From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: pjb@informatimago.com (Pascal J. Bourguignon) Newsgroups: gmane.emacs.help Subject: Re: Doing Linux admin work with Emacs Date: Thu, 14 Oct 2010 17:00:45 +0200 Organization: Informatimago Message-ID: <87lj60hl9e.fsf@kuiper.lan.informatimago.com> References: <70fd06bf-4566-4274-9381-ee569700cabd@n40g2000vbb.googlegroups.com> <8762x6jnde.fsf@kuiper.lan.informatimago.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: dough.gmane.org 1291892219 4601 80.91.229.12 (9 Dec 2010 10:56:59 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Thu, 9 Dec 2010 10:56:59 +0000 (UTC) To: help-gnu-emacs@gnu.org Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Thu Dec 09 11:56:54 2010 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1PQeB9-0003L2-H5 for geh-help-gnu-emacs@m.gmane.org; Thu, 09 Dec 2010 11:56:51 +0100 Original-Received: from localhost ([127.0.0.1]:46414 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PQeB8-0002sW-FT for geh-help-gnu-emacs@m.gmane.org; Thu, 09 Dec 2010 05:56:50 -0500 Original-Path: usenet.stanford.edu!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail Original-Newsgroups: gnu.emacs.help Original-Lines: 93 Original-X-Trace: individual.net u5YcULLUDEp5uwKq7MEu4AlzNY5TbBEpHQb0fWA0PS5ZwLnovd Cancel-Lock: sha1:YmRkMTUyMjk1MjRiNWM4YmY2NzExZWE0MGMzOGZlODZjOGZhZTM2Yw== sha1:CizfFhDLKu9dV6ic+gKAzha8iY8= Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwAQMAAABtzGvEAAAABlBMVEUAAAD///+l2Z/dAAAA oElEQVR4nK3OsRHCMAwF0O8YQufUNIQRGIAja9CxSA55AxZgFO4coMgYrEDDQZWPIlNAjwq9 033pbOBPtbXuB6PKNBn5gZkhGa86Z4x2wE67O+06WxGD/HCOGR0deY3f9Ijwwt7rNGNf6Oac l/GuZTF1wFGKiYYHKSFAkjIo1b6sCYS1sVmFhhhahKQssRjRT90ITWUk6vvK3RsPGs+M1RuR mV+hO/VvFAAAAABJRU5ErkJggg== X-Accept-Language: fr, es, en X-Disabled: X-No-Archive: no User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (gnu/linux) Original-Xref: usenet.stanford.edu gnu.emacs.help:181775 X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.help:76974 Archived-At: bebop52 writes: > Thanks to everybody for the detailled and helpful information. I'm > going to quit doing regular work as root, thats for sure. I like both > ideas, using tramp or having a second emacs window (with different > colours) used only for admin work - I have to give it a try. > So I really do need only one user instead of my two different users > that complicate my life tremendously. > > I'm still a bit confused about the admin rights: > - is it common and secure to surf the web as a non-root standard user > WITH system administration rights? That would depend on the meaning of "administration rights". That's the problem with GUI, they set you far apart from the semantics. Classically administrators were users that were in the wheel or root group (gid = 0 in /etc/group). This allowed them to access files assigned to the wheel group, and some programs like su would filter out users not in that group. Nowadays, sudo is favored, and an administrator would have to be in /etc/sudoers. But at a GUI level, there could also be another kind of management of "administrators", with an independent database and gateway tools. > - are giving a user admin rights and giving him sudo-rights two > different, independent concepts? Good question. > I now have two users with admin > rights, but /etc/sudoers has only one uncommented line: "root > ALL=(ALL) ALL" and /etc/sudoers.d/ is empty. When I want to be able to use sudo, I do: su - bash -c "echo 'pjb ALL=(ALL) ALL' >> /etc/sudoers" Perhaps there's other ways to configure sudo. Reading the documentation would be good. > - did I get it right that the option to use tramp sudo/su is available > to standard user WITHOUT system administration rights too? su yes, sudo no. sudo checks that the calling user has the right to use sudo, so that the calling user may use the su account only giving his own password. su only check the password of the su user, which the normal user has to know, whoever he is. su is similar to ssh root@localhost (but ssh itself can be configured to prevent root connection, or to prevent connecting to the root account automatically with the authorized_keys features). > When I get this user stuff straight I would only need to find a (easy) > way how to connect to alice dsl from an xterm session, then I wouldn't > need no gnome desktop anymore, just xterm and emacs. Notice that emacs also contains a terminal emulator similar to xterm: M-x term RET In term, most keys are sent to the terminal. Use C-c b to switch to another buffer and go on with normal emacs life. So theorically, you could also avoid xterm. To connect to a router, in general you can use the web (but they often require javascript or java, so that rules out emacs-w3m), or telnet or ssh. Try out: M-x shell RET telnet $ip_of_your_router RET To get out of telnet, type C-] q RET -- __Pascal Bourguignon__ http://www.informatimago.com/