Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On 06/12/2021 23:53, Samuel Sieb wrote: On 12/6/21 09:47, Sérgio Basto wrote: On Mon, 2021-12-06 at 12:12 -0500, Matthew Miller wrote: On Mon, Dec 06, 2021 at 11:59:05AM +, Sérgio Basto wrote: Correct me, if I'm wrong, people to avoid put password in every sudo command, modify sudo to not ask password . And this behavior is a big hole of security , if user is compromised, attacker will have root access for free. I imagine some people do that, but it's certainly not the default. well I'm asking if is not a common behavior ? It's not a common behaviour that I've heard of. Some other distros cache the authentication so that you don't have to enter the password again within a certain period of time. That's a nice option. Just like Fedora does you mean? In fact as far as I know it's the upstream default for sudo! Tom -- Tom Hughes (t...@compton.nu) http://compton.nu/ ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On 12/6/21 09:47, Sérgio Basto wrote: On Mon, 2021-12-06 at 12:12 -0500, Matthew Miller wrote: On Mon, Dec 06, 2021 at 11:59:05AM +, Sérgio Basto wrote: Correct me, if I'm wrong, people to avoid put password in every sudo command, modify sudo to not ask password . And this behavior is a big hole of security , if user is compromised, attacker will have root access for free. I imagine some people do that, but it's certainly not the default. well I'm asking if is not a common behavior ? It's not a common behaviour that I've heard of. Some other distros cache the authentication so that you don't have to enter the password again within a certain period of time. That's a nice option. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On 12/1/21 08:13, mkol...@redhat.com wrote: AFAIK it always added the user to the wheel group. AFAIK there is just one special root account and you can't change its username. You can change the root username. Some people have done that for security purposes. However, it's possible that some applications try to use the root username instead of just uid 0, but I don't know of any. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Mon, 2021-12-06 at 12:12 -0500, Matthew Miller wrote: > On Mon, Dec 06, 2021 at 11:59:05AM +, Sérgio Basto wrote: > > Correct me, if I'm wrong, people to avoid put password in every > > sudo > > command, modify sudo to not ask password . And this behavior is a > > big > > hole of security , if user is compromised, attacker will have root > > access for free. > > I imagine some people do that, but it's certainly not the default. well I'm asking if is not a common behavior ? > Users could also configure their systems to allow an empty root > password. > They also shouldn't do that. > > -- > Matthew Miller > > Fedora Project Leader > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure -- Sérgio M. B. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Mon, Dec 06, 2021 at 11:59:05AM +, Sérgio Basto wrote: > Correct me, if I'm wrong, people to avoid put password in every sudo > command, modify sudo to not ask password . And this behavior is a big > hole of security , if user is compromised, attacker will have root > access for free. I imagine some people do that, but it's certainly not the default. Users could also configure their systems to allow an empty root password. They also shouldn't do that. -- Matthew Miller Fedora Project Leader ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Wed, 2021-12-01 at 21:40 +, Zbigniew Jędrzejewski-Szmek wrote: > On Wed, Dec 01, 2021 at 09:29:43AM -0600, Brandon Nielsen wrote: > > On 11/29/21 1:33 PM, Ben Cotton wrote: > > > https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda > > > > > > = Users are administrators by default in the installer GUI = > > > > > > == Summary == > > > > > > The Anaconda installer GUI will have the administrative rights > > > checkbox on the User screen ticked by default. > > > > > > == Owner == > > > > > > * Name: [[User:Vladimirslavik| Vladimir Slavik]] > > > * Email: vsla...@redhat.com > > > > > > > > > == Detailed Description == > > > > > > Currently, the Anaconda installer GUI presents an unticked > > > checkbox > > > "Make this user administrator" on the user setup screen by > > > default. > > > This means users have to discover the control, understand its > > > meaning, > > > and consciously decide to change the value from the default one. > > > > > > > [Snip] > > > > I find this wording confusing, and I've been using Linux for at > > least 15 > > years now. I think if we're making changes to reduce user confusion > > we may > > want to change the wording as well? > > > > Perhaps a better wording would be "Grant user administrator > > privileges > > (allow sudo)"? Something to make it clear the resulting user isn't > > root, but > > can act as root. Correct me, if I'm wrong, people to avoid put password in every sudo command, modify sudo to not ask password . And this behavior is a big hole of security , if user is compromised, attacker will have root access for free. > +1. The explanation can be even longer: maybe "(e.g. allow sudo as > root, > access to all logs, and other administrative actions)". If you're > finding > the existing wording unclear, many other people are most likely too. > > Zbyszek > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure -- Sérgio M. B. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
Thank you, I have added feedback from this discussion to the Change page. https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda#Feedback (This does not mean the discussion is over, just that there was enough to go and edit the page.) Best, VS On Mon, Nov 29, 2021 at 8:35 PM Ben Cotton wrote: > > https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda > > = Users are administrators by default in the installer GUI = > > == Summary == > > The Anaconda installer GUI will have the administrative rights > checkbox on the User screen ticked by default. > > == Owner == > > * Name: [[User:Vladimirslavik| Vladimir Slavik]] > * Email: vsla...@redhat.com > > > == Detailed Description == > > Currently, the Anaconda installer GUI presents an unticked checkbox > "Make this user administrator" on the user setup screen by default. > This means users have to discover the control, understand its meaning, > and consciously decide to change the value from the default one. > > However, computer usage by individuals is heavily skewed towards > single user machines where the (sole) user has administrative powers > over the machine by invoking `sudo`. This has been always reflected by > the design of the screen, which allows only a single user to be > created. The GNOME first time setup also creates a single user - and > makes them an administrator without asking. > > The proposed change merely changes the default GUI state to be in line > with this expectation. > > Further, this change of defaults complements the default for root > account. The redesign of root setup screen in Fedora 35 makes it clear > that root should be left locked. This change makes it clear that the > user should be the administrator. Together, these defaults will let > the user satisfy all user account options by filling in nothing more > than the user name and the password (twice to confirm). > > > == Benefit to Fedora == > > One less footgun in the installer for entry-level users. They will be > able to rely on defaults and achieve the expected outcome. > > == Scope == > > * Proposal owners: Isolated change - adjust Anaconda code to do so as > suggested here. Low effort. > * Other developers: No changes needed. > * Release engineering: Different defaults ''could'' impact installer > testing. [https://pagure.io/releng/issues #Releng issue number] > * Policies and guidelines: N/A > * Trademark approval: N/A > * Alignment with Objectives: None. > > == Upgrade/compatibility impact == > > No impact. Installation implies teardown of previous system, including > users. > > == How To Test == > > Start Anaconda installer for the Server variant, open the user setup > screen, "Make this user administrator" is checked = pass. > > Should be variant / spin / hardware agnostic, with the caveat that the > presence of user screen is configurable, so in many cases the screen > is not reachable. > > Kickstart installs are not affected. > > == User Experience == > > Users installing Fedora will no longer be forced to spend time > deciding how to arrange the administrative powers (they, root, both?) > and configuring that. They will be able to fill in user name and > password and the default configuration will be valid. They can give in > to the power of defaults. > > For users that want to configure the system differently from the > majority use case, the controls to do so are still as they were, only > the defaults are different. > > For those installing Fedora manually often, muscle memory for user > screen will break, as the checkbox will no longer have to be toggled. > > == Dependencies == > > None. > > == Contingency Plan == > > Any Fedora QA and OpenQA changes reflecting this will have to be > reverted. Other than that, there is no technical or process > requirement for this change, so no impact. The change does not happen > and previous defaults remain. > > * Contingency mechanism: N/A > * Contingency deadline: N/A > * Blocks release? No > > == Documentation == > > * https://github.com/rhinstaller/anaconda/pull/3719 > > == Release Notes == > > In the User spoke, the "Make this user administrator" checkbox is now > checked by default. This improves installation experience for users > who do not know and need to rely on the default values to guide them. > > > -- > Ben Cotton > He / Him / His > Fedora Program Manager > Red Hat > TZ=America/Indiana/Indianapolis > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure > -- Vladimír Slávik Software Engineer,
