On Thu, 30 Oct 2003, Monique Y. Herman wrote:
> On Thu, 30 Oct 2003 at 15:52 GMT, Kent West penned:
> > I echo Colin's thought. Forget about "su" and use "sudo". It takes an
> > extra 5 keystrokes per command, but it "just works", and in my opinion
> > is better than forgetting you're root and d
On Thu, 30 Oct 2003, Haines Brown wrote:
> > each user has a session and a session key. this key is used to
> > authenticate yourself to the Xserver. Root as a key and each user
> > does.
>
> Yes, that makes sense.
>
> > so when you login as user and then switch to root, it tried to use your
> >
> > I think you got Colin wrong there (Colin please correct me if *I* got
> > you=20 wrong:) . Colin just gave an example how easy it is to exploit
> > the=20 sudo-privilege for using dpkg.
>
> Ah, shoot, you're right. I totally glossed over the sudo example he
> suggested. I blame work; it total
On Fri, 31 Oct 2003 at 00:04 GMT, Pigeon penned:
>
>> >=20 =3D2E..it seems like a good idea on a single-user machine to
>> >allow sudo dpkg -i... sudo dpkg -i make_bash_setuid_root.deb =20
>>=20 I'm a bit confused ... you snipped out the part where I said that
>>it's probably fine for a single-use
On Fri, 31 Oct 2003 at 00:14 GMT, Johannes Zarl penned:
>
> --Boundary-02=_nlao/nYI2HXprUI
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> Content-Description: signed data
> Content-Disposition: inline
>
>> >>=3D20 People keep talking about sud
> >>=20 People keep talking about sudo like it's the cat's meow, and maybe
> >>for a single-user system it is. But sudo documentation very
> >>explicitly warns that, if you're not careful about what you allow, you
> >>could accidentally allow access to far more than you expected.
> >
> >=2E..it se
On Thu, Oct 30, 2003 at 02:45:32PM -0700, Monique Y. Herman wrote:
> On Thu, 30 Oct 2003 at 20:43 GMT, Pigeon penned:
> >
> > --PLVMksexArUZ/iL3 Content-Type: text/plain; charset=us-ascii
> > Content-Disposition: inline Content-Transfer-Encoding:
> > quoted-printable
> >
> > On Thu, Oct 30, 2003
On Thu, 30 Oct 2003 at 20:43 GMT, Pigeon penned:
>
> --PLVMksexArUZ/iL3 Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline Content-Transfer-Encoding:
> quoted-printable
>
> On Thu, Oct 30, 2003 at 11:03:23AM -0700, Monique Y. Herman wrote:
>> On Thu, 30 Oct 2003 at 15:52 GMT
On Thu, Oct 30, 2003 at 11:03:23AM -0700, Monique Y. Herman wrote:
> On Thu, 30 Oct 2003 at 15:52 GMT, Kent West penned:
> > I echo Colin's thought. Forget about "su" and use "sudo". It takes an
> > extra 5 keystrokes per command, but it "just works", and in my opinion
> > is better than forgetting
>
> I read your notes with interest, and indeed you helped clarify
> things. Only now, I've got somehow to undo the xhost command I issued
> before.
>
``xhost -'' does the job.
You all are right concerning the security-issues with xhost. I wasn't aware
how big the issues *really* are. xhost didn
On Thu, 30 Oct 2003 at 15:52 GMT, Kent West penned:
> I echo Colin's thought. Forget about "su" and use "sudo". It takes an
> extra 5 keystrokes per command, but it "just works", and in my opinion
> is better than forgetting you're root and doing something you don't
> want to do.
>
> apt-get insta
> hb> $ xhost +local
> hb> non-network local connection being added to access control list
> hb> $ su
> hb> Password:
> hb> #
>
> Well this doesn't prove anything: you have to run an X application as
> root before you can know whether it worked or not.
>
> This is still a bad
> I echo Colin's thought. Forget about "su" and use "sudo". It takes an
> extra 5 keystrokes per command, but it "just works", and in my opinion
> is better than forgetting you're root and doing something you don't want
> to do.
>
> apt-get install sudo
> visudo, add yourself a line similar to
%% [EMAIL PROTECTED] (Haines Brown) writes:
hb> Johannes,
hb> Took your advice, and that seems to have worked.
hb> $ xhost +local
hb> non-network local connection being added to access control list
hb> $ su
hb> Password:
hb> #
Well this doesn't prove anything: you have to
Haines Brown wrote:
But regularly, we,
running as user, find that we need to do something that requires root's
privileges, and so we "su - root".
. . .
I presume every debian user who is both user and administrator of his
machine (probably the majority) will occasionally want to su to become
r
Haines Brown([EMAIL PROTECTED]) is reported to have said:
> > > My next question has to do with disabling screen blanking and power
> > > saving under X. This also may be the result of moving into a somewhat
> > > different setup when I moved from RedHat to debian.
> > >
> > > I had added to ~/.Xc
On Thu, Oct 30, 2003 at 10:06:35AM -0500, Haines Brown wrote:
> But as the man page points out, the xset commands can be set at "run
> time." Does that mean run time for x server? If so, where would the
> xset command be put? Do you think I could put them into
> /usr/X11R6/lib/X11/xinit/xserverrc ?
> > My next question has to do with disabling screen blanking and power
> > saving under X. This also may be the result of moving into a somewhat
> > different setup when I moved from RedHat to debian.
> >
> > I had added to ~/.Xclients:
> >
> > xset s off
> > xset -dpms
> >
> > But now tha
Haines Brown([EMAIL PROTECTED]) is reported to have said:
> > I don't think anything is broken in your setup. I do seem to
> > recollect that, when I used RH, su- was able to use Xwindows, so it
> > may be that some distros execute this differently.
>
> Yes, Richard, apparently I had work habits
> I don't think anything is broken in your setup. I do seem to
> recollect that, when I used RH, su- was able to use Xwindows, so it
> may be that some distros execute this differently.
Yes, Richard, apparently I had work habits based on the RedHat setup,
and didn't realize that under debian I'd
Johannes,
Took your advice, and that seems to have worked.
$ xhost +local
non-network local connection being added to access control list
$ su
Password:
#
So I gave root access to the X server. Still don't understand why I
had to do this rather than it being the default setup with an
i
On Thu, Oct 30, 2003 at 06:30:14AM -0500, Haines Brown wrote:
> Colin Watson wrote:
> > No, I think if you had actually started X as root then you certainly
> > would have an appropriate $DISPLAY. The issue is not really rootness,
> > it's that $DISPLAY is set in the environment of the X session wh
On Thu, Oct 30, 2003 at 05:40:37AM -0500, Haines Brown wrote:
> > each user has a session and a session key. this key is used to
> > authenticate yourself to the Xserver. Root as a key and each user
> > does.
>
> Yes, that makes sense.
>
> > so when you login as user and then switch to root, it
On Thursday 30 October 2003 12:30, Haines Brown wrote:
[...]
> For years I didn't "loose all that", but could "su - root" as I
> needed. I still don't know whether my system's busted or if it is me
> ;-) That is, is "loosing all that" a natural occurance or a flaw in my
> setup?
[...]
The point is,
> No, I think if you had actually started X as root then you certainly
> would have an appropriate $DISPLAY. The issue is not really rootness,
> it's that $DISPLAY is set in the environment of the X session which is
> run as the user who started X, and .Xauthority is in the home directory
> of the
> user% xhost +
> user% su
> root! xcalc
> but this is an insecure hack since in says anyone can snoop on your
> xserver.
You could also use ``xhost +local:'' so that you don't open your xserver to
the net. ``xhost +'' is something I would only advise for
debugging-purpose only..
Johannes
> each user has a session and a session key. this key is used to
> authenticate yourself to the Xserver. Root as a key and each user
> does.
Yes, that makes sense.
> so when you login as user and then switch to root, it tried to use your
> root key to access the user session-- no go.
? When I l
On Thu, Oct 30, 2003 at 04:45:17AM -0500, Haines Brown wrote:
> > Look what I just found as a new package on unstable:
> >
> > Sux is a wrapper around the standard su command which will transfer your
> > X credentials to the target user.
> >
> > http://sourceforge.net/projects/sux/ ( from http:/
On Thu, 30 Oct 2003, Haines Brown wrote:
> > Please don't CC me. (If somehow my sig isn't clear enough, please let
> > me know how I can make it so.)
>
> My apologies. The current auto CC: is something I did not have before,
> and so I'm not used to removing that line. I was aware I had forgott
> Why not just use 'su' (with no parameters) or 'su - -p'?
>
> -m, -p, --preserve-environment
> do not reset environment variables, and keep the same shell
>
> That will preserve things like X display dettings. Just an idea.
Perhaps it is a philosophical issue, but my inst
> Please don't CC me. (If somehow my sig isn't clear enough, please let
> me know how I can make it so.)
My apologies. The current auto CC: is something I did not have before,
and so I'm not used to removing that line. I was aware I had forgotten
to do that as soon as I had sent the message to yo
> > Application can't initialize because it lacks display name and no
> > $DISPLAY environment variable.
>
> Look what I just found as a new package on unstable:
>
> Sux is a wrapper around the standard su command which will transfer your
> X credentials to the target user.
>
> http://sourc
Monique Y. Herman wrote:
Monique, it displays as it should: :0.0. My problem only with root.
Haines
Please don't CC me. (If somehow my sig isn't clear enough, please let
me know how I can make it so.)
Anyway, the point of my question and your answer: since your normal
user successfully uses th
On Thu, 30 Oct 2003 at 01:16 GMT, Haines Brown penned:
>> > I tried: "set DISPLAY teufel:0.0; export DISPLAY" /root/.profile, but
>> > it. My sytax probably wrong. Can I substitute "localhost" here for
>> > "teufel"?
>>
>> If you're logged in as a normal user, what does
>> env | grep DISPLA
On Wed, 29 Oct 2003 at 18:34 GMT, Haines Brown penned:
> I have more elementary configuration questions arising from my
> transition from RedHat to debian. Sorry to be a pest.
>
> I think this may be is a debian question because user can start the
> FileRunner file manager, but not root. When root
> > I tried: "set DISPLAY teufel:0.0; export DISPLAY" /root/.profile, but
> > it. My sytax probably wrong. Can I substitute "localhost" here for
> > "teufel"?
>
> If you're logged in as a normal user, what does
> env | grep DISPLAY
> show you?
Monique, it displays as it should: :0.0. My p
On Wed, 29 Oct 2003 at 21:53 GMT, Haines Brown penned:
>> > I think this may be is a debian question because user can start the
>> > FileRunner file manager, but not root. When root tries, it gets the
>> > error:
>> >
>> > Application can't initialize because it lacks display name and no
>> >
Haines Brown wrote:
I think this may be is a debian question because user can start the
FileRunner file manager, but not root. When root tries, it gets the
error:
Application can't initialize because it lacks display name and no
$DISPLAY environment variable.
Error stgartup script: can't re
> > I think this may be is a debian question because user can start the
> > FileRunner file manager, but not root. When root tries, it gets the
> > error:
> >
> > Application can't initialize because it lacks display name and no
> > $DISPLAY environment variable.
>
> You're probably using 's
On Wed, 29 Oct 2003 13:04:42 -0700,
"Monique Y. Herman" <[EMAIL PROTECTED]> wrote in message
<[EMAIL PROTECTED]>:
> On Wed, 29 Oct 2003 at 18:34 GMT, Haines Brown penned:
> > I have more elementary configuration questions arising from my
> > transition from RedHat to debian. Sorry to be a pest.
