Results 1 to 2 of 2
  1. #1
    Joined
    Feb 2003
    Location
    Foxboro, MA
    Posts
    2,610

    Happy linux, happy developer

    I've been dual-boot with KUbuntu/WinXP for a while now but as my comfort level with KUbuntu continues to rise I find myself using XP less and less. My only problem is that I still need to educate myself on some minor annoyances. Maybe y'all can help me out.

    Issue #1 - When I get to the desktop after booting up I have to enter my password into the KDE Wallet Manager so that my wireless internet can connect. I can't stand doing this every time. How can I fix that to not happen?

    Issue #2 - How can I open another shell from within a shell script? Basically I have some software development I'm doing on my PSP and it requires a couple of shells to be opened and commands to be executed. I can handle doing the commands but I just haven't figured out how to spawn multiple shells. Any pointers? I plan on automating a number of repetitive tasks and shell scripts are the way to go.

    Issue #3 - How do I set user credentials in a shell script? For the scripting that I have done I get snagged when whatever context the script is executing under doesn't have any privileges.

    Issue #4 - Why should I ever log into the system as anything other than root? There's a reoccurring theme here with insufficient user privileges.

    When I installed KUbuntu I had it set up a regular user account. The only problem is that nearly 98% of the time you need root access to do anything. My fingers are bleeding from the number of times I've had to type "sudo" and my password just to do anything in the shell, to install software, to blink my eyes, etc. Maybe this just highlights my overall ignorance of the security model of Linux and how I can set up a user that doesn't require password identification for nearly every conceivable action available in the KUbuntu distro.

    Ah, and I thought I might mention how horribly rigid Windows feels these days. It almost seems archaic compared to what is available in Kubuntu. I run KUbuntu on my 5 year old laptop and I even use Beryl (3d desktop manager) and it's smooth as silk. It's just as pretty as Aero, far more configurable and a lot easier to use.

  2. #2
    Joined
    Jul 2001
    Location
    UK
    Age
    51
    Posts
    20,229

    Re: Happy linux, happy developer

    Quote Originally Posted by Snowball 2 View Post
    I've been dual-boot with KUbuntu/WinXP for a while now but as my comfort level with KUbuntu continues to rise I find myself using XP less and less. My only problem is that I still need to educate myself on some minor annoyances. Maybe y'all can help me out.
    Let me have a crack at some of these...

    Quote Originally Posted by Snowball 2 View Post
    Issue #1 - When I get to the desktop after booting up I have to enter my password into the KDE Wallet Manager so that my wireless internet can connect. I can't stand doing this every time. How can I fix that to not happen?
    No idea on this one so I'll pass to someone else.

    Quote Originally Posted by Snowball 2 View Post
    Issue #2 - How can I open another shell from within a shell script? Basically I have some software development I'm doing on my PSP and it requires a couple of shells to be opened and commands to be executed. I can handle doing the commands but I just haven't figured out how to spawn multiple shells. Any pointers? I plan on automating a number of repetitive tasks and shell scripts are the way to go.
    hmm... good question. I'm not an expert, but this is what I came up with... launch the command with the -e switch, so if I wanted to 'cat' a file in a new shell:

    Code:
    xterm -e "cat /path/to/somefile | more"
    Note that the xterm window (or spawned shell) exits immediately upon completion of the command, piping to 'more' allows me to see my output. Perhaps if you can give us an example of exactly what you're trying to do we can come up with a solution.

    Quote Originally Posted by Snowball 2 View Post
    Issue #3 - How do I set user credentials in a shell script? For the scripting that I have done I get snagged when whatever context the script is executing under doesn't have any privileges.

    Issue #4 - Why should I ever log into the system as anything other than root? There's a reoccurring theme here with insufficient user privileges.

    When I installed KUbuntu I had it set up a regular user account. The only problem is that nearly 98% of the time you need root access to do anything. My fingers are bleeding from the number of times I've had to type "sudo" and my password just to do anything in the shell, to install software, to blink my eyes, etc. Maybe this just highlights my overall ignorance of the security model of Linux and how I can set up a user that doesn't require password identification for nearly every conceivable action available in the KUbuntu distro.
    Linux uses the security model of "least privileges". This means we always try and run any program, script etc with the least required privileges so if that process gets compromised or is poorly programed and attempts to corrupt the system it can do as little damage as possible. Sure you could just run everything as root but then any process can destroy your whole system. The reason Linux is so much more secure than Windows is due to the whole concept and implementation of privileges.

    What we normally do is create a user (or pseudouser) account for certain tasks, give that account just the privileges it needs and execute the task under that account. Take a web server or mail server for example. Your system may have an apache user or sendmail user that will run those programs with the least privileges required. This is particularly important for publicly facing services that are vulnerable to attack or exploitation.

    So for your scripts you have a number of choices. You could run them as root with no protection. You could give yourself the privileges required to run the script and run it as yourself (but this may involve giving your regular user account more privileges than you really need for day to day purposes), or you could create a new account and assign only the privileges required to run the script.

    Now to logging in as root. If you were to login to the system as root, and I mean at the graphical login screen, then EVERYTHING would be running as root - your desktop (KDE/GNOME) plus everything else you run. Bad idea, very bad idea. So we NEVER login as root. What we do is become root to conduct the tasks we need to do that require root privileges by using the 'su' or 'sudo' command.

    If that sounds like a pain and you get fed up of typing sudo before every command and you have a lot to do as root, then here's a tip. You can open a bash shell as root by simply doing:

    Code:
    sudo bash
    Now you have open a terminal with root privileges and don't need to constantly do 'sudo'

    Basically, you should have permissions to run programs installed on the system and to do anything in your home directory, but anything outside of that is the domain of the system admin so will require root privileges. This is simply Linux fundamental protection against you as the user doing anything stupid. Imagine a scenario in Windows - you browse to an infected website, a virus downloads itself and happily installs itself in the Windows system directory and embeds itself in the registry - it takes over your system. Now imagine the same scenario on Linux when running under your normal user account - that sucker isn't going anywhere outside of your /home directory without you entering the root password - permission denied, plain and simple. Even with restricted user accounts, Windows simply doesn't afford you that level of protection due to it's privileges escalation model - a fudge Windows uses to get around perceived inconveniences by users. Restricted accounts on Windows will restrict the user but little else making them all but useless from a security standpoint - they may stop the user from installing some legitimate software, but they won't stop the installation of malicious software that doesn't follow the rules.

    It's just the UNIX way of doing things. You'll soon get accustomed to it and it will become second nature, and eventually you'll appreciate the ultimate control it gives you over your system, not to mention not having to pay the annual MS antivirus tax or having to do a complete reinstall every time some virus hoses your system. I spend most of my life fixing or trying to secure borked Windows systems and WISH Windows had the same level of protection/security built in that Linux has, but it doesn't.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •