Fixing Fido..

Under development: PCMCIA, wireless, etc.
Message
Author
User avatar
01micko
Posts: 8741
Joined: Sat 11 Oct 2008, 13:39
Location: qld
Contact:

Fixing Fido..

#1 Post by 01micko »

"Fido" and "Spot" are restricted users of Puppy.

Spot has been around for awhile and a few apps require that they are run as the non-root user so Spot has been that user.

Barry introduced Fido due to popular demand. Fido's current status is broken. You can opt to use Fido but many things don't work and it's also difficult to switch between Fido and the root account.

So, let's fix Fido!

Things to consider..

Perhaps we should allow the restricted user to be called anything that the administrator of the machine wants. To enable this would mean that there could be more than one restricted user. This also means that (for sanity's sake we'll stick with Fido as the name of our user) ..Fido needs his own home directory, /home/fido. When fido is logged in this will be the environmental variable $HOME, so in a terminal if you type this (don't do it now, your answer will be "/root")..

Code: Select all

# echo $HOME
.the return would be..

Code: Select all

/home/fido
Currently Barry has Fido's home directory hard coded to /root. This in my opinion is causing many of the problems.

Currently Puppy has many apps hard coded to root. I am an offender too :oops: . No app should keep config files in "/root". It should either be "/etc" or $HOME or both, with $HOME automatically overriding "/etc". Exceptions are apps that need root privileges to run, example: PPM. We need to sift through these apps and fix or ban them. yes a big job, but if people want multi-user Puppy then this needs doing.

Another thing is browser packaging. Again, in my opinion, it's bad to have a browser package with a hard coded profile already set up (in /root). The reason Barry does this is to include add ons such as Flashblock. I have found a way (with Firefox and Seamonkey at least) to package them with fontsize and home page set, no profile. That way when Fido opens his browser all settings are as expected. His unique profile will be created.

On setting up Fido, certain files and directories will need to be created in his $HOME, example: bashrc, this brings me to the next point...

Implementation

I think a gtkdialog gui after installation has been performed would be nice to set up users. Initially I only plan to support Full and Frugal installs to fast media (pupmodes 2, 12) with support for others if applicable as we go along.

It could be an option to set up Fido outside the save file in frugal installs. Full installs will be a matter of simply setting up Fido's $HOME.

---------------------------------------------------------------

Anyone with anything to add please do, and if you can code in bash why not dive in and help?

The basic infrastructure is there in any woof built puppy of the last few months.

Have fun!
Puppy Linux Blog - contact me for access

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#2 Post by BarryK »

I don't see why having /root as fido's home is a problem. There is some opposition to it, but as far as I can see that is only due to ingrained learning about how things should be.

When fido is chosen at first shutdown, everything in /root is set to have the correct permissions as required for fido. So, everything in /root is just as it would be as in any other home for fido.

The fundamental understanding is that Puppy is not a multi-user system, at least not in the normal way. Multiple users are accommodated by separate save-files, so there is no conflict in committing /root to be used by fido.

Except however if you want to jump from fido to administrator, and then perform some operation as administrator, in which case files with root permissions could get written into /root.
It might seem perverse, but why not set the administrator's home directory to something other than /root -- say /root0, or /administrator?
Apart from it being weird, I can't see anything wrong with doing that.

The thing is, there is so much dependency on the home directory being /root. So many PET packages have /root hard-coded.
[url]https://bkhome.org/news/[/url]

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#3 Post by jpeps »

I have my $HOME in /mnt/sda2/Desktop, so use a sudo alias for hard-coded apps that need /root (or I can exit the user shell and run in root).

disciple
Posts: 6984
Joined: Sun 21 May 2006, 01:46
Location: Auckland, New Zealand

#4 Post by disciple »

I think a gtkdialog gui after installation has been performed would be nice to set up users.
Do you mean that the gui would automatically start at the end of the installation wizard?
Initially I only plan to support Full and Frugal installs to fast media (pupmodes 2, 12)
Why? What difference does the type of install make?
Do you know a good gtkdialog program? Please post a link here

Classic Puppy quotes

ROOT FOREVER
GTK2 FOREVER

User avatar
01micko
Posts: 8741
Joined: Sat 11 Oct 2008, 13:39
Location: qld
Contact:

#5 Post by 01micko »

Ok, I'll clear my ideas up a bit..

