Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 20 Apr 2014, 15:27
All times are UTC - 4
 Forum index » Advanced Topics » Cutting edge
Fixing Fido..
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 5 of 6 [78 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Author Message
amigo

Joined: 02 Apr 2007
Posts: 2169

PostPosted: Sun 11 Sep 2011, 12:51    Post subject:  

BarryK wrote:
I don't see why having /root as fido's home is a problem

Wow, simply wow!

Further content deleted -I'm speechless and dumb-founded...
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10522
Location: SwedenEurope

PostPosted: Sun 11 Sep 2011, 13:03    Post subject:  

Oops I must have done something wrong. Suddenly all the actions stopped so I edit my post to not offend anybody.

Get going again folks!

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10522
Location: SwedenEurope

PostPosted: Tue 13 Sep 2011, 06:24    Post subject:  

Double post sorry. I want to know more. I tested Lupu 528 but found no
Fido.

Do we have some list of which puppies that have Fido?

Wary 514?
Snow puppy 20.
Polar puppy 5
Slacko Beta II

These are the only ones one can test Fido on?

Get going again folks! :Friendly Smile:
To not disturb the flow here I try to only be active in my own thread
about fido and spot for noobs and beginners.
http://www.murga-linux.com/puppy/viewtopic.php?t=67885

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Peterm321

Joined: 29 Jan 2009
Posts: 209

PostPosted: Wed 14 Sep 2011, 21:46    Post subject:  

Quote:
01micko

Sun 11 Sep 2011, 06:47

BarryK wrote:
I don't see why having /root as fido's home is a problem



Of course I realise why fido was sharing root's HOME.. for size, but I reckon if users want the added "security" (note loose use of term) of a "user" account then they have to pay the price, both in kilobytes and time. (my password is 4 chars.. not very "secure" eh? It's certainly taking it's toll on those 4 corresponding keys!)


If someone had the time maybe it could be determined what dotfiles in /root actually get modified during a typical session, so that those that don't can be just symlinked back to root from the $HOME directory of fido or whatever username is being used. That might be one idea to save space.

I find that if you are only running firefox as a restricted user then the amount of writable files at issue aren't so great. Mainly they are in $HOME/.mozilla directory (firefox profile etc) (and the files .gtk-bookmarks, .gtk-custom-papers and .gtkrc-2.0 need to be copied from /root to $HOME to keep the theme if it differs from default).

Someone that knows enough about unionfs, aufs etc might be able to figure out a way to mirror the root directory with a writable one for a restricted user. which may or not be an idea worth looking at. Sorry don't know enough to do this, if it can be done at all.
Back to top
View user's profile Send private message 
mcewanw

Joined: 16 Aug 2007
Posts: 2013
Location: New Zealand

PostPosted: Wed 14 Sep 2011, 22:30    Post subject:  

01micko wrote:
... I would like to get the current implementation of Fido fixed such that it works as painlessly as possible. This at least gives the "root" nay sayers no excuse not to at least try Puppy. If it's not fixed then Fido will be disabled in Slacko.


I'm at work just now and don't have a copy of Puppy to look at. However, as far as I remember user fido is by default a member of the group users.

That being the case, getting programs (including config files for these programs to work) with fido could be pretty much achieved by:

giving group "users" group-ownership to all relevant files in /root and /tmp, and read, write and execute permissions to directories /root and /temp, so that members of group "users" have rights to create/modify files in these directories (I did something like that to get Precord working with fido in a test I did at home).

Then any normal user (spot or whoever created) could run any app currently available for Puppy if these "normal" users were made to be members of group "users"

Having said that, I don't personally like any group (or fido for that matter) having such rights and would prefer fido to have its own home directory (/home/fido), its own copies of relevant program config files in there, and Puppy scripts/gtkdialogs and so on to eventually be modified accordingly ...

_________________
Non enim propter gloriam, diuicias aut honores pugnamus set propter libertatem solummodo quam Nemo bonus nisi simul cum vita amittit.
Back to top
View user's profile Send private message Visit poster's website 
gerry

Joined: 26 Jul 2007
Posts: 946
Location: England

PostPosted: Thu 27 Oct 2011, 14:07    Post subject:  

My problem with all this Fido stuff is that my computer gets used by young grandchildren- so I need things to be arranged so that if one of them boots up the computer, they are unable, without my password, to wreck things. Like in Debian or other distros that need administrator privileges to change or delete vital software.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10522
Location: SwedenEurope

PostPosted: Thu 27 Oct 2011, 14:53    Post subject:  

Gerry that is why them provided Fido in the first place.

But you could protect yourself without fido too.

You set up one version of puppy that you use that are password
protect so it does not even boot without your username and password.

Another puppy for guests but there it should be set up with Fido.
But the Devs don\t seem to be happy about Fido.
Too many details to take care of, too many unknown complications?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Thu 27 Oct 2011, 15:31    Post subject:  

Gerry

My solution would be to have a separate save file for yourself which the kids can't access [e.g. on a usb stick]

Then if they mess it up you can still run your puppy

Having a backup for them also would be a good idea, as you could also 'give them back their computer' very quickly....by using the backup, after creating a fresh copy...

That is the way I implement multi-users on my PC, as I have friends who often want to try puppy, so I make saves named Tom, Bill, and Mary....and away they go....

