Root growing
in [Suse]
|
From: David Bolt on 29 Jun 2010 17:44 On Tuesday 29 Jun 2010 21:13, while playing with a tin of spray paint, mjt painted this mural: > On Tue, 29 Jun 2010 20:58:54 +0100 > David Bolt <blacklist-me(a)davjam.org> wrote: > >> >> du / --max-depth=1 --one-file-system --exclude=/proc \ >> >> --exclude=/dev --exclude=/sys | sort -nr >> > >> > Might want to run that as "sudo" :) >> >> Well, you could do, but why would you? Personally, I would open up a >> console[0], use "su -" to become root and then use the command. > > Either way (sudo or su) ... my point is that the results > of the "du" will be different if you running it as your > regular user or if running as the root user. Which was why I initially said to be the root user when using it. That way, there's not a long list of messages similar to: du: cannot read directory `/var/cache/multipath': Permission denied and the count isn't low because of the permission denied errors. > I'd like to add one other option for "du" ... the "-h" option, > which prints out the sizes in a human-readable format :) I specifically didn't include that because, as Ulick points out, the sort ordering won't work and gives the wrong results as shown here: moray:~ # du / --max-depth=1 --one-file-system --exclude=/proc --exclude=/dev --exclude=/sys | sort -nr 6398852 / 920040 /var 832672 /opt 319028 /lib 63220 /etc 24864 /root 17544 /lib64 12884 /sbin 10012 /bin 84 /tmp 28 /lost+found 24 /local 18 /media 8 /mounts 4 /usr 4 /srv 4 /selinux 4 /mnt 2 /boot 0 /home moray:~ # moray:~ # du / --max-depth=1 --one-file-system --exclude=/proc --exclude=/dev --exclude=/sys -h | sort -nr 899M /var 814M /opt 312M /lib 84K /tmp 62M /etc 28K /lost+found 25M /root 24K /local 18M /lib64 18K /media 13M /sbin 9.8M /bin 8.0K /mounts 6.2G / 4.0K /usr 4.0K /srv 4.0K /selinux 4.0K /mnt 2.0K /boot 0 /home Regards, David Bolt -- Team Acorn: www.distributed.net openSUSE 11.0 32b | | | openSUSE 11.3RC1 32b | openSUSE 11.1 64b | openSUSE 11.2 64b | TOS 4.02 | openSUSE 11.1 PPC | RISC OS 4.02 | RISC OS 3.11
From: David Bolt on 29 Jun 2010 17:59 On Tuesday 29 Jun 2010 22:08, while playing with a tin of spray paint, mjt painted this mural: > On Tue, 29 Jun 2010 21:53:06 +0100 > Ulick Magee <ulickatmaildotcom(a)feckoff.invalid> wrote: >> If you're going to run a server and open ports you had better know what >> you're doing. You'd hope so, wouldn't you. I don't have much faith that some people running servers, any servers, have even the slightest clue. If they did, I don't think I'd see quite so many attempts to access phpmyadmin and other such stuff on my web server. > Agreed. > > I'm sure you're familiar with how many users run as root as > their "regular user" cause they tire of having to go through > the "supply root user password" every time they need to do > something as root. I'm not sure there's many that do. All the advice I see given, especially when talking about running X as root is basically "just don't do it" TM. As for things that need to be run as root, for instance using YaST2 to do package maintenance as a normal user pops up the password dialog box[0]. And, one thing I dislike about it is the checkbox allowing the password to be remembered. It shouldn't be there, but it is, and I'll bet that an awfully large number of users would also make sure the password is remembered. > Just recently (in a usenet group), someone posted the results > of a CLI command they executed ... I looked at it and noticed > they were running as the root user ... the command they executed > did not require root privileges ... anyway, I inquired about > their usage of the root account and how they shouldn't be doing > that ... never got a reply, though. This seems to be a frequent > occurrence where someone is moving from the M$ world. And running with root, administrator, or whatever you'd like to call it, still seems to be the default for the first user created even with their latest "more secure" offering. [0] Possibly this is KDE specific. I don't use Gnome, so don't know if the same issue is present. Regards, David Bolt -- Team Acorn: www.distributed.net openSUSE 11.0 32b | | | openSUSE 11.3RC1 32b | openSUSE 11.1 64b | openSUSE 11.2 64b | TOS 4.02 | openSUSE 11.1 PPC | RISC OS 4.02 | RISC OS 3.11
From: Ulick Magee on 29 Jun 2010 18:07 mjt wrote: > > I'm sure you're familiar with how many users run as root as > their "regular user" cause they tire of having to go through > the "supply root user password" every time they need to do > something as root. A lot of distros including openSUSE now have the option of using the password of the first user as the root password. OSX has a similar approach. (Hopefully the user will choose a strong password.) At least this reduces the chances of running the GUI as root. I'm not convinced that this single-password approach is really a good idea for reasonably clueful users to adopt, but at least it removes the incentive for clueless users to run the GUI as root. Once you have your system set up and the stuff you need installed, you only need root to do updates, and even that can be set to run automatically. So for users who don't like to tinker with their system they should rarely need to become root. > Just recently (in a usenet group), someone posted the results > of a CLI command they executed ... I looked at it and noticed > they were running as the root user ... the command they executed > did not require root privileges ... anyway, I inquired about > their usage of the root account and how they shouldn't be doing > that ... never got a reply, though. This seems to be a frequent > occurrence where someone is moving from the M$ world. No surprises there when so much software for those systems will only function correctly if run as administrator. Another very bad habit that ex-Windows users have is downloading anything from some random site they find in a Google search and then installing it. Of course you can install software on Linux from untrusted sources too, but it's hard to think of any situation where you'd really *need* to (and provided the source is visible, someone somewhere on the internet is eventually going to figure out if it's doing something it shouldn't.) -- Ulick Magee Free software and free formats for free information for free people. Open Office for Windows/OSX/Linux: http://www.openoffice.org openSUSE Linux: http://en.opensuse.org
From: J G Miller on 29 Jun 2010 18:22 On Tue, 29 Jun 2010 23:07:47 +0100, Ulick Magee wrote: > Another very bad habit that ex-Windows users have is downloading > anything from some random site they find in a Google search and then > installing it. Such as sourceforge.net because one wants a newer version of the software rather than the rather outdated version that came with the distribution? ;)
From: Ulick Magee on 29 Jun 2010 18:25
David Bolt wrote: > > You'd hope so, wouldn't you. I don't have much faith that some people > running servers, any servers, have even the slightest clue. If they > did, I don't think I'd see quite so many attempts to access phpmyadmin > and other such stuff on my web server. That doesn't tell you all that much though. It's a bit like spam. It costs basically nothing to send out millions of attempts, and you only need a few responses for it to pay off. PHP does seem to be one of the most popular ways to get inside a poorly secured linux web server though. At the end of the day there are various ways that OSes attempt to limit the effects of user stupidity, but there's no cure for admin stupidity. > I'm not sure there's many that do. All the advice I see given, > especially when talking about running X as root is basically > "just don't do it" TM. You could call that the "inverse Nike" approach :) > As for things that need to be run as root, for instance using YaST2 to > do package maintenance as a normal user pops up the password dialog > box[0]. And, one thing I dislike about it is the checkbox allowing the > password to be remembered. It shouldn't be there, but it is, and I'll > bet that an awfully large number of users would also make sure the > password is remembered. I was a bit dismayed when that first appeared in KDE3.something, too. I've never used it on a 'real' box, but recently tried it on a oS11.2/KDE4 VM just to see what would happen, a thingy appears in the taskbar saying that privileges are elevated. Now whether that just applies to YaST (or whatever else originally asked) or to anything, I don't know. > And running with root, administrator, or whatever you'd like to call > it, still seems to be the default for the first user created even with > their latest "more secure" offering. Well there's a big difference (I hope) between running as root and having the password for root the same as your own - the latter has been the default on openSUSE installations for a while now. -- Ulick Magee Free software and free formats for free information for free people. Open Office for Windows/OSX/Linux: http://www.openoffice.org openSUSE Linux: http://en.opensuse.org |