[DNG] How do you remove colour/color text from Vi/vim?
This annoyance has crept into my system some time ago and I can not figure out how to banish it. I've looked through all the personal and sysem config files and can not find a switch to tern off text colourisation. All I want or need vi for is a simple black text on white(grey actually) editor. I have no problem configuring that for xterms. I do not need or want different coloured text, which always gets in the road on simple editing tasks. TIA. FWIW I use *edit when I can use colours for bracket matching, level, etc, as in latex. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
Quoting al3xu5 / dotcommon (dotcom...@autistici.org): > I am using Devuan (2.1) + MATE DE since 08/2016... > Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? A possibly novel thought: How about starting your exploration with 'none of the above'? Based on your description of your usage of Linux, I am puzzled by your impilicit assumption that you must use a Desktop Environment. It sounds to me like that is simply untrue. I'm also puzzled by your assumption that doing a comparison would require 'too much time doing long experiments'. In my experience, that is not the case. Try, for starters, window managers without the DE complications. You might like one, and thus be better off. http://www.xwinman.org/ (always a bit out of date, but always useful) > So what you suggest should be the first choice to bet on? Try a few classic window managers such as OpenBox, Blackbox, FVWM, WindowMaker, etc. Don't 'bet on' one. Exercise your birthright of freedom to explore what is available. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed?
On 2020-02-25 11:11, Hendrik Boom wrote: Which is the reason for a capability architecture. Is there anything resembling that in GNU/Linux userspace? Kind of, not really. There is something similar to role based access control, namely the unix file permission model, which is a kind of DAC. Users and groups (=roles), can have different permissions on files (reading, writing, executing). Then there are the security modules. These can extend that functionality, which is usually used to add some kind of MAC. For processes / syscalls, Linux has capabilities as a replacement for things usually reserved for root, but these usually aren't very useful, they are crude and can often be used to escalate to root anyway. For syscalls, there is also seccomp, but it's hard to use and architecture dependent, and it will break applications which use it regularly. Something which is currently missing is a way to manage permissions for specific ioctls. Usually, its per device, and some ioctls need need read or write permissions to the fd. Sometimes, that's suficent, sometimes not. There is kind of a horrible situation with /dev/dri/card* devices, if I remember correctly, you need root for the ioctls to become drm master and do modesetting, even if you have read and write permissions to the file, which is why this is delegated to logind or a suid binary, I think? One way to resolve this would be to splitt those card devices into multiple ones, but I don't think that's going to happen. I don't think configurable supplementary group based per ioctl permissions are going to happen either. Except maybe as an LSM. One interesting thing about files is that permissions are only checked when those are opened. A file descriptor is like an access token. And they can be sent over unix sockets, which can also be files. Those file descriptors are unrevokable, though. There is also a small problem with the DAC permission model. A process has only one set of user, group, supplementary groups. This means, either you can use them to restrict a program, or you can use them to restrict a user, but you can't have restrictions based on a user and a program. I was thinking a lot about this at some point, and wanted to write an LSM for that at some point, but I never got to to it. I did write down my thoughts, although retrospectively, I did make various mistakes and misused some terminology there in there: https://github.com/Daniel-Abrecht/Discretionary-Program-Access-Control/blob/proposal/Discretionary%20Program%20Access%20Control.md It's possible that there are still some other access control mechanisms I don't know of yet. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
