Mailinglist Archive: opensuse (1264 mails)

< Previous Next >
Re: [opensuse] konsole
On 19/06/17 10:45 AM, Wols Lists wrote:
On 18/06/17 20:14, Anton Aylward wrote:
My 'regular' tabs start with "bash -l" so i have to enter my GPG-agent
pass-phrases for each. My root shell is there asking for a password.

My tabs - all of them - start however konsole does it. Whatever the
default is. I've done nothing special - nothing at all to the best of my
memory.

You don't have to.
If you'd followed up on some of my earlier posts you'd have noticed that there
is a system wide config for konsole in /usr share which defines the "command"
setting for both regular tabs and for root tabs.

that gets copied, when you close a session, into ~/.local.
Any edits you make in the GUI or to the files in ~/.local override, for you, in
subsequent startups of konsole, those global settings.

you don't have to run strace on konsole to see it doing this: its documented!



The restored root tab asks for the password.

I don't have - again, never have, iirc - a root tab.

As I've said many times, menubar: File -> New Tab -> Root tab is the preferred
way to get root. Its clean and its going to make sure that the proper
environment is set up. As Carlos points out, you absolutely need that proper
environment if you don't want to bugger up your config.


I really don't understand why you want to fight things that are supplied to make
it easier for you.


Unlike you I don't believe that somehow bypassing the root password to access
root privileges is a Good Thing. The tab is there. If and when, which is
not
every day, I need a root shell, it is there.

Nor do I. If I need root privileges, I take an existing tab, do a "su"
(which asks me for the password), and either exit when I'm finished, or
expect it to disappear on logout.

And that can, as Carlos points out, lead you into problems, potentially screwing
up your config.

Which is why I say the proper way is to use the mechanism built into konsole for
creating a root tab.

And, as I said, you can exit that tab and the whole tab, the whole environment,
goes away when "ctrl-D".





I've tried, Patrick has tried, to get over the idea of a root login being
different from a change in the effective UID with a simplistic "su".

I don't understand your point. I *ONLY* *EVER* use "su". *My* behaviour
is consistent. Linux' response is not. (I do understand the difference,
I just can't see why it has any bearing on why linux is being inconsistent.)

Did you run the three way test, the three "env" output files and "diff3" as I
suggested? Didn't you see the point?



To repeat - if konsole is open when I log out, it is restored when I log
back in. That much is consistent, and hunky dory.

If one of the tabs was changed to root, by using su, after a
logout/login the system *sometimes but not always* asks me for the root
password, then if I give it the password it does nothing - at least a> far as
I can see - with it.

So far, we seem to either be unable to replicate that or don't get your point.

Again, try a test in non-graphics mode.

Log in as root.
Now run 'su'.
Did it ask for a password?

Now, instead, run "su -".
What difference?

Now try the same as a regular user.

If the system asked me for the root password last time I logged in, it
*sometimes but not always* asks me the next time, with the same results.

There is a facility, which some of us who are a bit more paranoid choose not
use, whether by 'su" (and I think it can be set up for sudo as well) remembers
the password for a predetermined interval.

Hmm.
In the sudo manual page
<quote>
sudoers uses per-user time stamp files for credential caching.
Once a user has been authenticated, a record is written containing
the uid that was used to authenticate, the terminal session ID,
and a time stamp (using a monotonic clock if one is available).
The user may then use sudo without a password for a short period
of time (5 minutes unless overridden by the timeout option).
By default, sudoers uses a separate record for each tty,
which means that a user's login sessions are authenticated separately.
</quote>


I recall a similar mechanism for plain old "su" but I can't find it.
Perhaps it has been subsumed by the PAM mechanism.


if you want a 'password-less' login, you might consider replacing the "su -"
detail in the "New Root tab" setting with an execution of SSH that is set up to
use the certificate.


It wouldn't surprise me in the slightest if KDE is messing up saving my
state, but the point is KDE/konsole is behaving in an inconsistent and
nonsensical manner. In other words, be it design error, programming
error, hardware error (always a possibility!) - *something* is not right.

No, I think you are fighting it and using it in manner that doesn't "go with the
flow".
As I keep saying, there is a mechanism as a part of its design for getting root
level access, an isolated root tab with a proper ENV set up, so that it won't,
as Carlos made clear, mess up your other config. That you persist in refusing
to make use of it makes those of us that don't have your problems wonder ...


--
A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting frowned upon?


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread