Re: Allowing passwordless login via GDM
Hey, you guys have a geek way of thinking I didn't expected to encounter on an Ubuntu mailing list ! I'm not talking about five-year-old children's ability to type in a password, nor of the need of their parents to control them. I'm talking of making life easier to users who want to use this feature. Let's them bring up their child as they want to ! For you, typing a password each time you log in isn't an issue. But I believe using the console is not neither. For a normal end-user, this is boring. Coming from Windows or OS X, it's, before people have got to their desktop, a bad point for Ubuntu. Moreover, this feature won't bring down security at all: you still need to enter your password to use gksudo, or ssh... This is only an old Unix-geek reflex putting down Windows about its lacks. But this is not a lack, even Windows has many! Linux power is that you can enable almost all features you want/need, while they are not dangerous. You said users that want to log in without password must have to search a little to set it up. This is what I've done at home. But this is not possible for most of the people, those who need passwordless connexions! I know this feature will be coded, if not now, within 5 years, because this is really needed. The question is, do we want to discourage people from switching to Linux, and do we want Ubuntu to be the best distribution for home end-users? I can't believe that this position is the one of the majority of the team. This way, nothing would have been done at all on Ubuntu (compared to Debian, which I love, for example). Amicably, Milan -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Allowing passwordless login via GDM
Milan a écrit : Hey, you guys have a geek way of thinking I didn't expected to encounter on an Ubuntu mailing list ! I'm not talking about five-year-old children's ability to type in a password, nor of the need of their parents to control them. I'm talking of making life easier to users who want to use this feature. Let's them bring up their child as they want to ! Man, you gonna start a big troll about that geek thing. your way of expressing your ideas isn't good. If I should try to speak in your way, i would call non-password-users , noob-with-no-security-notion . And will that make things evolve ? we would stick in our position and nothing will happen. For you, typing a password each time you log in isn't an issue. But I believe using the console is not neither. For a normal end-user, this is boring. Coming from Windows or OS X, it's, before people have got to their desktop, a bad point for Ubuntu. I got my sister-in-law and her family move under ubuntu. The girl is not computer lover at all. But guess what, she didn't even ask about that question. she was even proud of the fact she can protect her account. oh yeah ! I forgot, I don't even dream of telling her what a console is. Moreover, this feature won't bring down security at all: you still need to enter your password to use gksudo, or ssh... This is only an old Unix-geek reflex putting down Windows about its lacks. But this is not a lack, even Windows has many! Linux power is that you can enable almost all features you want/need, while they are not dangerous. Guess what, that's what Microsoft were thinking when they decide to create those ActiveX thing. let's make the computer ease people life without even telling them. And now ActiveX is the biggest hole of IE. You said users that want to log in without password must have to search a little to set it up. This is what I've done at home. But this is not possible for most of the people, those who need passwordless connexions! I know this feature will be coded, if not now, within 5 years, because this is really needed. The question is, do we want to discourage people from switching to Linux, and do we want Ubuntu to be the best distribution for home end-users? I can't believe that this position is the one of the majority of the team. This way, nothing would have been done at all on Ubuntu (compared to Debian, which I love, for example). I'll tell you my opinion. none of your arguments changed it. I think people shouldn't think of windows has an example when switching to Linux. Linux is known for its improve security but if we bring that kind of spirit inside, we'll lose it. Cheers wattazoum -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Allowing passwordless login via GDM
Moreover, this feature won't bring down security at all: you still need to enter your password to use gksudo, or ssh... This is only an old Unix-geek reflex putting down Windows about its lacks. But this is not a lack, even Windows has many! Linux power is that you can enable almost all features you want/need, while they are not dangerous An example of security related to that hit me. Let's say we have a passwordless account called User. then let's install xchat-gnome ( IRC chat client). Xchat is well done, and nicely integrated in ubuntu, so when you launch it, it proposes you to take your login as a nickname, well, since *User* don't care he just accepts. Suppose there is a security hole/feature (on xchat or another program or server ) that can give a third person access to the computer and propose him to login ( badly set up ssh, or another daemon like vnc ). the third person already knows the login, and don't need a password. He is in ! ( to prevent that the computer manager should have well set up the computer, right ? so he should have work more just to let people login without password.) You might tell me , yeah, the guy is in but got no administrative right ! . First he can destroy all *User*'s datas. Isn't that bad enough ? Let's continue. By default, any user has read access to /etc/passwd . then he could get all users login there. There is obviously one of them with sudo right. So now he has passed the security introduced by ubuntu in forcing the pirate to found a pair login/password. All of that because we created a user without password. :( -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: hidden error messages
Hi, Mike Cornelison [2007-02-22 16:09 +0100]: When a GUI application outputs error messages to stdout or stderr, it is like writing them into a black hole. They are actually supposed to go to ~/.xsession-errors. Please file bugs if that doesn't happen for a particular case. At least it works fine for me with f-spot under Gnome. Thanks, Martin -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntulinux.org Debian Developerhttp://www.debian.org signature.asc Description: Digital signature -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Allowing passwordless login via GDM
I'm not tying to make a troll in any way, and I'm sorry if this subject is fulling the list with useless arguments. And I don't think neither that we should compare Linux to Windows: what I propose is really far from ActiveX, and I will castigate anyone intending to create this for Linux. But you're mistaking on my proposal. I just ask to allow *GDM* to skip password check, just like it *currently does* with autologin. First, this is just an extension of autologin system, so if my idea is dangerous, we have to remove automated connexion feature from GDM immediately. Second, you can't connect to a passwordless account via ssh, vnc or others because it's disabled by default. As Jan Claeys said, PermitEmptyPasswords setting for sshd is no by default, and this is a good thing. Third, I don't ask to use passwordless accounts, which are currently to only way to connect without typing anything, and which are weak œconerning security. With my proposal, your argument is no valid at all, since the account is using a password, and more, a *good* password, since the user hasn't to type it every minute. Think that many users want to use a simple, short, and maybe easy to remember/find (firstname, account name...) because they have to type it often. And I don't speak of empty passwords you are encouraged to set manually. wattazoum, your criticism is really far from reality, because in addition of all this, openssh server is not installed be default, portmap doesn't allow WAN computers to connect to port 22, nor any other port. You currently have to hack the config files to enable it. I would like this topic to be constructive, not only a sterile argument. But it seems nobody is taking seriously the problem and its implications. Again, I'm sorry if this is taking space in the mailing list with no interest at all. But I'm surprised of the reaction. Milan -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Allowing passwordless login via GDM
Milan a écrit : I think this kind of use is a main target for Ubuntu, and using no password at all should be proposed to the user when he creates an account. that was in your message date 22.02.2007 14:46 on my computer. So I understood *no password at all* . Now that you're saying clearly that you want an option in GDM to not prompt for a password for some users, I can understand it and I think it can be useful. A case has happened to me. I sometimes get some visit at home from people that would like to see their email. so I had to set up a account for them but it would have been useful to not have a gdm password on this one. So my mistake. At the beginning of that thread I had understood well the proposal, and you'll notice I didn't answer till that sentence of you . -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: More explicit names for iso images ?