On Wed, 29 Oct 2003 at 18:34 GMT, Haines Brown penned:
> I have more elementary configuration questions arising from my
> transition from RedHat to debian. Sorry to be a pest.
>
> I think this may be is a debian question because user can start the
> FileRunner file manager, but not root. When root
I have more elementary configuration questions arising from my
transition from RedHat to debian. Sorry to be a pest.
I think this may be is a debian question because user can start the
FileRunner file manager, but not root. When root tries, it gets the
error:
Application can't initialize becaus
On Sun, Oct 26, 2003 at 07:57:20AM -0500, Haines Brown wrote:
> As for setting up basic bash configuration, a little experimentation
> shows that this is what I've got (debian 3.0r1).
>
> Root has both .bashrc and .profile, and the configuations (custom bash
> prompt and setterm) can go in either
> Haines Brown([EMAIL PROTECTED]) is reported to have said:
> > prompt and setterm) can go in either place. User has a .bashrc and
> > .bash_profile (there's no .profile), and the configuration must go
> > into the latter. It does not work for me if put into .bashrc.
>
> Do you have
>
> source
David Jardine wrote:
On Sat, Oct 25, 2003 at 10:26:29PM -0500, Kent West wrote:
Haines Brown wrote:
In moving from RedHat to debian, I'm left with some simple little
basic configuration questions. They all relate to a situation in which
I operate at this point from console.
1. Where do
Haines Brown([EMAIL PROTECTED]) is reported to have said:
> > Do you have
> >
> > source .bashrc
> >
> > As the last line of your .bash_profile? That might help.
>
> No, the default (debian3.0r.1) is to comment that in .bash_profile:
>
> # if [ -f ~/.bashrc]; then
> # source ~./bashrc
Haines Brown([EMAIL PROTECTED]) is reported to have said:
> As for setting up basic bash configuration, a little experimentation
> shows that this is what I've got (debian 3.0r1).
>
> Root has both .bashrc and .profile, and the configuations (custom bash
> prompt and setterm) can go in either pla
On Sat, Oct 25, 2003 at 08:57:41PM -0400, Haines Brown wrote:
>
> ...
>
> 3. My usual practice is to avoid xdm and boot to a text login
>prompt. To do this, in rc2.d I belive I edited the symlink to the
>xdm program, renaming "S99xdm ->..." to "K99xdm ->...". But in
>debian I get a beep
Haines Brown wrote:
Which is generated by the "adduser" routine by copying the skeleton
files from /etc/skel. You can add other files in this directory if
you want them to be added to new users' home directories.
Interesting--the plot thickens! So, if one wants to set a global
configuratio
> Which is generated by the "adduser" routine by copying the skeleton
> files from /etc/skel. You can add other files in this directory if
> you want them to be added to new users' home directories.
Interesting--the plot thickens! So, if one wants to set a global
configuration for bash, such as
Haines Brown wrote:
Haines Brown([EMAIL PROTECTED]) is reported to have said:
prompt and setterm) can go in either place. User has a .bashrc and
.bash_profile (there's no .profile), and the configuration must go
into the latter. It does not work for me if put
On Sat, Oct 25, 2003 at 08:57:41PM -0400, Haines Brown wrote:
> In moving from RedHat to debian, I'm left with some simple little
> basic configuration questions. They all relate to a situation in which
> I operate at this point from console.
>
> 1. Where do I set the global bash prompt format? I
> On Sat, Oct 25, 2003 at 09:08:48PM -0500, Ron Johnson wrote:
> >
> > Of course, you could always deinstall xdm :
> > # apt-get --purge remove xdm
>
> apt-get remove --purge xdm
Yes, on second thought, removal might be best, since I'll never use
xdm, and with a new install, this is a good time
> one of the 'freedoms' of debian is that runlevel 2 to 5 are the same. 2 is
> the default runlevel. RH and others have seperate runlevels. Its something
> that confused me and there are some people out there like me who like the
> RH runlevel scheme but havent changed prevailing minds. Oh well!