On Tue, 25 Feb 2020, al3xu5 / dotcommon wrote: > Hi all > > I am using Devuan (2.1) + MATE DE since 08/2016... > Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? You've had lots of comments, but nobody has asked you WHY you wish to change. What is wrong with MATE, for you? > > Please, based on your experience and knowledge of Devuan and DEs, can > you help me in choosing (avoiding me to invest too much time doing long > experiments)? > > Consider that I mainly use office applications (libreoffice), realtime audio > (rec, play, editing) jack + alsa (no pulseaudio), graphical editing with icc > color management (mainly gimp and inkscape), scripting (mainly bash, html + > css > + php ), virtualization with qemu-kvm and virt-manager ... and I would like a > de that has the least dependencies but also remains stable and "comfortable" > in > configuration, personalization and use... > > So what you suggest should be the first choice to bet on? > > Thanks in advance > > -- > al3xu5 > > Say NO to copyright, patents, trademarks and any industrial design > restrictions. > > Public GPG/PGP key > ID: 4096 bit RSA key F94CFE23 > Fingerprint: 59C6 9DC7 CD4B CF2F A190 E3DE 69C5 977B F94C FE23 > ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
On Tue, 25 Feb 2020 22:44:10 +0100 Harald Arnesen via Dng wrote: > Do you drink beer or wine, Pepsi or Coke? Same thing. emacs or vi, it's all text. ;) ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
On Tue, 25 Feb 2020 16:29:58 +0100 al3xu5 / dotcommon wrote: > and I would like a > de that has the least dependencies but also remains stable and > "comfortable" in configuration, personalization and use... I've only had XFCE experience out of your three, and that's really only because I prefer Openbox. My install inherits a lot of simple UI and hotkeys that I've customized over the years[1] (all the way from Blackbox), but I wouldn't call it particularly easy to customize if you're looking for GUI tools outside of basic window style/colors. Regarding "stable and comfortable". They have a large user base and are mature projects, so they're stable. Devuan inherits these things from Debian. For comfortable, all DEs are, by their nature, kind of the same thing until you look at philosophy-oddities like those built around something like ratpoison.[2] Regarding dependencies, is this simply a philosophy issue or is there some reason behind this? There could be "a lot" of dependencies for one DE, but it's because the design is to shatter all the functionality into independent specialized packages, which is actually a really great thing. If you're concerned about "lightness" then that's difficult to pin down and there are a lot of poorly-backed claims about this. Lightness tends to be another philosophy issue and isn't at all important to today's computers until you get to environments with 3D windowing effects and the like. I don't think a desktop environment would have any impact on your choice of applications. I've also run without pulseaudio and most of your applications with no difficulty. (Though I'm not familiar with icc color management at all, does that matter to the desktop environment?) [1] https://github.com/spiralofhope/misc-configuration/blob/master/live/openbox/rc.xml [2] http://www.nongnu.org/ratpoison/ ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
al3xu5 / dotcommon [25/02/2020 16.29]: > I am using Devuan (2.1) + MATE DE since 08/2016... > Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? Do you drink beer or wine, Pepsi or Coke? Same thing. -- Hilsen Harald ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
il devuanizzato al3xu5 / dotcommon il 25-02-20 16:29:58 ha scritto: Hi all I am using Devuan (2.1) + MATE DE since 08/2016... Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? LXDE is ancestor of LXQt. However is a wonderful DE mostly with openbox combination. Openbox is great even alone. Please, based on your experience and knowledge of Devuan and DEs, can you help me in choosing (avoiding me to invest too much time doing long experiments)? I would install in your place all WM/DE that I would try. Then remove all graphical login manager and use WM/DE launcher (ax) available here: https://notabug.org/viverna/ax So what you suggest should be the first choice to bet on? LXDE+openbox for me or openbox only. -- _ < Viverna > - \^/^ \ / \ // \ \ |\___/| / \// .\ \ /0 0 \__ /// | \ \ ** / / \/_/// | \ \ \ | @_^_@`/ \/_ //| \ \ \/\ \ //_^_/ \/_ // |\\ \ \ ( //) |\/// | \ \ | | ( / /) | // | \ _\ | / ( // /) | ; -.|_ _\.-~ / / (( / / )) |_ *-.|.-~-. .~~ (( // / ))\ / ~-. _ .-~ / (( /// )) `. }{ / (( / )) .~-.\\-` .~ ///...<\ _ -~ ///-._ _ _ _ _ _ _{^ - - - - ~ ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