People want "users", FWIW I run as root and couldn't care less.

Pizzasgood ha(s)(d) a great model, it worked well. Barry's implementation of Fido doesn't seem to work too well. Of course that could probably be fixed. I don't think that's what "users" want though. They want to add users! (There would be at least a couple of posts a week by noobs.. "How do I add a user?"). Maybe though.. and Smokey01 suggested this ages ago, it could be simplified further in the installation (well at least for a frugal type). Maybe the "user" could automatically boot his own save file through some mechanism taking advantage of the layered filesystem. Maybe an avenue there.

I see Barry's point though, just make a different save file, but that does require a little bit of Puppy knowledge. If the target is Windows refugees (or other OS) then they are conditioned to accept that a "user account" needs to be.. erm.. not to mention all the "root is the devil" sayers.
disciple wrote:Do you mean that the gui would automatically start at the end of the installation wizard?
No. This can (and probabaly will) be an add on. Call it as you will in that case.
disciple wrote:Why? What difference does the type of install make?
Well plenty. Why would you want it on pupmode 77? (DVD/CD saveback) Most users AFAIK use frugals or fulls. USB installs are a different kettle of fish and the way they can be used can complicate matters. I wouldn't bother with a USB install that doesn't run as root. Makes my life easier.
Puppy Linux Blog - contact me for access

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#6 Post by nooby »

01micko, much appreciated you take this initiative
Coming in from a total Nooby perspective.

we have three suggestions so far then.

1. 01micko suggest we collectively or those belonging to this group "We need to sift through these apps and fix or ban them. yes a big job, but if people want multi-user Puppy then this needs doing." them are motivated to do that huge undertaking.

2. Barry suggest one can skip that big undertaking if one do ... read his post. Okay it is a bit un-orthodox but puppy is already seen as odd so why not change Admin in that way. So if that works then that is okay with me :)

3. jpeps have a solution that those on his level do get what him talks about. I read and read and feel very unsure of how that is accomplished.

So would be cool if we had three isos with each of these in finished states?

Jpeps seems to already have a running system. is that something you can make an iso and upload to an easy to download from server?

Barry still have the idea how to do it but not the iso AFAIK.

01micko knows there is a lot of changes needed to be done so takes time and effort. and how many are motivated to do all that work?

So I would ask Jpeps to make a very detailed description or some iso so we can test that approach if it is that easy???

Edit
01micko wrote:If the target is Windows refugees (or other OS) then they are conditioned to accept that a "user account" needs to b
Yes that is a good way to see it. It is no use if them not get what is supposed to happen or what to do.

Does Jpeps approach looks familiar to the refugees? Does Barry's approach look familiar enough or can be made so?
I use Google Search on Puppy Forum
not an ideal solution though

disciple
Posts: 6984
Joined: Sun 21 May 2006, 01:46
Location: Auckland, New Zealand

#7 Post by disciple »

Most users AFAIK use frugals or fulls.
Or they boot from CD, with a save file on the hard drive. But I meant "how would it affect the implementation?", not "why wouldn't you want it in every pupmode?".
I actually think it would be better (much less confusing) to keep the current situation than it would be to implement multiple users only in certain modes. If we did that, then people would boot up a Puppy CD and say "What?! Why can't I create a new user?". At least at the moment there is a clear message, which people can be told at the outset, "Puppy is a single user OS".

BTW, personally I like to have only one user profile on a machine, so if I actually wanted to run with limited permissions I would very much like Barry's root/fido system. But I do think things should be done the standard way unless there is good reason to do otherwise, and I always thought the only reason Puppy wasn't set up for multiple users was tradition. Apart from this one of course:
Bruce B wrote:
tw296 wrote: Making Puppy not run as root would shut up a huge amount of the forum questions.
That would be a sad day. If it weren't for posts questioning running as root, what would be the stimulus for arguing in its behalf?
http://murga-linux.com/puppy/viewtopic. ... 280#250280
Do you know a good gtkdialog program? Please post a link here

Classic Puppy quotes

ROOT FOREVER
GTK2 FOREVER

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#8 Post by nooby »

Hope we don't go derail but I do think this is an important thing
Making Puppy not run as root would shut up a huge amount of the forum questions.
Barry wrote something similar here in the forum but first this on his Blog. http://bkhome.org/blog/?viewDetailed=02240
Introducing 'fido'
Right from Puppy's inception, we have been criticized for running as root. I have finally decided to offer a choice.


here is from the forum on same issue
http://murga-linux.com/puppy/viewtopic. ... 685#520685
Personally, I will always continue to run as root, but offering 'fido' will shut up the critics.
I doubt them will shut up though. For them only true multi user the Unix or Real Linux way will do. nothing less will do :)

But sorry I maybe go off topic but I do think that this thread needs to know what exactly is it that needs to be done from the user point of view.

