On Friday, November 25, 2011 01:06 PM cagsm wrote: [snip] Wow, I began to respond to sections of your long post (aka rant) which goes rather afield of your original post, but decided to just snip it. A few comments (with occasional tongue in cheek, no offense meant): Since you are understadably concerned about stability, why not just wait a short while - a month is usually sufficient - before installing or upgrading to 12.1? Is there something in 12.1 that is so urgent that it requires you act immediately? For a brand new user, it may indeed be better to either wait a bit or use 11.4, which I find works exceptionally well (more to the point, so does my militantly anti-technical wife; her's is a much stronger endorsement). Or give 12.1 a try, evaluate the serious bugs list from the perspective of what if any effect they may have on your user (doubful he'll care about systemd as long as it works), and then decide. As far a security patches, I find the openSUSE security bug fix policy to work quite well. It's been ~10 years now, and while on very rare occasion a patch has itself created a problem, I can't remember reading of anyone actually being bitten by a security breach because a patch was too late. Not saying that it hasn't happened (my memory isn't what it used to be) but if it were to any meaningful extent, wouldn't alarms be ringing from everywhere? So I checked one of my 11.4 machines that I'm not as mindful with as I should be for patches; it hasn't been patched for more than 2 months. And omigod there are 20 patches! Interestingly, all are upstream with about half from commercial outfits like Mozilla, Adobe, and Oracle, etc. I'm not positive, but I can't recall hearing much about stack overflow exploits in perl or pam or etherape or wireshark. I guess I'm just lucky. This is not to minimize security patches for browsers at all (and this is where I differ from our colleague who suggests a firewall is sufficient). Browsers are the most common and serious attack vector for sure, and many of these exploits are OS agnostic. But the reason for all the complaining here about Mozilla escapes me. Is there a suggestion? Is there something else *we* should be doing? And I regret all the heartburn over your problems with upgrades. I'm first to admit that it may take me several hours to work out package incompatibilities, I cursed when no one mentioned that libata was changing "h" to "s", and I still won't allow an upgrade to reinstall the boot loader. But thankfully, besides the extra time and invariable unpleasant upgrade surprise here and there, I've never lost any of my arrays or anything else for that matter. Like I said, just lucky I guess. Now, as far as your original, specific question/concern: If you choose to use 11.4 or 12.1 still has the updater problem, disable the applet. Then to do regular patch updates you can: Show your user how to use Online Update. A couple clicks. Admittedly s/he won't know what the patches actually mean, but some folks like to see what's going on (especially if something breaks later). Some Windows users (IME the smart ones) actually look at the patches MS pushes rather than taking everything automatically (and then wondering later what broke the machine). Or, how about a simple script which uses sudo and zypper to patch? Put it on the desktop with the icon & title of your choice. Your user clicks on it and that's it. Or, how about setting up that same script in the KDE Task Scheduler (cron), to run automatically whenever you want? Finally, re the root vs user password. I also don't like using the same password for both. The approach I would take would depend on how often your user is likely to need to use root and what for. If /she is going to be using it a lot, the Ubuntu sudo approach IMO becomes pointless, since it can be used for anything root and the user often has to open a terminal as well. If a user needs root privilege frequently for different functions, there should be a very good reason and IMO this is not for beginners. But if your user will use root infrequently, such as just to install new software, then sudo with krunner (or a little yast-software startup desktop shortcut like above) might be a good option. Or you can go the Windows route (where Administrator is not in fact root), create an actual Administrator user, and set it up to do the few things your user needs that priviledge to do. Flexibility is your friend, and it's pretty much a one-time thing. Hope that helps. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org