Hi, En 25 de febrero de 2020 20:40:12 Tito via Dng escribió: On 2/25/20 4:40 PM, Dr. Nikolaus Klepp wrote: Hi! Anno domini 2020 Tue, 25 Feb 16:29:58 +0100 al3xu5 / dotcommon scripsit: Hi all I am using Devuan (2.1) + MATE DE since 08/2016... Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? Please, based on your experience and knowledge of Devuan and DEs, can you help me in choosing (avoiding me to invest too much time doing long experiments)? IMO you should definitly try TDE https://trinitydesktop.org ... but you could also say that I'm a bit biased here :) Nik Consider that I mainly use office applications (libreoffice), realtime audio (rec, play, editing) jack + alsa (no pulseaudio), graphical editing with icc color management (mainly gimp and inkscape), scripting (mainly bash, html + css + php ), virtualization with qemu-kvm and virt-manager ... and I would like a de that has the least dependencies but also remains stable and "comfortable" in configuration, personalization and use... So what you suggest should be the first choice to bet on? Thanks in advance Hi, I have XFCE and KDE installed and both work, but I mostly use XFCE (with some KDE apps) because it is more lightweight and because KDE sometimes at random reshuffle my desktop icons which I hate... Ciao, Tito Imho, the best DE is the one not drawing attention to itself; this is the reason why i mostly use a window-manager instead. Aitor. Enviado con AquaMail para Android https://www.mobisystems.com/aqua-mail ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
il devuanizzato al3xu5 / dotcommon il 25-02-20 16:29:58 ha scritto: Hi all I am using Devuan (2.1) + MATE DE since 08/2016... Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? LXDE is ancestor of LXQt. However is a wonderful DE mostly with openbox combination. Openbox is great even alone. Please, based on your experience and knowledge of Devuan and DEs, can you help me in choosing (avoiding me to invest too much time doing long experiments)? I would install in your place all WM/DE that I would try. Then remove all graphical login manager and use WM/DE launcher (ax) available here: https://notabug.org/viverna/ax So what you suggest should be the first choice to bet on? LXDE+openbox for me or openbox only. -- _ < Viverna > - \^/^ \ / \ // \ \ |\___/| / \// .\ \ /0 0 \__ /// | \ \ ** / / \/_/// | \ \ \ | @_^_@`/ \/_ //| \ \ \/\ \ //_^_/ \/_ // |\\ \ \ ( //) |\/// | \ \ | | ( / /) | // | \ _\ | / ( // /) | ; -.|_ _\.-~ / / (( / / )) |_ *-.|.-~-. .~~ (( // / ))\ / ~-. _ .-~ / (( /// )) `. }{ / (( / )) .~-.\\-` .~ ///...<\ _ -~ ///-._ _ _ _ _ _ _{^ - - - - ~ ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
On 2/25/20 4:40 PM, Dr. Nikolaus Klepp wrote: Hi! Anno domini 2020 Tue, 25 Feb 16:29:58 +0100 al3xu5 / dotcommon scripsit: Hi all I am using Devuan (2.1) + MATE DE since 08/2016... Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? Please, based on your experience and knowledge of Devuan and DEs, can you help me in choosing (avoiding me to invest too much time doing long experiments)? IMO you should definitly try TDE https://trinitydesktop.org ... but you could also say that I'm a bit biased here :) Nik Consider that I mainly use office applications (libreoffice), realtime audio (rec, play, editing) jack + alsa (no pulseaudio), graphical editing with icc color management (mainly gimp and inkscape), scripting (mainly bash, html + css + php ), virtualization with qemu-kvm and virt-manager ... and I would like a de that has the least dependencies but also remains stable and "comfortable" in configuration, personalization and use... So what you suggest should be the first choice to bet on? Thanks in advance Hi, I have XFCE and KDE installed and both work, but I mostly use XFCE (with some KDE apps) because it is more lightweight and because KDE sometimes at random reshuffle my desktop icons which I hate... Ciao, Tito ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
