Thanks Shaun, Marco is here with me, we love Ubuntu, which is why we chose it for our systems. What we see is this: (We understand the sudo thing, that's not the issue) 1. Build a system, use the Administration tools. (ie. network-admin) All works fine. ***Something happens*** (not jumping to conclusions now, but it seems to start after eth0 switches to avah mode.) 2. Now we are locked out. The systems are 'poisoned,' in that we can no longer access these admin tools. Twenty three of them, and four of our office machines. Marco showed me tons of hits with other users experiencing the same. Use the menu selection with the mouse, we are prompted for password, then (enter correct one) = denied. -or- Type the tool's name at the bash prompt, no password dialog occurs, sudo or not makes no difference, and we see the denial dialog box. (Marco said that the udev suggestion from Simos did not help as we actually have no /etc/udev/rules.d/70-persistent-net.rules. 65-, yes 80-yes, but no 70.) Thanks again. - Clark & Marco On Feb 18, 2008, at 9:33 AM, Shaun McCance wrote: > On Fri, 2008-02-15 at 12:06 -0800, Clark Dunson wrote: >> And Gnome overrides su/root?!? Whathehellis this dialog box?!?: >> >> >> "You are not allowed to access the system configuration" >> >> >> That is really bogus. I'm root!!! > > Actually, unless you've heavily customized Ubuntu, you're not. > Neither is anybody else. Ubuntu uses sudo, which allows normal > users to escalate their privileges without actually becoming > root. When prompted for a password for sudo, you do not type > a root password; you type your own password. This prevents > malicious scripts from simply assuming privileges without your > authorization. > > This is not a Gnome thing. It's an Ubuntu thing. And for that > matter, Ubuntu did not invent sudo. It's been around since the > 1980s. Gnome is, however, moving towards PolicyKit, which is > like sudo in that it grants authorization for particular tasks, > instead of just handing out root. PolicyKit is more well-suited > for graphical applications, though, as it allows applications to > perform backend operations with privileges without the graphical > application itself having those privileges. > > If this is too un-UNIX for you, well, sorry. But it's a better > system in pretty much every way imaginable. > > -- > Shaun > > _______________________________________________ gnome-list mailing list gnome-list@xxxxxxxxx http://mail.gnome.org/mailman/listinfo/gnome-list
