| View previous topic :: View next topic |
| Author |
Message |
Spanik
l33t
Joined: 12 Dec 2003
Posts: 947
Location: Belgium
|
 Posted: Tue Jun 08, 2021 6:03 am Post subject: |
 |
|
[quote="pa4wdh"] | Spanik wrote: | | figueroa wrote: |
I also started using a regular user. But you just cannot keep your system healthy being a regular user. And I do understand all this being important in multi user or corporate environment. But this is a pc that is only used by me. So I am root! But I keep typing su and sudo all day long.
|
If you were able to maintain your system as a regular user, that user would also have the permissions needed to destroy your system. That's the security trade off here, usually you don't want a regular user to have those kind of permissions. Imagine a typo in a shell script which would try to delete /usr for example. As a regular user that should fail, if you're root, well ... basically you're screwed  |
I do understand that logic in a production environment. Where you have an ICT department and "real" admins. But I am root and regular user in the physical sense. If I'm too stupid not to make mistakes in a command or script, I'm just about apt to do that as a regular user as when being root.
| Quote: | | This I can help with, you need to be in the realtime group. Though I still have to run jackd with chrt [prioirty] jackd to stop xruns, dunno what the deal with that is... |
Thanks, I'll try that. Yet another group to add.
| Quote: | | Your definitely doing many things wrong. I've never reinstalled my initial installation 16 years ago. It's only improved over time, and I've done a lot of things wrong over the years. |
Probably. But then again, there have been new pc's, crashed and changed HD's and other things. Certainly in the beginning. But these days it is mostly portage just locking up. Right now the desktop is in a state that it doesn't want to update anything anymore. So that is a rebuild after not yet 3 months.
_________________
Expert in non-working solutions |
|
| Back to top |
|
 |
HungGarTiger
Apprentice
Joined: 04 Feb 2014
Posts: 180
Location: /nz/auckland
|
| Posted: Tue Jun 08, 2021 6:13 am Post subject: |
|
|
| Spanik wrote: | | Right now the desktop is in a state that it doesn't want to update anything anymore. So that is a rebuild after not yet 3 months. |
I'm really curious to know what you're up to to get yourself in that state so quickly. |
|
| Back to top |
|
|
Spanik
l33t
Joined: 12 Dec 2003
Posts: 947
Location: Belgium
|
| Posted: Tue Jun 08, 2021 6:24 am Post subject: |
|
|
You don't need to wait 3 months! I'm on the laptop and try to emerge the Arduino official toolkit. Portage trows a fit with pages of Python slot conflicts. https://forums.gentoo.org/viewtopic-t-1136844.html This is on a brand new install. Haven't "used" the laptop yet in the sense of doing anythng more with it than installing the stuff I'd like to use with it.
_________________
Expert in non-working solutions |
|
| Back to top |
|
|
Ralphred
Guru
Joined: 31 Dec 2013
Posts: 501
|
| Posted: Tue Jun 08, 2021 7:46 am Post subject: |
|
|
| Spanik wrote: | | Thanks, I'll try that. Yet another group to add. |
If you emerge jack with USE="pam" it does it for you, other than the sudo usermod -a -G realtime yourusername |
|
| Back to top |
|
|
pa4wdh
l33t
Joined: 16 Dec 2005
Posts: 814
|
| Posted: Tue Jun 08, 2021 9:51 am Post subject: |
|
|
| Spanik wrote: | | pa4wdh wrote: |
If you were able to maintain your system as a regular user, that user would also have the permissions needed to destroy your system. That's the security trade off here, usually you don't want a regular user to have those kind of permissions. Imagine a typo in a shell script which would try to delete /usr for example. As a regular user that should fail, if you're root, well ... basically you're screwed |
I do understand that logic in a production environment. Where you have an ICT department and "real" admins. But I am root and regular user in the physical sense. If I'm too stupid not to make mistakes in a command or script, I'm just about apt to do that as a regular user as when being root. |
I think it's just as useful on a single user system (like your, and mine too). People make mistakes, scripts can do things you didn't expect them to do. That why you do that as a regular user so the system itself is save against such mistakes. Having to su/sudo to root to install/update the system is just the other side of the coin, it might be a small inconvenience but (in my opinion) worth it.
