On Thu, Jun 14, 2018 at 6:02 PM Edgar Hoch <edgar.hoch(a)ims.uni-stuttgart.de>
wrote:
I support displaying the contents of files in /etc/motd.d/*, but:
- Why only for ssh logins? What about console logins? What about graphical
desktop logins? Why should that users not see this messages?
For console logins, the user will get this message displayed as part of
/etc/issue, which is visible *before* logging in. That's preferable, since
it may save them some time.
- Why should a normal user see a message like
"Activate the web console with: systemctl enable --now cockpit.socket" ?
A normal user cannot do that!
That's a valid point; we should figure out if we can limit this to certain
users somehow (maybe members of the %wheel group).
But an administrator doesn't need this message - he / she knows
systemctl
command and / or can read the documentation!
That's contrary to the intent here, which is to be helpful to *new*
administrators. One of the goals of Cockpit is to help new administrators
get familiar with the system. So making assumptions that an administrator
should just know that a console is available and they have to google a
command to install it is a bad user experience.
There should be at least a configuration option if cockpit-ws generates
this message!
The default should be off - because administrators should be able to
install the same list of packages on many different hosts (workstations,
servers, notebooks, virtual machines, etc.) but run different services and
use cases on them.
Again, no. The default is to help new people figure out what to do with
their system. I agree, the directions to activate the console is probably
unhelpful to a non-administrative user. So we *should* see if we can limit
its exposure and if not we should probably not display it.
Now I need to uninstall cockpit-ws to get rid of this cockpit
messages!
I cannot even disable cockpit-motd.service because it is static! Thats
very bad!
Sure you can, that's exactly the point of `systemctl mask`. Oh, did you not
know that command? I would assume that ALL administrators would know it...
wasn't that your argument above? (I joke, but I'm trying to make the point
that we cannot assume our users - even the experienced ones - know
everything about the system).