Thoughts about Fedora 21 Desktop

Stephen Gallagher sgallagh at redhat.com
Tue Dec 9 14:26:24 UTC 2014 



On Tue, 2014-12-09 at 08:38 -0500, Bastien Nocera wrote:
> 
> ----- Original Message -----
> > 
> >   On Tue, 2014-12-09 at 05:51 -0500, Bastien Nocera wrote:
> > > A number of OSes default to having the first created user be the
> > > "Administrator", including OSX, Windows and, closer to our usage,
> > > Ubuntu.
> > > 
> > > I don't think that defaulting to the first user being an admin is a
> > > problem for people installing multiple machines, as this would be
> > > something they would look for. I'd much rather force having an admin on
> > > the system and get rid of the root user as something you can log in as.
> > 
> > Well, that works if-and-only-if you are dealing with a predominately
> > single-user machine. In the case where you are managing users in a
> > FreeIPA or Active Directory domain, in many cases you won't really have
> > a "first user" on the system.
> 
> Even network-enabled logins have local admin users, such as the well-known "toor".
> Having a local admin that's not root would certainly be beneficial.
> 
> > Now, an argument can be made for requiring that the domain policy is set
> > up to have appropriate admin privileges for certain users in the domain,
> > but that doesn't help if there's a bug in network connectivity or SSSD
> > that prevents that admin from being able to log in to fix things.
> > 
> > So I think a strong need remains for having a real root account on
> > systems that are domain-enabled.
> 
> So you don't want a real root account, you want a local admin with rights
> similar to root.


Well, not *necessarily*. First, a local admin account that isn't UID 0
could end up conflicting with a domain account, which is never good.
UID/GID 0 is the only specially-exempted pair from SSSD (so it will
never under any circumstances interfere with it). If we wanted to create
a account with rights similar to root, we might need to consider
reserving another special ID for that user.

But I suppose we're well into "if it walks like a duck, quacks like a
duck and looks like a duck, it's probably functionally equivalent to the
root user" here. Current technical considerations lead to a preference
towards using UID/GID 0 for this purpose (changing the name of root
would be entertaining...), but hey, "it's all code". Nothing is
permanently carved into a marble tablet.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/desktop/attachments/20141209/28fab7f0/attachment.sig>

More information about the desktop mailing list