On Tue, Feb 25, 2020 at 04:29:58PM +0100, al3xu5 / dotcommon wrote: > Hi all > > I am using Devuan (2.1) + MATE DE since 08/2016... > Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? I've used XFCE and LXQt. I hapen to be using LXQt now. I'm happy with either. I'm also happy with Icewm. My advice: just instal aall three. Use a different one every day. You get to choose one when you log in. You'll know which you like quite soom while doing your normal workload. And my guess is that you'll soon discover that it doesn't matter much. > > Please, based on your experience and knowledge of Devuan and DEs, can > you help me in choosing (avoiding me to invest too much time doing long > experiments)? The only significant time you'll "invest" is the time to install them. The "experiments" will be just doing what you normally do on your computer. Something yuo'll be doing anyway. -- hendrik > > Consider that I mainly use office applications (libreoffice), realtime audio > (rec, play, editing) jack + alsa (no pulseaudio), graphical editing with icc > color management (mainly gimp and inkscape), scripting (mainly bash, html + > css > + php ), virtualization with qemu-kvm and virt-manager ... and I would like a > de that has the least dependencies but also remains stable and "comfortable" > in > configuration, personalization and use... > > So what you suggest should be the first choice to bet on? > > Thanks in advance > > -- > al3xu5 > > Say NO to copyright, patents, trademarks and any industrial design > restrictions. > > Public GPG/PGP key > ID: 4096 bit RSA key F94CFE23 > Fingerprint: 59C6 9DC7 CD4B CF2F A190 E3DE 69C5 977B F94C FE23 > ___ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed?
Hi Tom En 25 de febrero de 2020 18:39:51 tom escribió: On Mon, 24 Feb 2020 14:33:25 +0100 Tito via Dng wrote: and only for known "safe" commands. For everything else, it'd be much better to just log in on a tty as root. Same goes for su. for sudo only if set userALL=(ALL:ALL) ALL or if the user is added to the sudo group # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL if used for single commands it should not be a problem unless you allow to open a root xterm To replace su or sudo binary you need root so at this point the system is already compromised. The use with no password solves one problem but creates others like everybody being able to wreck the system with synaptic or gparted as soon as they find an unattended desktop. Don't want my mom to use synaptic..just mail and browser. just so you know, it's more traditional and portable to allow the wheel group to sudo, not have a separate sudo group. https://en.wikipedia.org/wiki/Wheel_%28computing%29 %wheel ALL=(ALL:ALL) ALL Wheel seems to be analogous to sudo, but focused to other diferent unix systems (like, for example, BSD). Am I wrong? Aitor. Enviado con AquaMail para Android https://www.mobisystems.com/aqua-mail ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed?
On Mon, 24 Feb 2020 14:33:25 +0100 Tito via Dng wrote: > and only for known "safe" commands. For everything else, it'd be much > better to just log in on a tty as root. Same goes for su. > > for sudo only if set > > userALL=(ALL:ALL) ALL > > or if the user is added to the sudo group > > # Allow members of group sudo to execute any command > %sudo ALL=(ALL:ALL) ALL > > if used for single commands it should not be a problem > unless you allow to open a root xterm > To replace su or sudo binary you need root so at this point > the system is already compromised. > The use with no password solves one problem but creates others > like everybody being able to wreck the system with synaptic > or gparted as soon as they find an unattended desktop. > Don't want my mom to use synaptic..just mail and browser. just so you know, it's more traditional and portable to allow the wheel group to sudo, not have a separate sudo group. https://en.wikipedia.org/wiki/Wheel_%28computing%29 %wheel ALL=(ALL:ALL) ALL -- / Hello... IRON CURTAIN? Send over a \ | SAUSAGE PIZZA! World War III? No | \ thanks!/ \ \ /\ /\ //\\_//\\ \_ _// / / * * \/^^^] \_\O/_/[ ] / \_[ / \ \_ / / [ [ / \/ _/ _[ [ \ /_/ ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Which DE?
Hi! Anno domini 2020 Tue, 25 Feb 16:29:58 +0100 al3xu5 / dotcommon scripsit: > Hi all > > I am using Devuan (2.1) + MATE DE since 08/2016... > Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? > > Please, based on your experience and knowledge of Devuan and DEs, can > you help me in choosing (avoiding me to invest too much time doing long > experiments)? IMO you should definitly try TDE https://trinitydesktop.org ... but you could also say that I'm a bit biased here :) Nik > Consider that I mainly use office applications (libreoffice), realtime audio > (rec, play, editing) jack + alsa (no pulseaudio), graphical editing with icc > color management (mainly gimp and inkscape), scripting (mainly bash, html + > css > + php ), virtualization with qemu-kvm and virt-manager ... and I would like a > de that has the least dependencies but also remains stable and "comfortable" > in > configuration, personalization and use... > > So what you suggest should be the first choice to bet on? > > Thanks in advance > -- Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ... ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Which DE?
Hi all I am using Devuan (2.1) + MATE DE since 08/2016... Now I wish to change DE but I am in doubt: XFCE or LXDE or LXQt??? Please, based on your experience and knowledge of Devuan and DEs, can you help me in choosing (avoiding me to invest too much time doing long experiments)? Consider that I mainly use office applications (libreoffice), realtime audio (rec, play, editing) jack + alsa (no pulseaudio), graphical editing with icc color management (mainly gimp and inkscape), scripting (mainly bash, html + css + php ), virtualization with qemu-kvm and virt-manager ... and I would like a de that has the least dependencies but also remains stable and "comfortable" in configuration, personalization and use... So what you suggest should be the first choice to bet on? Thanks in advance -- al3xu5 Say NO to copyright, patents, trademarks and any industrial design restrictions. Public GPG/PGP key ID: 4096 bit RSA key F94CFE23 Fingerprint: 59C6 9DC7 CD4B CF2F A190 E3DE 69C5 977B F94C FE23 pgpTf8IKehFnR.pgp Description: Firma digitale OpenPGP ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed?
On 2/24/20 7:21 AM, Daniel Abrecht via Dng wrote: > One last, only partially related thing. Does anyone know how to get polkit > agents working properly? If I start `lxqt-policykit-agent`, for example, > pkexec won't work. If I start it as `su -c 'lxqt-policykit-agent'`, it > does, but I'm pretty sure that's not the right way to do this. I'm > currently on devuan beowulf, but I think debian users may have similar > problems, I think systemd/logind people may have broken something in > polkit... > > > Regards, > Daniel Abrecht > I have a beowulf lxqt in a VM, and synaptic-pkexec works correctly. Here's all the lxqt, policykit and polkit stuff that's running: user 2438 2429 0 10:09 ?00:00:00 lxqt-session root 2479 1 0 10:09 ?00:00:00 /usr/lib/policykit-1/polkitd --no-debug user 2491 2438 0 10:09 ?00:00:00 /usr/bin/pcmanfm-qt --desktop --profile=lxqt user 2492 2438 0 10:09 ?00:00:00 /usr/bin/lxqt-globalkeysd user 2493 2438 0 10:09 ?00:00:00 /usr/bin/lxqt-notificationd user 2494 2438 1 10:09 ?00:00:03 /usr/bin/lxqt-panel user 2495 2438 0 10:09 ?00:00:00 /usr/bin/lxqt-policykit-agent user 2498 2438 0 10:09 ?00:00:00 /usr/bin/lxqt-runner user 2669 2438 0 10:09 ?00:00:00 /usr/bin/lxqt-powermanagement Here's a list of all the kit-related packages that are installed. ii elogind 241.3-1 amd64user, seat and session management daemon ii gir1.2-polkit-1.0 0.105-25+devuan7~beowulf1 amd64GObject introspection data for PolicyKit ii libelogind0:amd64 241.3-1 amd64user, seat and session management library ii libpam-cap:amd64 1:2.25-2 amd64POSIX 1003.1e capabilities (PAM module) ii libpam-elogind:amd64 241.3-1 amd64elogind PAM module ii libpam-gnome-keyring:amd643.28.2-5 amd64PAM module to unlock the GNOME keyring upon login ii libpam-modules:amd64 1.3.1-5 amd64Pluggable Authentication Modules for PAM ii libpam-modules-bin1.3.1-5 amd64Pluggable Authentication Modules for PAM - helper binaries ii libpam-runtime1.3.1-5 all Runtime support for the PAM library ii libpam0g:amd641.3.1-5 amd64Pluggable Authentication Modules library ii libpolkit-agent-1-0:amd64 0.105-25+devuan7~beowulf1 amd64PolicyKit Authentication Agent API ii libpolkit-backend-1-0 0.105-25+devuan7~beowulf1 all PolicyKit Authorization API ii libpolkit-backend-elogind-1-0:amd64 0.105-25+devuan7~beowulf1 amd64PolicyKit backend API ii libpolkit-gobject-1-0 0.105-25+devuan7~beowulf1 all PolicyKit Authorization API ii libpolkit-gobject-elogind-1-0:amd64 0.105-25+devuan7~beowulf1 amd64PolicyKit Authorization API ii libpolkit-qt5-1-1:amd64 0.112.0-6 amd64PolicyKit-qt5-1 library ii lxqt-policykit0.14.1-1 amd64LXQt authentication agent for PolicyKit ii lxqt-policykit-l10n 0.14.1-1 all Language package for lxqt-policykit ii policykit-1 0.105-25+devuan7~beowulf1 amd64framework for managing administrative policies and privileges HTH, fsmithred ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed?