Why are we at it? What is lacking.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
mavrothal
Posts: 3096
Joined: Mon 24 Aug 2009, 18:23

#9 Post by mavrothal »

01micko wrote: Pizzasgood ha(s)(d) a great model, it worked well.

Rediscovering the wheel can be fun, but why try to rediscover the "flat wheel"?
I think if you have a wheel, better fix it if needed and use it.
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==

User avatar
01micko
Posts: 8741
Joined: Sat 11 Oct 2008, 13:39
Location: qld
Contact:

#10 Post by 01micko »

disciple wrote:Or they boot from CD, with a save file on the hard drive.
Which is essentially a "frugal" "install". (on fast media pupmode=12, same as if it's installed with a grub menu and all).

Anyway, that's not the point at all!
Puppy Linux Blog - contact me for access

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#11 Post by nooby »

mavrothal wrote:
01micko wrote: Pizzasgood ha(s)(d) a great model, it worked well.

Rediscovering the wheel can be fun, but why try to rediscover the "flat wheel"?
I think if you have a wheel, better fix it if needed and use it.
So if you apply that on this situation then what is it you recommend?

Fix Puppy so it is multi user from start but set up so it can act as puppy do now?

I guess a lot of people would say. Then you do it yourself we are happy as it is now?

others would say. But then it is not Puppy as we know it anymore.

Sadly I know too little but I have been interested in what 01micko do take up since day one because I did try for years to make use of Ubuntu and Linux Mint and others and failed to learn this permission thing and Puppy did rescue me and gave me a way out of Ms Windows dependency

So what exactly are you trying to say?


A derail that is almost on topic. To learn from other distros???

When I am at it. I have not tested enough but latest version Slitaz cooking if one boot it and when it ask if one want to be tux and one write root then it behaves almost like puppy.

would that help us get a puppy that is multi user? Can one learn from Slitaz how them almost make a multi user that act almost like a Puppy?
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
technosaurus
Posts: 4853
Joined: Mon 19 May 2008, 01:24
Location: Blue Springs, MO
Contact:

#12 Post by technosaurus »

I have been writing some backend code for jwm ... trying to keep it multi-user friendly

The easy part is using ${HOME} instead of root.

I had been using pinstall.sh to mv config files from / to ${HOME}/LOCATION

This is not portable either. It seems that /etc is ok to use for a default config that can be copied to $HOME if it is needed... but still may require root to install? Is /usr/local/etc a suitable place for these?

I'm not by any means advocating a distributed multiuser pup, but if I let my 4 & 6 yr old boys use tuxpaint or gcompris on my box, its nice to at least be able to setup a couple failsafes and still have a _usable_ system.

Ex. Puppy doesn't use /etc/jwmrc.system ... this is where the root user should have its .jwmrc, so that added users would have a working jwm ootb
Last edited by technosaurus on Sat 03 Sep 2011, 16:42, edited 1 time in total.

mcewanw
Posts: 3169
Joined: Thu 16 Aug 2007, 10:48
Contact:

#13 Post by mcewanw »

First of all, personally, I run Puppy Wary as my main desktop OS, and find being root user all the time perfectly fine.

The only reason I would like a working regular user such as fido is that I teach Linux sometimes, and some of that teaching requires that I teach about users, groups and permissions. Actually the course is for Red Hat Enterprise Linux and mainly concerned with Linux being used as a server rather than as a desktop: administration of users, groups and permissions is an important part of that.

However, RHEL is a big system for students to install at home (and many of them are windows, not linux users) so I really wish they could practice much of what is in the course on Puppy Linux at home, but for that there would need to be a regular user, such as fido, but one whose home directory could be in /home/fido (doesn't need to be a full on multi-user system for though). At the moment, some students use vmware at home with RHEL, some others dual boot Ubuntu. Moreover, despite the RHEL courses being more concerned with Linux server administration, I personally would really like to expose and encourage my students to try Puppy Linux as a desktop alternative to MS offerings, so all-in-all a version that had fido in /home/fido etc would be truly useful towards that end in this particular scenario.