Everything else just seems complicated....??
[I only run frugal or liveCD, now]

Aitch Smile
Back to top
View user's profile Send private message 
disciple

Joined: 20 May 2006
Posts: 6378
Location: Auckland, New Zealand

PostPosted: Thu 27 Oct 2011, 21:26    Post subject:  

It's good to let them mess it up - it will help them learn Smile
_________________
DEATH TO SPREADSHEETS
- - -
Classic Puppy quotes
- - -
Beware the demented serfers!
Back to top
View user's profile Send private message 
L18L

Joined: 19 Jun 2010
Posts: 2476
Location: Burghaslach, Germany somewhere also known as "Hosla"

PostPosted: Tue 15 Nov 2011, 06:00    Post subject: Fixing Fido..
Subject description: permissions of /dev/console
 

Working on internationalization, see
http://murga-linux.com/puppy/viewtopic.php?p=583084

I have found a bug fix for permissions of /dev/console.

Apply
Code:
chgrp users /dev/console
chmod g+w /dev/console

And fido may use /dev/console too

Smile Smile Smile
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Sat 14 Jan 2012, 22:52    Post subject:  

Barry working on Fido
http://bkhome.org/blog/?viewDetailed=02644

Five steps to a more secure SSH
http://thinkhole.org/wp/2006/10/30/five-steps-to-a-more-secure-ssh/

Everything I know about security (found on a tin of dog food)
http://tmxxine.com/sound/secbrief.mp3 Security Podcast http://youtu.be/_uZ_qZgOwg4 Youtube version

With Fido fixed, crackers will not be able to access the server running on your computer . . .
Embarassed . . . except of course Puppy does not run a server as default. We were running MORE securely all along? Embarassed

Any other FIDO tips?

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 10522
Location: SwedenEurope

PostPosted: Thu 01 Mar 2012, 12:45    Post subject:  

I know that I am very annoying and that many tells me that I post too often.

So I have tried to stay way from nagging you guys to solve this
Fido and Spot thing.

But now I have to speak up. The solution is presented here:


[url="Testing1.2.3"]http://murga-linux.com/puppy/viewtopic.php?p=608511#608511[/url]
Quote:
you can use

Code:
su spot


This will give you user level access to start applications from the terminal...


Sounds like a KISS solution does it not? I know nothing and have no
idea how to test it either so I hope you clever guys test this and tell
if it works and if it does how to make use of it as a noob.

Does it help us be more secure that way? When does it not work?
How does it work with doing install of pets and using SFS-load on the fly and so on?

testing and info needed.
The Nagging Nooby Smile

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
L18L

Joined: 19 Jun 2010
Posts: 2476
Location: Burghaslach, Germany somewhere also known as "Hosla"

PostPosted: Thu 01 Mar 2012, 16:09    Post subject: su spot
Subject description: no solution, maybe an April joke, 1 month too early ?
 

nooby wrote:
...
Sounds like a KISS solution does it not? I know nothing and have no
idea how to test it...

No, it is KSASNSAA: Kept Simple And Surely Not Sure At All Wink

Test yourself:

Open a virtual console by klicking on the icon labeled "Console"
Type into this :
su spot
and press the Enter key

Then your are user spot (but on this one console only)
You can start application if you know their name. 2 examples:
Let us start rox and geany.
Here is how this is looking on my system:
# su spot
# rox
#
** (ROX-Filer:5938): CRITICAL **: Unable to save '/root/.config/rox.sournet/ROX-Filer/panels.new'

** (ROX-Filer:5938): CRITICAL **: Unable to save '/root/.config/rox.sournet/ROX-Filer/panels.new'

** (ROX-Filer:5938): CRITICAL **: Unable to save '/root/.config/rox.sournet/ROX-Filer/panels.new'

** (ROX-Filer:5938): CRITICAL **: Unable to save '/root/.config/rox.sournet/ROX-Filer/panels.new'
^C
# geany
symlink: Permission denied
#

You see?
Yes the application has started. But be sure they cannot be used like intended.

And it was just the console where spot is acting.

Take a recent puppy and use fido.
There you can use a console and change to Administrator if you like to do so
Code:
su


Quote:
How does it work with doing install of pets and using SFS-load on the fly and so on?

Installing and so on is an Administrator´s job. You have the power to delete and wipe out everything on your computer

Smile
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10522
Location: SwedenEurope

PostPosted: Thu 01 Mar 2012, 17:24    Post subject:  

So what was/where he proposing?
Does he actually know more than Barry about how Puppy works
or did he misunderstand or not realize that Puppy being a special
version of a single user Linux that it would not act like his other linux OS?

Well I go the bed now and will read his answer tomorrow hopefully.

Will be interesting.
Thanks for explaining to me and giving examples. I did try Fido
and Spot too and I barely survived. I felt so intimidated not getting
a thing about how to get things going. I am a confused user.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
L18L

Joined: 19 Jun 2010
Posts: 2476
Location: Burghaslach, Germany somewhere also known as "Hosla"

PostPosted: Fri 16 Mar 2012, 11:19    Post subject: Fixing Fido..
Subject description: sudo
 

Think this can be reported here....

# sudo
sudo: >>> /etc/sudoers: syntax error near line 8 <<<
sudo: parse error in /etc/sudoers near line 8
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin
#

fix:
change line 8 of /etc/sudoers
from
#120110 added /usr/sbin/delayedrun to SYSTEM category. also, see sudo line added to script.
to
# 120110 added /usr/sbin/delayedrun to SYSTEM category. also, see sudo line added to script.

1 space after #
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 5 of 6 [78 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Cutting edge
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0828s ][ Queries: 13 (0.0067s) ][ GZIP on ]