View previous topic :: View next topic |
Author |
Message |
brezblock n00b
Joined: 31 Jan 2008 Posts: 34 Location: Kiev, Ukraine
|
Posted: Thu Oct 01, 2009 5:30 pm Post subject: [Bug 286017] and Gentoo developer's *behavior* |
|
|
Hi to all.
The beginning:
Here is bug url: https://bugs.gentoo.org/show_bug.cgi?id=286017 (I knew, it is unavailable now.)
Updated:
Here is full BUG tread dump:
http://www.rootshell.be/~spinal/gentoo_bug_report/286017.html
The impact:
It has bring some discussion on it, and was brutally BLOCKED by Gentoo Developer (flameeyes@gentoo.org).
Hist last message was:
Quote: |
Okay. Now I'm seriously *tired* and *pissed off* and I'm going to say "bye" to
politically correctness and politeness.
If I hear one of you _again_ come up with "the Gentoo Way" *while not being a
Gentoo developer*, I'm going to ask for your bugzilla account to be locked
down.
I'm _not_ going to change this behaviour. Full stop.
Sudo wants a default (which the admin can change in the configuration file),
and that default is _the same as provided in baselayout!_ The same editor that
_is installed with the damn stages_.
You want to change it? You change it with EXTRA_ECONF.
|
Is it normal Gentoo developer's behaviour pattern?
Is it fair for *god* Gentoo developer just allow to knock off from community *mortal* users??
Is it fair to restrict community from discuss bugs and it's solution??? _________________ Malakhov Alexey
OpenXlout, q4wine.brezblock.org.ua main developer.
BrezBlock (http://brezblock.org.ua) maintainer
web: http://brezblock.org.ua
BrezBlock, Kiev, Ukraine
Last edited by brezblock on Fri Oct 02, 2009 7:40 am; edited 1 time in total |
|
Back to top |
|
|
Mike Hunt Watchman
Joined: 19 Jul 2009 Posts: 5287
|
Posted: Thu Oct 01, 2009 6:13 pm Post subject: |
|
|
Oh well, we all get impatient from time to time - it happens.
Our devs really work very hard, and forgiving some impatience may be a good choice. |
|
Back to top |
|
|
bobspencer123 Guru
Joined: 19 Dec 2005 Posts: 544
|
Posted: Thu Oct 01, 2009 6:16 pm Post subject: |
|
|
although I agree that his last message may be a little terse (but without seeing the whole discussion it's hard to tell if this is a justifiable culmination or not) but he does give you the answer you want to be able to fix this issue I believe
Quote: |
You want to change it? You change it with EXTRA_ECONF.
|
just my 2 cents. _________________ Increasingly becoming a 2 channel audio nut! |
|
Back to top |
|
|
Spinal_by n00b
Joined: 01 Oct 2009 Posts: 8
|
Posted: Thu Oct 01, 2009 6:28 pm Post subject: |
|
|
bobspencer123 wrote: | although I agree that his last message may be a little terse (but without seeing the whole discussion it's hard to tell if this is a justifiable culmination or not) but he does give you the answer you want to be able to fix this issue I believe
Quote: |
You want to change it? You change it with EXTRA_ECONF.
|
just my 2 cents. |
Man, using EXTRA_CONF is not a solution. You will be forced to set it every time you reinstall sudo.
Isn't that obvious?
I opened the bug only because that ISSUE should not exist at all.