K
Kev writes:
> one of the 'freedoms' of debian is that runlevel 2 to 5 are the same. 2
> is the default runlevel. RH and others have seperate runlevels. Its
> something that confused me and there are some people out there like me
> who like the RH runlevel scheme but havent changed prevailing minds.
As for setting up basic bash configuration, a little experimentation
shows that this is what I've got (debian 3.0r1).
Root has both .bashrc and .profile, and the configuations (custom bash
prompt and setterm) can go in either place. User has a .bashrc and
.bash_profile (there's no .profile), and
Thanks, Wayne. I had previously done the basic configurations globally
rather than in ~/.bashrc, but your suggestion to do it for each user
has a backup advantage.
Haines
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> On Sat, 2003-10-25 at 19:57, Haines Brown wrote:
> >
> > 1. Where do I set the global bash prompt format? I changed PS1= in
> >/etc/profile, but that only affects user, not root.
> >
> > 2. I had placed the command "setterm -blank 0" in RedHat's
> >/etc/rc.d/rc.local to block screen bl
On Sun, 2003-10-26 at 04:26, David Jardine wrote:
> On Sat, Oct 25, 2003 at 09:08:48PM -0500, Ron Johnson wrote:
>
> >
> > Of course, you could always deinstall xdm :
> > # apt-get --purge remove xdm
>
> apt-get remove --purge xdm
Doesn't matter which way it's ordered.
# apt-get -s remove --pu
On Sat, Oct 25, 2003 at 09:08:48PM -0500, Ron Johnson wrote:
> On Sat, 2003-10-25 at 19:57, Haines Brown wrote:
> >
> > 3. My usual practice is to avoid xdm and boot to a text login
> >prompt. To do this, in rc2.d I belive I edited the symlink to the
> >xdm program, renaming
On Sat, 25 Oct 2003, Haines Brown wrote:
> In moving from RedHat to debian, I'm left with some simple little
> basic configuration questions. They all relate to a situation in which
> I operate at this point from console.
>
> 1. Where do I set the global bash prompt format? I changed PS1= in
>
On Sat, Oct 25, 2003 at 10:26:29PM -0500, Kent West wrote:
> Haines Brown wrote:
>
> >In moving from RedHat to debian, I'm left with some simple little
> >basic configuration questions. They all relate to a situation in which
> >I operate at this point from console.
> >
> >1. Where do I set the g
On Sat, Oct 25, 2003 at 09:08:48PM -0500, Ron Johnson wrote:
>
> Of course, you could always deinstall xdm :
> # apt-get --purge remove xdm
apt-get remove --purge xdm
--
David Jardine
"Running Debian GNU/Linux and
loving every minute of it." -Sacher M.
--
To UNSUBSCRIBE, email to [EMAIL PR
Haines Brown wrote:
In moving from RedHat to debian, I'm left with some simple little
basic configuration questions. They all relate to a situation in which
I operate at this point from console.
1. Where do I set the global bash prompt format? I changed PS1= in
/etc/profile, but that only aff
On Sat, 2003-10-25 at 19:57, Haines Brown wrote:
> In moving from RedHat to debian, I'm left with some simple little
> basic configuration questions. They all relate to a situation in which
> I operate at this point from console.
>
> 1. Where do I set the global bash prompt format? I changed PS1=
Haines Brown([EMAIL PROTECTED]) is reported to have said:
> In moving from RedHat to debian, I'm left with some simple little
> basic configuration questions. They all relate to a situation in which
> I operate at this point from console.
>
> 1. Where do I set the global bash prompt format? I cha
In moving from RedHat to debian, I'm left with some simple little
basic configuration questions. They all relate to a situation in which
I operate at this point from console.
1. Where do I set the global bash prompt format? I changed PS1= in
/etc/profile, but that only affects user, not root.
67 matches
Mail list logo