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
| Back to top |
|
|
Spanik
l33t
Joined: 12 Dec 2003
Posts: 947
Location: Belgium
|
| Posted: Tue Jun 08, 2021 7:32 pm Post subject: |
|
|
Oh joy! A new Python thingy saw light and a brand new installed is nuked after 3 days. Can start again. When will this Python (and Perl) madness stop? Seriously, if they cannot get a language stable for more then a couple of days and each minor triple-point release is completely incompatible with all previous releases... then it is time to stop and take up knitting. This is even worse than systemd and pulseaudio. Even Word is more stable.
_________________
Expert in non-working solutions |
|
| Back to top |
|
|
figueroa
Advocate
Joined: 14 Aug 2005
Posts: 2965
Location: Edge of marsh USA
|
| Posted: Tue Jun 08, 2021 9:28 pm Post subject: |
|
|
| Spanik wrote: | | Oh joy! A new Python thingy saw light and a brand new installed is nuked after 3 days. Can start again. When will this Python (and Perl) madness stop? Seriously, if they cannot get a language stable for more then a couple of days and each minor triple-point release is completely incompatible with all previous releases... then it is time to stop and take up knitting. This is even worse than systemd and pulseaudio. Even Word is more stable. |
That's not at all how it's supposed to work. The new default Python change was announced way in advance.
https://www.gentoo.org/support/news-items/2021-05-05-python3-9.html
| Code: | | eselect news read 2021-05-05-python3-9 |
Most of my systems just updated on June 2 without any effort whatsoever. Many packages were updated, nothing failed, it just worked.
All of my systems now look like this:
| Code: | $ eselect python list
Available Python interpreters, in order of preference:
[1] python3.9 |
Gentoo follows upstream, with a little sane mediation from the Gentoo developers and maintainers. Maybe your needs would be better met by a distribution that follows a stable core, MX-Linux perhaps, https://mxlinux.org/
_________________
Andy Figueroa
hp pavilion hpe h8-1260t/2AB5; spinning rust x3
i7-2600 @ 3.40GHz; 16 gb; Radeon HD 7570
amd64/23.0/split-usr/desktop (stable), OpenRC, -systemd -pulseaudio -uefi |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Tue Jun 08, 2021 10:33 pm Post subject: |
|
|
I did it!
emerge as an ordibary user
| Code: |
user@lake ~ $ emerge -1av nano
These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild R ] app-editors/nano-5.7::gentoo USE="ncurses nls spell (split-usr) (unicode) -debug -justify -magic -minimal -static" 0 KiB
Total: 1 package (1 reinstall), Size of downloads: 0 KiB
Would you like to merge these packages? [Yes/No] y
>>> Verifying ebuild manifests
>>> Emerging (1 of 1) app-editors/nano-5.7::gentoo
>>> Installing (1 of 1) app-editors/nano-5.7::gentoo
>>> Jobs: 1 of 1 complete Load avg: 1.30, 0.97, 0.91
>>> Auto-cleaning packages...
>>> No outdated packages were found on your system.
* Regenerating GNU info directory index...
* Processed 120 info files.
|
Just kidding
I used an alias
alias emerge="sudo emerge"
_________________
Last edited by alamahant on Tue Jun 08, 2021 10:59 pm; edited 1 time in total |
|
| Back to top |
|
|
figueroa
Advocate
Joined: 14 Aug 2005
Posts: 2965
Location: Edge of marsh USA
|
| Posted: Tue Jun 08, 2021 10:49 pm Post subject: |
|
|
But, it didn't ask you for a password.
_________________
Andy Figueroa
hp pavilion hpe h8-1260t/2AB5; spinning rust x3
i7-2600 @ 3.40GHz; 16 gb; Radeon HD 7570
amd64/23.0/split-usr/desktop (stable), OpenRC, -systemd -pulseaudio -uefi |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3879
|
| Posted: Tue Jun 08, 2021 10:56 pm Post subject: |
|
|
Yes because i have passwordless sudo.
_________________
|
|
| Back to top |
|
|
figueroa
Advocate
Joined: 14 Aug 2005
Posts: 2965
Location: Edge of marsh USA
|
| Posted: Wed Jun 09, 2021 2:43 am Post subject: |
|
|
| alamahant wrote: | | Yes because i have passwordless sudo. |
You may already know that is a sub-standard security option.
_________________
Andy Figueroa
hp pavilion hpe h8-1260t/2AB5; spinning rust x3
i7-2600 @ 3.40GHz; 16 gb; Radeon HD 7570
amd64/23.0/split-usr/desktop (stable), OpenRC, -systemd -pulseaudio -uefi |
|
| Back to top |
|
|
|
Installing Gentoo