Sudo should just work without extra configuration. Don't you agree? |
|
Back to top |
|
|
energyman76b Advocate
Joined: 26 Mar 2003 Posts: 2048 Location: Germany
|
Posted: Thu Oct 01, 2009 6:35 pm Post subject: |
|
|
hm, from experience, gentoo devs (especially flameeyes) only get pissed like that when you were really, really obnoxious.
besides, he does have a very valid point. What is it with you vim users that you have to yell and complain none stop? _________________ Study finds stunning lack of racial, gender, and economic diversity among middle-class white males
I identify as a dirty penismensch. |
|
Back to top |
|
|
John R. Graham Administrator
Joined: 08 Mar 2005 Posts: 10655 Location: Somewhere over Atlanta, Georgia
|
Posted: Thu Oct 01, 2009 6:48 pm Post subject: |
|
|
Guys, sudo may be a special case as it need to be run from a known secure set of environment variables. Otherwise, you're playing with fire. Just taking whatever the user's environment happens to be at the time of execution does not seem to me to be inherently secure. I'd take Diego's advice and use EXTRA_ECONF. If you want it to be a permanent change, then why not put a ebuild in your overlay that applies the change. To me, this is very much the Gentoo Way.
One more comment. Over the course of my life, I have (and I think we all have) encountered people who seemed to me to behave badly or unfairly. It's amazing to me how many times I have later discovered that there were things that I didn't know about that would have caused me to cut them some slack. Now I try--but do not always succeed--to assume that that is so.
- John _________________ I can confirm that I have received between 0 and 499 National Security Letters. |
|
Back to top |
|
|
bobspencer123 Guru
Joined: 19 Dec 2005 Posts: 544
|
Posted: Thu Oct 01, 2009 6:58 pm Post subject: |
|
|
Quote: | If you want it to be a permanent change, then why not put a ebuild in your overlay that applies the change. To me, this is very much the Gentoo Way. |
this is what I was referring too.
I also second your sentiments, john_r_graham, on making sure you consider that all of us have many things going on in our lives and it is not always readily apparent to others in the cloud. _________________ Increasingly becoming a 2 channel audio nut! |
|
Back to top |
|
|
energyman76b Advocate
Joined: 26 Mar 2003 Posts: 2048 Location: Germany
|
Posted: Thu Oct 01, 2009 7:06 pm Post subject: |
|
|
Spinal_by wrote: | bobspencer123 wrote: | although I agree that his last message may be a little terse (but without seeing the whole discussion it's hard to tell if this is a justifiable culmination or not) but he does give you the answer you want to be able to fix this issue I believe
Quote: |
You want to change it? You change it with EXTRA_ECONF.
|
just my 2 cents. |
Man, using EXTRA_CONF is not a solution. You will be forced to set it every time you reinstall sudo.
Isn't that obvious?
I opened the bug only because that ISSUE should not exist at all.
Sudo should just work without extra configuration. Don't you agree? |
extra_econf can be set in make.conf. Problem solved. Permanently. Or just set EDITOR. _________________ Study finds stunning lack of racial, gender, and economic diversity among middle-class white males
I identify as a dirty penismensch. |
|
Back to top |
|
|
ABCDwp Retired Dev
Joined: 26 Mar 2006 Posts: 79
|
Posted: Thu Oct 01, 2009 9:08 pm Post subject: |
|
|
You can also set EXTRA_ECONF in /etc/portage/env/app-admin/sudo, which will apply it to all versions of app-admin/sudo, but no other ebuild. |
|
Back to top |
|
|
nico-- n00b
Joined: 29 Jul 2002 Posts: 59
|
Posted: Thu Oct 01, 2009 10:49 pm Post subject: |
|
|
I also ran into this issue yesterday. It would be nice if the ebuild at least printed a warning for those of us who don't have /bin/nano. _________________ Quidquid latine dictum sit, altum viditur. |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 22673
|
Posted: Fri Oct 02, 2009 2:13 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
brezblock wrote: | The beginning:
Here is bug url: https://bugs.gentoo.org/show_bug.cgi?id=286017 (I knew, it is unavailable now.)
Is it normal Gentoo developer's behaviour pattern?
Is it fair for *god* Gentoo developer just allow to knock off from community *mortal* users??
Is it fair to restrict community from discuss bugs and it's solution??? |
No, that is not normal behavior for Diego. What did you say that made him so angry? For that matter, why is the bug now restricted?
