On Wed, 2008-03-26 at 20:29 -0400, Jesse Keating wrote:
> On Wed, 2008-03-26 at 15:12 -0600, Gian Paolo Mureddu wrote:
> > Sarcastic disclaimer.
> >
> > Why not install all binaries into /bin, /usr/bin, /usr/local/bin and be
> > done with it, then? Why EVEN have another path, anyway? Better yet, why
> > don't we follow Ubuntu and make sudo the default, make regular users
> > have admin rights! Why do we even need root? What's that? Geeze, I mean
> > why even keep an ancient file system layout?
>
> Believe it or not, these are all pretty useful suggestions.
>
> Links to (/usr)/sbin can be maintained for legacy or FHS compliance.
> However due to shortcomings in RPM this isn't feasible. Instead we'll
> just munge the normal user's path so that (s)he doesn't have to go
> hunting for useful tools.
Hm. Most of the commands found in {/usr,}/sbin only make sense for a
user with elevated privileges, i.e. root. Those that also make sense for
normal users (e.g. tools which provide read-only access as well like
ip/ifconfig, sysctl, etc.) could easily be hardlinked into the bin
directories on the same level without much hassle on the RPM side of
things.
> Sudo should (optionally) be the default for the first user added, like
> say through firstboot. A checkbox that would have to be cleared that
> will drop the user in the wheel group which by default has sudo rights
> (that way we don't have to munge the sudors file).
Sudo is all fine and dandy if you think about the command line, but this
is still a "legacy" way of doing things. Mind that as long as they're in
good order I'm all for keeping "legacy" as "legacy" often also means
"tried and true". I also don't see a reason why "legacy" and new ways
can't coexist.
> "root" is a legacy concept. Either the local user is also the admin, or
> the admin is a site wide admin where local root accounts are just jokes
> and instead things are done as sudo, or through config management
> systems.
"root" is only a legacy concept inasmuch as UIDs are seen as users, not
as roles that someone assumes temporarily, e.g. by way of sudo or
PolicyKit/dbus proxies. Keeping the privileged role separate from the
normal role, even for the primary user of a system, is one line of
defense against malware.
> I also agree that ancient filesystem layouts are needless confusion.
> They (almost) made since way back in the day, but fear of chance has
> kept them coming forward into modern day operating systems where they're
> just not needed, and only add confusion and frustration. "Where do I
> install this binary into? What level man page do I give this?" etc...
Man pages are a particularly bad example, as it's not only "What level
man page do I give this?" but also "What level is this man page I want
to read?" -- "man foo" almost always displays the wrong one if there are
multiple.
Other than that, the distinction and compartmentalization between /
and /usr is quite sound -- the former contains the basic set of tools
and libraries to bootstrap the system, regardless of where from the rest
comes. If disaster strikes, a small root volume is much less likely to
be than a giant single volume and it gives me the tools necessary to
salvage what is salvageable.
Nils
--
Nils Philippsen / Red Hat / nphilipp@xxxxxxxxxx
"Those who would give up Essential Liberty to purchase a little Temporary
Safety, deserve neither Liberty nor Safety." -- B. Franklin, 1759
PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011
--
Fedora-desktop-list mailing list
Fedora-desktop-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-desktop-list