On Tue, Feb 25, 2020 at 03:05:27AM -0500, Steve Litt wrote: > On Mon, 24 Feb 2020 12:21:16 + > Daniel Abrecht via Dng wrote: > > > > So next, why is dbus needed? > > dbus is a message bus. There usually is one for the whole system, and > > one for each session. > > There are various uses and missuses for it, but I think the most > > crucial things are: > > * Notify any process interested in something of these things. > > * Tell other programs which can do something to do something. > > The cost is the world's biggest modularity global variable. Everyone > can write it, everyone can read it. Yeah, there are ways of aiming a > dbus message at a specific process (I think), but just tracing stuff > through dbus is incredibly daunting. > > > This can be useful for various things, for example: > > * A program may want to now if a device got rotated, so it can > > rotate a screen. > > Or, you can use dmenu to call a script that rotates the screen. It's > not automagical, but it gets the ultimate railroad switchyard dbus out > of the loop. > > > * A wlan management gui may want to tell it's daemon that it shall > > connect to a wlan, and it may want to know what connections it > > already has and manages. > > Sockets (You address this later). > > > * A phone call application may want to ring when a call arrives, or > > it may want to let the user initiate a call. > > I don't understand the relationship between this one and dbus. Phone > call comes in, the app decides what to do. > > > > > Now, those examples are mainly things that would need the system bus. > > I couldn't come up with a good example solely within a user > > session/bus, but I'm sure these exist too, especially because dbus > > doesn't need a graphical session. > > > > And with that, back to polkit. > > My understanding is that the systemd folks have coopted/kidnapped > polkit. If that's true, my life would be simpler doing a few things > manually, or writing a few more shellscripts. > > > It'd be bad if just > > everyone/everything could do system level stuff, so per default, > > noone can. But that would make dbus useless for a lot of things. > > This is the problem polkit is there to solve, there are config files > > specifying who (user, group, etc.) can see/use which methods calls, > > signals/messages, etc. > > I can't think of it at a moment's notice, but there's got to be a > better way than the global switchyard dbus and the systemd coopted > polkit. > > > > Without dbus, applications & daemons could do similar things using > > unix sockets. However, then, every application would need their own > > socket, permission management, configs, etc. > > The preceding is true only if every app needed to be in every other > app's business. For the vast majority of them, this just isn't true. > For the few that need this, there are sockets, fifos, and signals. > > > > This would have the same > > security implications as just using dbus, which also just uses unix > > sockets, but would leave a bigger attack surface, and a lot of > > scattered security critical configs with different formats. > > If every app required it. In a client-server situation, the user of the > server would need to be in a specific group. If it's even that > important. I don't really care if somebody else gets into my mplayer > fifo. > > > > > Now, there is also the approach of using a suid binary for the > > privileged stuff. As a good and bad thing, just like sudo, this can't > > escape a container, unlike a unix socket passed to one could. > > However, it would leave the problem of a bigger attack surface, and a > > lot of scattered security critical configs with different formats, > > and is very difficult to get right. > > I think suid binaries have fallen out of favor, for the reasons you > mention. > > In summary, I would fully agree with you if everything absolutely had > to talk to everything else. But such permiscuous talking leads to all > sorts of problems. Encapsulation is a wonderful thing for stability and > maintainability. Which is the reason for a capability architecture. Is there anything resembling that in GNU/Linux userspace? -- hendrik > > SteveT > > Steve Litt > February 2020 featured book: Thriving in Tough Times > http://www.troubleshooters.com/thrive > ___ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed?