Regarding a developer disregarding a user: Gentoo developers are volunteers, with varying levels of time and patience. While it would be nice if they all had the time and energy to cater to our every whim, the reality is that they do not. I will reserve further judgement until I see the full thread, because citing only the first and last posts leaves out too much context to make an informed decision. |
|
Back to top |
|
|
energyman76b Advocate
Joined: 26 Mar 2003 Posts: 2048 Location: Germany
|
Posted: Fri Oct 02, 2009 2:58 am Post subject: |
|
|
nico-- wrote: | I also ran into this issue yesterday. It would be nice if the ebuild at least printed a warning for those of us who don't have /bin/nano. |
why?
even if you don't have nano - when you set up EDITOR correctly, visudo will use whatever editor you want it to use. _________________ Study finds stunning lack of racial, gender, and economic diversity among middle-class white males
I identify as a dirty penismensch. |
|
Back to top |
|
|
desultory Bodhisattva
Joined: 04 Nov 2005 Posts: 9410
|
Posted: Fri Oct 02, 2009 4:39 am Post subject: |
|
|
Moved from Portage & Programming to Gentoo Chat. |
|
Back to top |
|
|
Spinal_by n00b
Joined: 01 Oct 2009 Posts: 8
|
Posted: Fri Oct 02, 2009 5:39 am Post subject: |
|
|
energyman76b wrote: | nico-- wrote: | I also ran into this issue yesterday. It would be nice if the ebuild at least printed a warning for those of us who don't have /bin/nano. |
why?
even if you don't have nano - when you set up EDITOR correctly, visudo will use whatever editor you want it to use. |
It will not make use of it without extra configuration. Which is
explained particularly in the ticket.
That was not historically the case. Sudo developers supposed
VI to be the default editor for visudo and many users migrated
from other Distributions (where vanilla behaviour was at least
respected) to Gentoo without any notification that they might
have some issues if they prefer other editors than nano. |
|
Back to top |
|
|
jw5801 Apprentice
Joined: 12 Jun 2008 Posts: 251 Location: Melbourne, Australia
|
Posted: Fri Oct 02, 2009 5:45 am Post subject: |
|
|
energyman76b wrote: | nico-- wrote: | I also ran into this issue yesterday. It would be nice if the ebuild at least printed a warning for those of us who don't have /bin/nano. |
why?
even if you don't have nano - when you set up EDITOR correctly, visudo will use whatever editor you want it to use. |
Exactly. I have it set in /etc/rc.conf, where (if memory serves), there were even helpful comments telling me to set it. It makes much more sense (and is cleaner and simpler) for each users system to have a default EDITOR, rather than for the ebuild to arbitrarily pick a default based on installed packages.
Spinal_by wrote: | It will not make use of it without extra configuration. Which is explained particularly in the ticket.
... |
That's just plain incorrect. At least on my system anyway. The only place I've ever set EDITOR is in /etc/rc.conf. I rarely ever actually use sudo and haven't changed any of it's default settings, yet visudo opens emacs, not nano. |
|
Back to top |
|
|
Earthwings Bodhisattva
Joined: 14 Apr 2003 Posts: 7753 Location: Germany
|
Posted: Fri Oct 02, 2009 5:56 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
Hu wrote: | For that matter, why is the bug now restricted? |
The bug reporter kept reopening the bug although being asked not to. _________________ KDE |
|
Back to top |
|
|
Spinal_by n00b
Joined: 01 Oct 2009 Posts: 8
|
Posted: Fri Oct 02, 2009 6:13 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
jw5801 wrote: | That's just plain incorrect. At least on my system anyway. The only place I've ever set EDITOR is in /etc/rc.conf. I rarely ever actually use sudo and haven't changed any of it's default settings, yet visudo opens emacs, not nano. |
Try running "sudo visudo", that's what all this started with.
