Re: [opensuse] Absolute path is /sbin/*
On Wed, Oct 9, 2013 at 11:39 PM, John Andersen <jsamyth@gmail.com> wrote: I would definitely see about what really are polkit, systemctl, initrd, symlink, shell variables, etc..(linux basics).
But reboot permission has more to do with where you sit than who you are. Anyone at the console has reboot permission, which sort of makes sense since the power switch is just as easy to reach as the keyboard.
Yes I guess this is good that reboot is more to do with "where you sit" rather than anything else and I solely put this the reason why even the command like 'reboot' is in /sbin though even when if it were not in that, it won't break the system except to restart! However, it might be due to the olden days called backward compatibility like they call it. Thanks. -- Life and death. At some point we're gonna leave this world. Do I know when? Absolutely not. --- Terrell Owens Just I dislike pain, so all other beings dislike pain. Live and let live. --- Mahavir Bhagwan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 2013-10-10 a las 18:27 +0530, AP escribió:
not in that, it won't break the system except to restart! However, it might be due to the olden days called backward compatibility like they call it.
If you restart a machine exporting directories via NFS, clients may crash. It has happened to me. - -- Cheers Carlos E. R. (from 11.4, with Evergreen, x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iF4EAREIAAYFAlJXA0IACgkQja8UbcUWM1wUbAD5AQtgEfS+QASfrp+NUbDDVM95 jSqlpyR6UnvN4VGN+9MA/RMO8Nh2q/5Fo6TYc9DKi28A/U2nxND0iPQZ0HOaju+M =jpbQ -----END PGP SIGNATURE-----
Carlos E. R. wrote:
El 2013-10-10 a las 18:27 +0530, AP escribió:
not in that, it won't break the system except to restart! However, it might be due to the olden days called backward compatibility like they call it.
If you restart a machine exporting directories via NFS, clients may crash. It has happened to me.
Only if you have the systems set up wrong. One of the big advantages of NFS is that the server can go away and then come back and running processes on clients will simply carry on, without having to have any awareness of it at all. (i.e. the code is not aware of the NFS mount or any errors etc). I do it/it happens to me regularly. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 2013-10-11 a las 09:45 +0100, Dave Howorth escribió:
If you restart a machine exporting directories via NFS, clients may crash. It has happened to me.
Only if you have the systems set up wrong.
Please explain that, I'm interested.
One of the big advantages of NFS is that the server can go away and then come back and running processes on clients will simply carry on, without having to have any awareness of it at all. (i.e. the code is not aware of the NFS mount or any errors etc). I do it/it happens to me regularly.
If the server remains off (because it is intended to be off, day end), the client had to be rebooted to continue. - -- Cheers Carlos E. R. (from 11.4, with Evergreen, x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iF4EAREIAAYFAlJXztUACgkQja8UbcUWM1ylGwD+KMiIesYySEKZQ7r8nJ2sUj02 yQGtWU6YJEuFMFqlZsoA/09QXFypgWq1dbqNYm9xdeIHfhbRK3SPmNmp0GstObl3 =grtP -----END PGP SIGNATURE-----
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
El 2013-10-11 a las 09:45 +0100, Dave Howorth escribió:
If you restart a machine exporting directories via NFS, clients may crash. It has happened to me.
Only if you have the systems set up wrong.
Please explain that, I'm interested.
I can't really tell what setting on your machine is wrong. But see below...
One of the big advantages of NFS is that the server can go away and then come back and running processes on clients will simply carry on, without having to have any awareness of it at all. (i.e. the code is not aware of the NFS mount or any errors etc). I do it/it happens to me regularly.
If the server remains off (because it is intended to be off, day end), the client had to be rebooted to continue.
No, the client will sit there until the server comes back next day. That is how it is designed. And certainly the client hasn't crashed at that point. So have you had a crash or not? I'm not sure what behaviour you want your particular client to have. But the most obvious change would be to configure the mount with the soft option. Then your client would have to be aware of possible errors (as it should be in any case of course). When the server goes down, the client will receive an error and it's up to the client to deal with that. NFS is very like TCP. It assumes that breaks in the network, or servers going away, are temporary phenomena and just waits until conditions return to normal when it carries on. And NFS, like TCP, can be told to return errors instead, if that's what you want. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2013-10-11 12:21, Dave Howorth wrote:
Carlos E. R. wrote:
No, the client will sit there until the server comes back next day. That is how it is designed. And certainly the client hasn't crashed at that point. So have you had a crash or not?
The nfs was mounted as /data/external/. The entire /data directory was unaccessible, any process trying hung. Mind, not accessing /data/external/, but /data/. Several processes got stuck, things failed. The machine had to be rebooted to be usable again. mount/umount hung, impossible to remove the nfs mount. Both server and client were setup by yast, so any misconfiguration was due to yast.
I'm not sure what behaviour you want your particular client to have. But the most obvious change would be to configure the mount with the soft option. Then your client would have to be aware of possible errors (as it should be in any case of course). When the server goes down, the client will receive an error and it's up to the client to deal with that.
Both are 12.3 machines. So you say Linux is buggy... :-p - -- Cheers / Saludos, Carlos E. R. (from 11.4, with Evergreen, x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlJX1tMACgkQja8UbcUWM1xa4QD/TNheWDrS9r3q7oNUane/aUyb k+dxQq2PriXcUz5XJrUA/iO8lqUb5SJqRW+Pg7WWOCV8NNgGkFYKEeh6VzVJrNyr =e0U5 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Carlos E. R. wrote:
On 2013-10-11 12:21, Dave Howorth wrote:
No, the client will sit there until the server comes back next day. That is how it is designed. And certainly the client hasn't crashed at that point. So have you had a crash or not?
The nfs was mounted as /data/external/. The entire /data directory was unaccessible, any process trying hung. Mind, not accessing /data/external/, but /data/. Several processes got stuck, things failed. The machine had to be rebooted to be usable again. mount/umount hung, impossible to remove the nfs mount.
Something weird was happening there. If it's a reproducible, ongoing problem, we can try to solve it, but otherwise trying to draw any conclusions from the circumstances is very error-prone.
Both server and client were setup by yast, so any misconfiguration was due to yast.
I did have a server go down yesterday and after it came back there were odd symptoms when starting new processes on the clients until I went into YaST and restarted the NFS server component. But existing processes weren't affected at all. I don't understand what happened there, and I probably never will.
I'm not sure what behaviour you want your particular client to have. But the most obvious change would be to configure the mount with the soft option. Then your client would have to be aware of possible errors (as it should be in any case of course). When the server goes down, the client will receive an error and it's up to the client to deal with that.
Both are 12.3 machines. So you say Linux is buggy... :-p
Sorry, I don't understand that logic, or how your statement relates to what I said. Cheers, Dave -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thursday 10 October 2013, AP wrote:
On Wed, Oct 9, 2013 at 11:39 PM, John Andersen <jsamyth@gmail.com> wrote:
I would definitely see about what really are polkit, systemctl, initrd, symlink, shell variables, etc..(linux basics).
But reboot permission has more to do with where you sit than who you are. Anyone at the console has reboot permission, which sort of makes sense since the power switch is just as easy to reach as the keyboard.
Yes I guess this is good that reboot is more to do with "where you sit" rather than anything else and I solely put this the reason why even the command like 'reboot' is in /sbin though even when if it were not in that, it won't break the system except to restart! However, it might be due to the olden days called backward compatibility like they call it.
What kind of logic is this? How does this matter where I sit? It's also easy to crash the hard disk as non-root using a hammer. So we could also make all files writable for users sitting at console? I guess that most people who wants to reboot machines have also the root password. So they would not need this permission for their user accounts. Giving all non-administrators the reboot permission per default is wrong. If root wants to give them reboot permission then he could do it via sudoers. This console/remote user magic is IMO useless. cu, Rudi -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Ruediger Meier wrote:
I guess that most people who wants to reboot machines have also the root password. So they would not need this permission for their user accounts. Giving all non-administrators the reboot permission per default is wrong. If root wants to give them reboot permission then he could do it via sudoers. This console/remote user magic is IMO useless.
I have often used ssh to connect to a computer and then, as root, rebooted or halted it. You don't have to be sitting in a box to reboot or halt. You don't even have to be root, if you use the desktop or menu to halt or restart. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Friday 11 October 2013, James Knott wrote:
Ruediger Meier wrote:
I guess that most people who wants to reboot machines have also the root password. So they would not need this permission for their user accounts. Giving all non-administrators the reboot permission per default is wrong. If root wants to give them reboot permission then he could do it via sudoers. This console/remote user magic is IMO useless.
[...] You don't have to be sitting in a box to reboot or halt. You don't even have to be root, if you use the desktop or menu to halt or restart.
That's exactly what I complain about. cu, Rudi -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
El 11/10/13 09:59, Ruediger Meier escribió:
That's exactly what I complain about.
Looks like you have different requirements, particularly it seems you are expecting something that behaves like an old unix or a distribution from the 90's.. those are dead and buried in case you haven't noticed. -- "If debugging is the process of removing bugs, then programming must be the process of putting them in." - Edsger Dijkstra -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On October 11, 2013 at 4:56 PM Cristian Rodríguez <crrodriguez@opensuse.org> wrote: El 11/10/13 09:59, Ruediger Meier escribió:
That's exactly what I complain about. Looks like you have different requirements, particularly it seems you are expecting something that behaves like an old unix or a distribution from the 90's.. those are dead and buried in case you haven't noticed.
IMHO no. I also think the current shutdown/reboot permissions are too lax. Have a nice day, Berny -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 11/10/2013 17:45, Bernhard Voelker a écrit :
I also think the current shutdown/reboot permissions are too lax.
may be Yast / security / hardening? but in the pastr some applications could have problems with hardening. jdd -- http://www.dodin.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (8)
-
AP -
Bernhard Voelker -
Carlos E. R. -
Cristian Rodríguez -
Dave Howorth -
James Knott -
jdd -
Ruediger Meier