Le 25/02/2020 à 09:05, Steve Litt a écrit : On Mon, 24 Feb 2020 12:21:16 + Daniel Abrecht via Dng wrote: ... Without dbus, applications & daemons could do similar things using unix sockets. However, then, every application would need their own socket, permission management, configs, etc. The preceding is true only if every app needed to be in every other app's business. For the vast majority of them, this just isn't true. For the few that need this, there are sockets, fifos, and signals. Yep, socket, signals, fifos, inotify, netlink, semaphores, shared-memory, what else? It's probably possible to build some well thought middleware with these, but Dbus isn't that one. Dbus more complicated than the others, and cast against C++ concepts, which isn't a sign of quality. It was designed to match the needs of the two biggest integrated blobs ever written for Linux, Gnome and KDE. The aim is to "facilitate" a few things for the user, but it's a little gain for a huge cost. This would have the same security implications as just using dbus, which also just uses unix sockets, but would leave a bigger attack surface, and a lot of scattered security critical configs with different formats. If every app required it. In a client-server situation, the user of the server would need to be in a specific group. If it's even that important. I don't really care if somebody else gets into my mplayer fifo. Now, there is also the approach of using a suid binary for the privileged stuff. As a good and bad thing, just like sudo, this can't escape a container, unlike a unix socket passed to one could. However, it would leave the problem of a bigger attack surface, and a lot of scattered security critical configs with different formats, and is very difficult to get right. I think suid binaries have fallen out of favor, for the reasons you mention. Well, suid binaries are still the only way to obtain root priviledge. pkexec is one more; it does the same thing as login, su, and sudo, in a different way. Didier ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed?
On Mon, 24 Feb 2020 12:21:16 + Daniel Abrecht via Dng wrote: > So next, why is dbus needed? > dbus is a message bus. There usually is one for the whole system, and > one for each session. > There are various uses and missuses for it, but I think the most > crucial things are: > * Notify any process interested in something of these things. > * Tell other programs which can do something to do something. The cost is the world's biggest modularity global variable. Everyone can write it, everyone can read it. Yeah, there are ways of aiming a dbus message at a specific process (I think), but just tracing stuff through dbus is incredibly daunting. > This can be useful for various things, for example: > * A program may want to now if a device got rotated, so it can > rotate a screen. Or, you can use dmenu to call a script that rotates the screen. It's not automagical, but it gets the ultimate railroad switchyard dbus out of the loop. > * A wlan management gui may want to tell it's daemon that it shall > connect to a wlan, and it may want to know what connections it > already has and manages. Sockets (You address this later). > * A phone call application may want to ring when a call arrives, or > it may want to let the user initiate a call. I don't understand the relationship between this one and dbus. Phone call comes in, the app decides what to do. > > Now, those examples are mainly things that would need the system bus. > I couldn't come up with a good example solely within a user > session/bus, but I'm sure these exist too, especially because dbus > doesn't need a graphical session. > > And with that, back to polkit. My understanding is that the systemd folks have coopted/kidnapped polkit. If that's true, my life would be simpler doing a few things manually, or writing a few more shellscripts. > It'd be bad if just > everyone/everything could do system level stuff, so per default, > noone can. But that would make dbus useless for a lot of things. > This is the problem polkit is there to solve, there are config files > specifying who (user, group, etc.) can see/use which methods calls, > signals/messages, etc. I can't think of it at a moment's notice, but there's got to be a better way than the global switchyard dbus and the systemd coopted polkit. > > Without dbus, applications & daemons could do similar things using > unix sockets. However, then, every application would need their own > socket, permission management, configs, etc. The preceding is true only if every app needed to be in every