Fixing applications to also work with normal users would also help encourage developers to write applications in such a way that they can be more easily ported to other Linux distributions - which I think would be a good thing since sometimes we may need to use a different Linux distribution (such as RHEL in my case) and would like to still then have access to the Puppy Linux utilities we have come to love.
github mcewanw

User avatar
mavrothal
Posts: 3096
Joined: Mon 24 Aug 2009, 18:23

#14 Post by mavrothal »

nooby wrote:
So what exactly are you trying to say?
What I'm saying is that puppy is designed to run as single user OS and actually root.

IF you want to make it mutiuser, the process is known and actually most of the components are already in puppy. Just needs to stop hard-coding root for user data and make PPM and pets $HOME-aware.
Of course need also changes in rc.sysinit and rc.shutdown

Trying to masquerade spot, fido or any other to look like root in some things and user in others looks to me like re-inventing the flat tire.

People that are looking for multiuser OS for production, to trust novices/kids, or some sense of privacy and sacurity, are looking for a session manager with password, sudo, package quality control and management, and isolated user areas. Nothing else will make them happy.
You either do it or you don't.
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#15 Post by nooby »

mavrothal wrote: People that are looking for multiuser OS for production, to trust novices/kids, or some sense of privacy and sacurity, are looking for a session manager with password, sudo, package quality control and management, and isolated user areas.
Nothing else will make them happy.
You either do it or you don't.
That is very similar to what I wrote somewhere too. :)

But despite us agreeing on this we only have Fido and Spot.

I don't agree with what you write about making Puppy MultiUser
IF you want to make it mutiuser, the process is known and actually most of the components are already in puppy. Just needs to stop hard-coding root for user data and make PPM and pets $HOME-aware.
Of course need also changes in rc.sysinit and rc.shutdown
Okay that something is known does not explicitly say it is easy or even possible within a reasonable time and effort.

Pizzasgood spent many weeks even months? on doing it way back with Puppy 412? it was not easy at all. None else have felt for doing all that work again with some more modern version.

You write as if it is easy. As I get it, it is not easy at all.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#16 Post by Lobster »

Is this multiple user option feasible:

When we boot up with the option
'puppy pfix=ram'
we are effectively creating a new user

So give a 'new user' boot option
at this stage
Some pups already have a 'boot options' menu

Later when multiple user saves are provided
we can offer an 'encrypted password protect'

and later on shutdown our data can be encrypted

Our security should not follow a generic pattern
and generic hack pattern
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#17 Post by nooby »

Lobster that is a good way to let a family keep things private or if you use Puppy at work.

But it is still a single user system but a kind of serial multi user letting them isolate their privacy from each other but seen from outside if somebody breaks in then being root makes us more vulnerable than the average linux user would.

one the other hand. If I run root on Slitaz would that not also makes me as vulnerable?
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
mavrothal
Posts: 3096
Joined: Mon 24 Aug 2009, 18:23

#18 Post by mavrothal »

nooby wrote: Okay that something is known does not explicitly say it is easy or even possible within a reasonable time and effort.

Pizzasgood spent many weeks even months? on doing it way back with Puppy 412? it was not easy at all. None else have felt for doing all that work again with some more modern version.

You write as if it is easy. As I get it, it is not easy at all.
Is not easy or hard, reasonable or unreasonable.
Is a design decision and is up to BK and his woof, to make.

Now regarding fido, spot and the likes, I think that what is really needed is a reliable work-around for the denial of more and more modern browsers to run as root.
If the work-around is indeed an isolated area all the better.
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#19 Post by Lobster »

If the work-around is indeed an isolated area all the better.
Fatdog64 does this

from the command line

Code: Select all

su spot -c defaultbrowser
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

User avatar
mavrothal
Posts: 3096
Joined: Mon 24 Aug 2009, 18:23

#20 Post by mavrothal »

Lobster wrote: from the command line

Code: Select all

su spot -c defaultbrowser
I wish... :roll:
spot does not have user data directories ( ~/.config etc)
"Problem" browsers do not check/care how they are called but where to write.
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==

Post Reply