Earthwings wrote: | Hu wrote: | For that matter, why is the bug now restricted? |
The bug reporter kept reopening the bug although being asked not to. |
I didn't reopen it after it was asked. The admin restricted the ticket when the users started to vote for it.
He got very mad because of this... |
|
Back to top |
|
|
jw5801 Apprentice
Joined: 12 Jun 2008 Posts: 251 Location: Melbourne, Australia
|
Posted: Fri Oct 02, 2009 6:27 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
Spinal_by wrote: | jw5801 wrote: | Hu wrote: | That's just plain incorrect. At least on my system anyway. The only place I've ever set EDITOR is in /etc/rc.conf. I rarely ever actually use sudo and haven't changed any of it's default settings, yet visudo opens emacs, not nano. |
Try running "sudo visudo", that's what all this started with. |
|
Ah, I see. Well, it makes sense that sudo should drop the EDITOR variable. If you run visudo whilst logged in as root however, you bypass that problem (this being the reason I've not seen it). So if you have a root login, you could use that to run visudo once, and set EDITOR in sudoers, or you could just install nano, edit sudoers, then uninstall nano. That would make the configuration stick, and you'd never have to worry about it again.
Anyway, I realise that this thread is not in fact about the 'bug', but more about flameeyes. So I'll say that everything I've seen of him has been positive, so this is unusual and I'm sure there was a valid reason (whether it was something you did, or otherwise), so cut him a bit of slack and don't take it to heart. |
|
Back to top |
|
|
vasily_pupkin n00b
Joined: 02 Oct 2009 Posts: 5
|
Posted: Fri Oct 02, 2009 6:40 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
Fist of all. sudo visudo -eq security_hole as i think :]
But ok.
Code: |
avatar@AliSo ~ % whoami
avatar
avatar@AliSo ~ % echo $EDITOR
gnuclient
cat >> /etc/sudoers << __EOF__
Defaults editor = /usr/bin/vi
Defaults !env_editor
User_Alias TRUSTED = avatar
Cmnd_Alias SUDO = /usr/sbin/visudo
TRUSTED AliSo= SUDO
__EOF__
|
Profit. |
|
Back to top |
|
|
Spinal_by n00b
Joined: 01 Oct 2009 Posts: 8
|
Posted: Fri Oct 02, 2009 6:55 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
vasily_pupkin wrote: | Fist of all. sudo visudo -eq security_hole as i think :] |
Having root account with password is security hole.
I fixed my sudoers long ago. I just curious, why they changed sudo default (vanilla)
behaviour without even notifying endusers who will possibly have issues with this.
Ok. I used LinuxFromScratch for serveral years. What I did, I just installed vim
and I just installed sudo. And it worked as expected. Yes, my EDITOR variable was
set to vim.
Now what I do. I install Gentoo, I remove nano (as I don't use it and don't even like it)
I do emerge vim, I do emerge sudo. What should I expect when running sudo visudo?
I (the ENDUSER) don't expect that it will complaint about missing nano binary. I was
not notified about changing in sudo behaviour in portage.
So I'm forced to go read sudo ebuild, manual pages, google, Gentoo bugtracker.
Do you think all that is correct???
=============================================
!!! UPDATE !!!
You can see the copy of the ticket by yourself here:
http://www.rootshell.be/~spinal/gentoo_bug_report/286017.html |
|
Back to top |
|
|
vasily_pupkin n00b
Joined: 02 Oct 2009 Posts: 5
|
Posted: Fri Oct 02, 2009 7:20 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
Spinal_by wrote: |
Having root account with password is security hole.
|
Situation with visudo equals to situation with scheduler in window$ :] And if i have user password, and visudo for that user installed, I can do anything to system. I.e. user password equals to root password :] May be you adept of AHMYASSISONFIRE^W sudo su - behavior? (%
Spinal_by wrote: |
Ok. I used LinuxFromScratch for serveral years. What I did, I just installed vim
and I just installed sudo. And it worked as expected. Yes, my EDITOR variable was
set to vim.
Now what I do. I install Gentoo, I remove nano (as I don't use it and don't even like it)
I do emerge vim, I do emerge sudo. What should I expect when running sudo visudo?
I (the ENDUSER) don't expect that it will complaint about missing nano binary. I was
not notified about changing in sudo behaviour in portage.
So I'm forced to go read sudo ebuild, manual pages, google, Gentoo bugtracker.
Do you think all that is correct???
|
As my point of view, when visudo be ENDUSER tool && linux get much on desktops era of evil worms get to our poor PC's Gentoo is a portage+baselayout(stage). Official editor in stage - nano. If you use gentoo - you accept this defaults. You can change them if you want. Situation with visudo editors written in the man page.
(By the way. I don't know anything about visudo till this morning, but i spend about 5 minutes to solve topicstarter's "problem". Is this really problem? ) |
|
Back to top |
|
|
Spinal_by n00b
Joined: 01 Oct 2009 Posts: 8
|
Posted: Fri Oct 02, 2009 7:26 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
[quote="vasily_pupkin"] Spinal_by wrote: |
(By the way. I don't know anything about visudo till this morning, but i spend about 5 minutes to solve topicstarter's "problem". Is this really problem? ) |
I prefer when package maintainer spend 5 minute ONCE to do things work as expected, than
when 100000 users spend 5 minute (5*100000) on doing unnecessary job.
=============================================
!!! UPDATE !!!
You can see the copy of the ticket by yourself here:
http://www.rootshell.be/~spinal/gentoo_bug_report/286017.html |
|
Back to top |
|
|
vasily_pupkin n00b
Joined: 02 Oct 2009 Posts: 5
|
Posted: Fri Oct 02, 2009 7:29 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
May be system maintainers setup all my software? apache, ldap, other? I don't have vim, i use emacs, I need own flag? Or maybe I have UBERCOOLEDITOR. What should maintainer do? |
|
Back to top |
|
|
brezblock n00b
Joined: 31 Jan 2008 Posts: 34 Location: Kiev, Ukraine
|
Posted: Fri Oct 02, 2009 7:53 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
vasily_pupkin wrote: | May be system maintainers setup all my software? apache, ldap, other? I don't have vim, i use emacs, I need own flag? |
The best and obvious solution is to add use flags for popular editors, like this:
USE="-nano -emacs vim"
This is true *gentoo way* Is in't it?
vasily_pupkin wrote: | Or maybe I have UBERCOOLEDITOR. What should maintainer do? |
If you use non so popular editor, you can override it by using EXTRA_CONF.
Profit. _________________ Malakhov Alexey
OpenXlout, q4wine.brezblock.org.ua main developer.
BrezBlock (http://brezblock.org.ua) maintainer
web: http://brezblock.org.ua
BrezBlock, Kiev, Ukraine |
|
Back to top |
|
|
brezblock n00b
Joined: 31 Jan 2008 Posts: 34 Location: Kiev, Ukraine
|
Posted: Fri Oct 02, 2009 7:56 am Post subject: Re: [Bug 286017] and Gentoo developer's *behavior* |
|
|
Earthwings wrote: | Hu wrote: | For that matter, why is the bug now restricted? |
The bug reporter kept reopening the bug although being asked not to. |
The bug was NOT reopened after he asked to not doit. You can read full dump of discuss here: http://www.rootshell.be/~spinal/gentoo_bug_report/286017.html
In fact, the Gentoo *developer* block this bug, just because hi don't wish to discus his fail. _________________ Malakhov Alexey
OpenXlout, q4wine.brezblock.org.ua main developer.
BrezBlock (http://brezblock.org.ua) maintainer
web: http://brezblock.org.ua
BrezBlock, Kiev, Ukraine |
|
Back to top |
|
|
|