other app's business. For the vast majority of them, this just isn't true. For the few that need this, there are sockets, fifos, and signals. > This would have the same > security implications as just using dbus, which also just uses unix > sockets, but would leave a bigger attack surface, and a lot of > scattered security critical configs with different formats. If every app required it. In a client-server situation, the user of the server would need to be in a specific group. If it's even that important. I don't really care if somebody else gets into my mplayer fifo. > > Now, there is also the approach of using a suid binary for the > privileged stuff. As a good and bad thing, just like sudo, this can't > escape a container, unlike a unix socket passed to one could. > However, it would leave the problem of a bigger attack surface, and a > lot of scattered security critical configs with different formats, > and is very difficult to get right. I think suid binaries have fallen out of favor, for the reasons you mention. In summary, I would fully agree with you if everything absolutely had to talk to everything else. But such permiscuous talking leads to all sorts of problems. Encapsulation is a wonderful thing for stability and maintainability. SteveT Steve Litt February 2020 featured book: Thriving in Tough Times http://www.troubleshooters.com/thrive ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] why is polkit needed?
Le 25/02/2020 à 08:17, marc a écrit : Hello I would like to add my point of view to the polkit debate. And they are well thought out comments :) All things considered, I think for the purpose of interacting with system level daemons/services and managing related permissions, especially in cases more complex than simply shutting down the system for example, dbus + polkit is a very nice solution, especially considering the alternatives. It does have some flaws, though, such as noone knowing how to correctly configure it, for example. I think that isn't quite enough to redeem polkit. I have the following reservations about it - it is written by the same/similar group that has written systemd, and many of their design decisions are very poor IMNSHO (I'd like use stronger words) and they have a habit of merging/entangling their code so that it becomes one big hairy mess. Devuan maintainers know how hard it is to disentangle that. On the systems I run, my first step is to remove avahi, pulse, systemd (thanks devuan), polkit, network manager and dbus. I find after that the system uses way less RAM and behaves more predictably - so when I configure it, it stays configured. The critique of polkit specifically relates to its poor config infrastructure - it is written in XML, this not only drags in another huge dependency, but is just ugly. XML was the fashion a decade or two ago, but is a bad idea for config files. It might be human readable, but barely so... The other problem of polkit and dbus is that it breaks the inheritance model of unix (a process is a child of some other one and inherits a subset of its capabilities, ignoring setuid). Changing this adds many complications, and makes chroot and containers a lot more complex to secure... Regarding gksudo, I think it's intended use case is an awful thing as well. The very Idea of asking for a users password for starting a more privileged process is a bad one. It means that if the user account is breached, as soon as sudo or gksudo is used to obtain root, it could have been replaced (z.B. by changing the PATH, setting an alias, etc.) by an attacker to get the password instead, and then compromise the rest of the system. In my opinion, sudo should always be used in such a way as to work without password, and only for known "safe" commands. For everything else, it'd be much better to just log in on a tty as root. Same goes for su. No argument with that - that is a most sound argument. I would be nice if distributions could make that part of their standard documentation ("to upgrade a package, please press control-alt-F2, log in as root and type xxx"). There is even a fancy word we can use for "control-alt-F2", the "trusted path" or maybe even the "secure attention" keys. Maybe even reserve a certain tty so that a login there spawns the package management tool... regards marc Sorry, but synaptic is popular for a reason: it gives a large and sensible view of packages, something apt or apt-get can't do. For what concerns aptitude, I've seen two persons able to make sense out of it, but I never could. Didier ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng