default because it's not encouraged behaviour, that's
all. you generally need a really good reason to add a user to a
system group.

rday

================================================== ======================
Robert P. J. Day
Linux Consulting, Training and Annoying Kernel Pedantry
Waterloo, Ontario, CANADA

http://crashcourse.ca
================================================== ======================

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-07-2007, 07:29 PM
"David L. Gehrt"
 
Default Users and Groups

> On Fri, 7 Dec 2007, Frank Cox wrote:
>
> > On Fri, 07 Dec 2007 11:49:30 -0600
> > Jeff Krebs <jkrebs@tconl.com> wrote:

<snip>

> ================================================== ======================
> Robert P. J. Day
> Linux Consulting, Training and Annoying Kernel Pedantry
> Waterloo, Ontario, CANADA
>
> http://crashcourse.ca

Robert:

I have used Linux since the mid 90s, and been involved with net lists
like this one since the early 80s. I do not post much just because of
people like Karl. He reminds me of people who used to post worthless
stuff on USENET lists. I am convinced they did it just to stir things
up so as to see their names in postings to the lists. Fleeting fame not
worth the paper on which it is not printed.

While I agree with your sentiments I worry that the postings in response
to his nonsense may be just feeding what ever drives him to post the
crap you identify.

dlg

David L. Gehrt Land Line: 805.541.2390
1865 Wilding Lane Cell phone: 805.704.5890
San Luis Obispo, CA 93401-3044 Email: dlg@inanity.net


--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-07-2007, 07:32 PM
Karl Larsen
 
Default Users and Groups

Robert P. J. Day wrote:

On Fri, 7 Dec 2007, Karl Larsen wrote:



I just re-started Users and Groups and clicked on Edit and preferences and
put an x in each of the spaces provided. Then I clicked on Help on the top and
then Help Contents and neither came up.

The main panel shows nothing but my user data. This is what I saw when I
first tried to make me a Group member of uucp. I could find nothing that has a
thing to do with uucp! When I click on my line it is just about my login. I
gave up.

I used #usermod karl -a -G uucp and that worked. It made karl a member of
group uucp.

Went back to Users and Groups trying to verify that usermod did the trick.
This time I clicked Edit again and saw preferences and clicked on that. I saw
all the things with an x in them and thought this must be right. But just to
be sure I removed all the x's.

To my amazement all the Users and Groups were displayed. I found uucp and
with the Group tab saw karl,uucp were group members. So it worked. I pretended
not to have my karl in the uucp group and clicked on the uucp group and up
came a Group properties window. It would be simple to find karl on that list
and put an x in that line.

So my two problems with this tool is the lack of help and the way it is
found the first time you use it.

There needs to be a way to tell the people working on this application what
is wrong. It is not a bug but it needs to get to them.



but there's a *reason* it's done this way, karl. typically, when you
start adding new users, you're not going to add them to the system
groups.

I was not adding a new user or group.

what you'd normally do is first create some new groups like,
say, "sales", "marketing", "helpdesk" and so on. try it -- create a
new group called "sales". you'll notice that it shows up in the list
when you ask to see the list of current groups.


I have no need for a new user.

now when you create new users, you can choose to add them to your new
(non-system) groups. that's the way it's *supposed* to work. you're
not supposed to commonly add users to the *system* groups -- that's
why those groups are, by default, not displayed. if, by chance, you
really *need* to do that, it's still available. but that's not
displayed by default because it's not encouraged behaviour, that's
all.
Why did someone invent "usermod"? And when you do a ls -l on /dev/ttyS0,
the first serial port you notice:


[root@k5di ~]# ls -al /dev/ttyS0
crw-rw---- 1 root uucp 4, 64 2007-12-07 04:52 /dev/ttyS0
[root@k5di ~]#

The only way I can ever use Com1 is to be root or belong to the uucp Group.


you generally need a really good reason to add a user to a
system group.


I and many others will find really good reasons.

Karl


rday

================================================== ======================
Robert P. J. Day
Linux Consulting, Training and Annoying Kernel Pedantry
Waterloo, Ontario, CANADA

http://crashcourse.ca
================================================== ======================





--

Karl F. Larsen, AKA K5DI
Linux User
#450462 http://counter.li.org.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-07-2007, 07:44 PM
"Robert P. J. Day"
 
Default Users and Groups

On Fri, 7 Dec 2007, Karl Larsen wrote:

> Robert P. J. Day wrote:

> > but there's a *reason* it's done this way, karl. typically, when
> > you start adding new users, you're not going to add them to the
> > system groups.

> I was not adding a new user or group.

that's not the point. you were complaining originally that you
couldn't see all the users and groups on the system. and i explained
why that's actually a good thing -- because, for the most part, you
shouldn't *need* to see those users or groups, unless you're doing
something unusual.

if you truly need to see them, then it's a simple mouse click. but
unless you do, there's no need to have them cluttering up your dialog
box. do you see the point i'm trying to make?

> Why did someone invent "usermod"? And when you do a ls -l on
> /dev/ttyS0, the first serial port you notice:
>
> [root@k5di ~]# ls -al /dev/ttyS0
> crw-rw---- 1 root uucp 4, 64 2007-12-07 04:52 /dev/ttyS0
> [root@k5di ~]#
>
> The only way I can ever use Com1 is to be root or belong to the uucp
> Group.

not necessarily. depending on how you access that port, it might have
its attributes changed to match yours automatically. from my system:

$ ls -l /dev/console
crw------- 1 rpjday root 5, 1 2007-12-06 03:17 /dev/console

notice how i'm the owner of /dev/console? i never changed that
ownership -- that was done for me based on the fact that that's how i
logged in. and if you run an application that needs to access the
serial port, that *application* might do that for you automatically as
well.

if you truly want to access the serial port directly, then, yes, you
might need to change its attributes, but that doesn't mean you *need*
to add yourself to the uucp group -- it just means you need to change
the owner or group on the serial port temporarily. that's probably
going to be a lot easier than adding yourself to system groups.

> > you generally need a really good reason to add a user to a
> > system group.
> >
> I and many others will find really good reasons.

no, karl ... you might find *a* reason. but it won't be a good one.
as i pointed out above, there is a much easier way to accomplish what
you're trying to do.

rday

================================================== ======================
Robert P. J. Day
Linux Consulting, Training and Annoying Kernel Pedantry
Waterloo, Ontario, CANADA

http://crashcourse.ca
================================================== ======================

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-07-2007, 08:10 PM
Les Mikesell
 
Default Users and Groups

Robert P. J. Day wrote:


[root@k5di ~]# ls -al /dev/ttyS0
crw-rw---- 1 root uucp 4, 64 2007-12-07 04:52 /dev/ttyS0
[root@k5di ~]#

The only way I can ever use Com1 is to be root or belong to the uucp
Group.


not necessarily. depending on how you access that port, it might have
its attributes changed to match yours automatically. from my system:

$ ls -l /dev/console
crw------- 1 rpjday root 5, 1 2007-12-06 03:17 /dev/console

notice how i'm the owner of /dev/console? i never changed that
ownership -- that was done for me based on the fact that that's how i
logged in.


What's a console and what does it have to do with a unix-like system?

--
Les Mikesell
lesmikesell@gmail.com

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-07-2007, 08:16 PM
Frank Cox
 
Default Users and Groups

On Fri, 07 Dec 2007 15:10:41 -0600
Les Mikesell <lesmikesell@gmail.com> wrote:

> What's a console

The keyboard/monitor that's locally attached to the system (server).


> and what does it have to do with a unix-like system?

Among other things, the console user has (or can have) special permissions that
are set by /etc/security/console.perms and /etc/security/console.perms.d/

--
MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-07-2007, 09:02 PM
Les Mikesell
 
Default Users and Groups

Frank Cox wrote:



What's a console


The keyboard/monitor that's locally attached to the system (server).


What if you don't use that (or the box doesn't have them) and instead
always connect via X/freenx/ssh?



and what does it have to do with a unix-like system?


Among other things, the console user has (or can have) special permissions that
are set by /etc/security/console.perms and /etc/security/console.perms.d/


Seems like a really, really bad idea for an operating system that
permits remote access and doesn't care where you are.


--
Les Mikesell
lesmikesell@gmail.com

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-07-2007, 09:04 PM
"Robert P. J. Day"
 
Default Users and Groups

On Fri, 7 Dec 2007, Les Mikesell wrote:

> Frank Cox wrote:
> >
> > > What's a console
> >
> > The keyboard/monitor that's locally attached to the system (server).
>
> What if you don't use that (or the box doesn't have them) and instead always
> connect via X/freenx/ssh?
>
> > > and what does it have to do with a unix-like system?
> >
> > Among other things, the console user has (or can have) special permissions
> > that
> > are set by /etc/security/console.perms and /etc/security/console.perms.d/
>
> Seems like a really, really bad idea for an operating system that
> permits remote access and doesn't care where you are.

but the fact that you have a port on which you can log in from a
remote location doesn't necessarily make that the "console." so i
don't see the problem here.

rday
--
================================================== ======================
Robert P. J. Day
Linux Consulting, Training and Annoying Kernel Pedantry
Waterloo, Ontario, CANADA

http://crashcourse.ca
================================================== ======================

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-07-2007, 09:05 PM
Frank Cox
 
Default Users and Groups

On Fri, 07 Dec 2007 16:02:32 -0600
Les Mikesell <lesmikesell@gmail.com> wrote:

> > The keyboard/monitor that's locally attached to the system (server).
>
> What if you don't use that (or the box doesn't have them) and instead
> always connect via X/freenx/ssh?

Then you're not using a console.

> >> and what does it have to do with a unix-like system?
> >
> > Among other things, the console user has (or can have) special permissions that
> > are set by /etc/security/console.perms and /etc/security/console.perms.d/
>
> Seems like a really, really bad idea for an operating system that
> permits remote access and doesn't care where you are.

That is one of the reasons behind having a console. By definition, a remote
access terminal session is not a console. Unix/Linux definitely does care if
you're local or remote when assigning console permissions as described above.

--
MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-07-2007, 09:13 PM
Steve Lindemann
 
Default Users and Groups

Les Mikesell wrote:

Frank Cox wrote:



What's a console


The keyboard/monitor that's locally attached to the system (server).


What if you don't use that (or the box doesn't have them) and instead
always connect via X/freenx/ssh?



and what does it have to do with a unix-like system?


Among other things, the console user has (or can have) special
permissions that

are set by /etc/security/console.perms and /etc/security/console.perms.d/


Seems like a really, really bad idea for an operating system that
permits remote access and doesn't care where you are.


The console is physically connected to the server. It should be locked
up in the same room as the server and you still need to log in thru the
console to gain access. The console should be the only terminal
connection that ever allows direct root login (and that could be argued
against as well).


For example, I use ssh from my desk, but when things go south and I
can't connect, then I run into the computer room and get on the console
to see what's going on. ...of course, if the console doesn't work then
you are *really* broke and we just don't talk about that happening 8^)

--
Steve Lindemann __
Network Administrator // ASCII Ribbon Campaign
Marmot Library Network, Inc. // against HTML/RTF email,
url: http://www.marmot.org // vCards & M$ attachments
email: mailto:steve@marmot.org
voice: +1.970.242.3331 ext 16
fax: +1.970.245.7854

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 07:32 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org