Jerry Amundson wrote:
On Thu, Dec 4, 2008 at 12:24 PM, Rick Stevens <ricks@xxxxxxxx> wrote:
Jason L Tibbitts III wrote:
Whenever I've had to get rid of extra installed packages I've just
checked yum.log, but something more automatic might be useful to some.
I tend to concur, but I also think that you can't keep people from doing
stupid things, e.g. "# rm -rf /".
"Once you make something idiot-proof, nature creates better idiots."
True, but we've shown here that, out of the box, Fedora is fairly
close to having *some* idiot-proofness.
One approach would be to:
1. Make yum-protect-packages mandatory in @core
2. include /etc/sysconfig/protected-packages.d/core.list in
yum-protect-packages that contains @core listed.
As simple as that, even Joe Plumber has a protected Fedora install.
For that matter, would not even Joe Linux-guru benefit? If needed, the
latter could always "use the --override-protection command-line
option."
I have no issue with it, but I think we're getting a bit wide of the
mark here. I think the initiating issue here was someone doing a "-y"
on a remove of some multimedia thing and having it take things that the
user wasn't expecting with it. It wasn't an "@core" thing--someone used
that as a somewhat specious example of gross stupidity.
In some respects, the ability to specify "-y" on things such as yum (or
fsck, for that matter) is essentially taking the training wheels off.
Don't do it unless you're prepared for the (potentially dire)
consequences. It's up to you to wear the helmet.
Hmm, too easy. I'm sure I've overlooked something.
Not really. You're never going to come up with a perfect solution. You
can't please everyone...look at the flap regarding GDM defaulting to not
permitting GUI root logins and how ticked people are at that, and I find
that to be a rather minor annoyance. Perhaps we add a "intended
audience" option to the installer:
Novice Install: Install yum-protect-packages with reasonable lists,
block root GUI logins, disable "yum -y" and other (potentially
dangerous) automatic command line options, etc. Full "training wheels,
hockey equipment and short bus" mode. The fun part here is determining
which commands have dangerous options. I know people who shouldn't be
allowed to turn on a computer...much less use one.
Standard Install: Essentially what we have now.
Advanced Install: No restrictions (permit GUI root logins, etc.)
Wow! This idea may cause the maintainers NOTHING but headaches! Sorry
I brought it up, guys! Don't hit me!
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer ricks@xxxxxxxx -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- Huked on foniks reely wurked for me! -
----------------------------------------------------------------------
--
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe:
https://www.redhat.com/mailman/listinfo/fedora-test-list