On Fri, Feb 23, 2007 at 04:08:03PM +, john levin wrote: Laurent wrote: Hello Now, every iso files of feisty (for instance) are named feisty-desktop-i386.iso. This is the same name for Ubuntu Herd-3 and Kubuntu Herd-4. I think that names should be more explicit. As for example herd3-desktop-i386.iso and kherd4-desktop.i386.iso. The name should completely determines the nature of the software. +1, it's a problem I've just run into. Have you filed a bug report? The right thing to do is to discuss this with the development team first, and establish some consensus about the right thing to do, before filing a bug report asking for a change. CCing the cdimage team for comment. Incidentally, Canonical provide 4 distro-flavours of the isos: Ubuntu, Kubuntu, as mentioned above, but also Edubuntu and Xubuntu All are named feisty-desktop/alternate/etc, and all should be easily distinguishable from one another. I agree with the points raised above; it would be valuable in many instances to be able to determine the precise version of an ISO from the filename. However, as it happens, I (and probably other developers as well) rely on having a fixed filename in order to do things like automatically rsync the latest images without knowing their name. It's likely that we can find a compromise which satisfies both needs, like using symlinks, but this illustrates the need for discussion before pushing a particular solution. -- - mdz -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu-devel-discuss Digest, Vol 3, Issue 22
They are actually supposed to go to ~/.xsession-errors. Please file bugs if that doesn't happen for a particular case. At least it works fine for me with f-spot under Gnome. YES, that's the problem. And the real problem is that Linux gurus don't understand that it's a problem. I went looking in .xsession-errors for hints about why Totem bombs when trying to play a quicktime file. I found hundreds of messages. Below is a sample of each type. Makes a lot of sense, doesn't it? I have been learning Linux for almost two years now, and I have written about 20K lines of GTK code. This is the first time I ever heard about .xsession-errors. How much of a chance do you think the average non-technical person has dealing with Linux? It is hard enough for people like me with lots of experience. Ubuntu may soon have enough critical mass to set the agenda and the standards that will make Linux more viable. I hope it happens, but it would need someone caring about the little details like hidden error messages and decent documentation. my .xsession-errors file: /etc/gdm/PreSession/Default: Registering your session with wtmp and utmp /etc/gdm/PreSession/Default: running: /usr/X11R6/bin/sessreg -a -w /var/log/wtmp -u /var/run/utmp -x /var/lib/gdm/:0.Xservers -h -l :0 mico /etc/gdm/Xsession: Beginning session setup... SESSION_MANAGER=local/mico1:/tmp/.ICE-unix/4491 Gnome-Message: gnome_execute_async_with_env_fds: returning -1 Gnome-Message: gnome_execute_async_with_env_fds: returning -1 ** Message: plugin_get_value 1 (1) totem-video-thumbnailer couln't thumbnail file: 'file:///home/mico/.Trash/Gammelsdorf190207.mov' Reason: Took too much time to thumbnail. DOUBLE-CLICK: 500 -- -1 THRESHOLD: 5 -- -1 DOUBLE-CLICK: 500 -- -1 THRESHOLD: 5 -- -1 ** (nautilus:4566): WARNING **: file already in tree (parent_ptr: (nil))!!! Window manager warning: Received a _NET_WM_MOVERESIZE message for 0x243 (fotox.09); these messages lack timestamps and therefore suck. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Feisty wireless issue noticed on a blog
On 2/23/07, Conrad Knauer [EMAIL PROTECTED] wrote: http://useopensource.blogspot.com/2007/02/wpa-wireless-just-works-in-ubuntu-704.html The review of wireless, especially WPA, in Herd 4 is glowing, but there is one issue he mentions (I don't have a wireless connection, so I'm just forwarding this along :) The network manager software is smart enough to remember all of your network credentials, but it requires you to create a master password to secure these passwords. So every time you reboot or come back from hibernation, you have to log into Ubuntu AND log into the network keyring. In my opinion, this is redundant and the network keyring should see that you have already authenticated yourself. He mentions that there is a work-around here: http://johnny.chadda.se/2007/02/21/unlock-the-gnome-keyring-upon-login/ CK I think the bug report about this is, and it is an old one from Dapper's time, is: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/34898 At least I don't experience anymore on my laptop in Feisty the multiple keyring password prompts where you are asked 2 or 3 times in a row to unlock your keyring before network-manager can reconnect to a protected network: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/31286 That workaround in that blog you found seems interesting. I'll have to give it a try. -- Daniel Robitaille -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