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
Thanks, I have edited the release note on the proposal page. VS On Wed, Dec 1, 2021 at 5:23 PM Jiri Konecny wrote: > > Dne 01. 12. 21 v 16:16 Jonathan Wakely napsal(a): > > On Mon, 29 Nov 2021 at 19:36, Ben Cotton wrote: > >> == Release Notes == > >> > >> In the User spoke, the "Make this user administrator" checkbox is now > >> checked by default. This improves installation experience for users > >> who do not know and need to rely on the default values to guide them. > > What's the context of this text? Is it in a section that is > > specifically about anaconda? Because "the User spoke" isn't very > > meaningful on its own. Arguably talking about spokes at all isn't very > > meaningful for end users who are reading the release notes. I did a > > double-take when reading it, until remembered that's the anaconda > > terminology, and I've been using anaconda for years and years. > Yes, you are correct it's the Anaconda context. Good point, maybe it > would be good to change the proposal a bit to clarify that? > > Jirka > > ___ > > devel mailing list -- devel@lists.fedoraproject.org > > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure > -- Vladimír Slávik Software Engineer, Platform Engineering Red Hat Czech, s.r.o. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Wed, Dec 01, 2021 at 04:53:20PM -0500, Colin Walters wrote: > > > On Wed, Dec 1, 2021, at 4:34 PM, Chris Adams wrote: > > Once upon a time, Colin Walters said: > >> https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8 > > > > Missed this message earlier... this seems like this should be the > > default on pretty much all Fedora setups, with documentation on how to > > change it if you secure the boot loader. > > Yeah, I agree. Also related is > https://github.com/coreos/fedora-coreos-tracker/issues/134 > > Basically systemd doesn't know whether or not the bootloader is locked. > Longer term, perhaps there could be some standard variable for this passed > from the bootloader to kernel/systemd that says whether or not the bootloader > allows unauthenticated interactive keyboard changes (as grub does on default > Fedora setups). If it does, we can just unceremoniously drop to a root shell. I've submitted https://fedoraproject.org/wiki/Changes/FixRescueMode to make this default on Fedora setups (it should be officially announced by Monday). I'm interested in the longer-term followup too - should we discuss that separately and cc: grub and systemd development lists? Best, -- Michel Alexandre Salim profile: https://keyoxide.org/mic...@michel-slm.name signature.asc Description: PGP signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Wed, Dec 01, 2021 at 05:19:52PM +0100, Jiri Konecny wrote: > > > Dne 01. 12. 21 v 1:10 Michel Alexandre Salim napsal(a): > > On Tue, Nov 30, 2021 at 10:08:19AM -0600, Michael Catanzaro wrote: > > > On Tue, Nov 30 2021 at 10:57:37 AM -0500, Colin > > > Walters > > > wrote: > > > > https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8 > > > Should we be using this on other Fedora variants too...? At least for > > > Workstation, where root is always locked? > > > > > That seems sensible, can it be part of this Change or should it be > > worked on separately? > > I don't think it should be part of this change. It seems unrelated to the > change proposal. > Makes sense. If there's no objection, I'll propose this as a separate Change - it's bitten our users several times in the past. Thanks, -- Michel Alexandre Salim profile: https://keyoxide.org/mic...@michel-slm.name signature.asc Description: PGP signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Wed, Dec 1, 2021, at 4:34 PM, Chris Adams wrote: > Once upon a time, Colin Walters said: >> https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8 > > Missed this message earlier... this seems like this should be the > default on pretty much all Fedora setups, with documentation on how to > change it if you secure the boot loader. Yeah, I agree. Also related is https://github.com/coreos/fedora-coreos-tracker/issues/134 Basically systemd doesn't know whether or not the bootloader is locked. Longer term, perhaps there could be some standard variable for this passed from the bootloader to kernel/systemd that says whether or not the bootloader allows unauthenticated interactive keyboard changes (as grub does on default Fedora setups). If it does, we can just unceremoniously drop to a root shell. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Wed, Dec 01, 2021 at 09:29:43AM -0600, Brandon Nielsen wrote: > On 11/29/21 1:33 PM, Ben Cotton wrote: > >https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda > > > >= Users are administrators by default in the installer GUI = > > > >== Summary == > > > >The Anaconda installer GUI will have the administrative rights > >checkbox on the User screen ticked by default. > > > >== Owner == > > > >* Name: [[User:Vladimirslavik| Vladimir Slavik]] > >* Email: vsla...@redhat.com > > > > > >== Detailed Description == > > > >Currently, the Anaconda installer GUI presents an unticked checkbox > >"Make this user administrator" on the user setup screen by default. > >This means users have to discover the control, understand its meaning, > >and consciously decide to change the value from the default one. > > > > [Snip] > > I find this wording confusing, and I've been using Linux for at least 15 > years now. I think if we're making changes to reduce user confusion we may > want to change the wording as well? > > Perhaps a better wording would be "Grant user administrator privileges > (allow sudo)"? Something to make it clear the resulting user isn't root, but > can act as root. +1. The explanation can be even longer: maybe "(e.g. allow sudo as root, access to all logs, and other administrative actions)". If you're finding the existing wording unclear, many other people are most likely too. Zbyszek ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
Once upon a time, Colin Walters said: > https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8 Missed this message earlier... this seems like this should be the default on pretty much all Fedora setups, with documentation on how to change it if you secure the boot loader. I wasn't aware this option existed, because it isn't documented in any of the systemd man pages (and in fact there is no man page at all for systemd-sulogin-shell or the emergency or rescue services). Now I see there's an additional list of environment variables in /usr/share/doc/systemd/ENVIRONMENT.md (which I didn't know I needed to look for an environment variable to set, so I wouldn't have looked there even if I knew the file existed). -- Chris Adams ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, 2021-11-30 at 15:57 -0800, Adam Williamson wrote: > On Tue, 2021-11-30 at 22:39 +, Sérgio Basto wrote: > > On Tue, 2021-11-30 at 16:03 -0500, Matthew Miller wrote: > > > On Tue, Nov 30, 2021 at 11:13:19AM +, Sérgio Basto wrote: > > > > I don't use sudo , and I'm against the use of sudo , Fedora > > > > tradition > > > > do things as root . > > > > > > I hope we don't! Doing things with least required privilege is an > > > important > > > security principle, one which was actually pioneered here with the > > > usermode/consolehelper tools and then policykit and dbus helpers for > > > GUI > > > applications. And we've been putting people in `wheel` by default and > > > configuring sudo in the corresponding way since... F15, I think. > > > > yes , I mean be administrator with sudo (more than like in Debian, is > > like in Ubuntu) and do commands like `sudo dnf` I guess . > > As subject says "Users are administrators" and use sudo to execute all > > kind of administration, I prefer do `su -` and execute the commands, > > that what I meant by "I don't use sudo" . > > You know you can just do "sudo su" if you prefer that style, right? I use "sudo -i" all the time ... "sudo su" is a bit of a waste ... > -- > Adam Williamson > Fedora QA > IRC: adamw | Twitter: adamw_ha > https://www.happyassassin.net > > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure -- Simo Sorce RHEL Crypto Team Red Hat, Inc ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, Nov 30, 2021 at 9:49 AM Chris Adams wrote: > So, not directly related to the proposal, but jumping in here because it > goes with the above statement - the "root should be left locked" setup > is a problem that keeps single-user mode broken. I tried to follow the > Fedora (and other distros) default of root being a locked account, and > then found that it's a broken setup. > > I was changing some disk config and made a typo in /etc/fstab, so > filesystems wouldn't mount on boot. The boot process stopped and > prompted for the (non-existant) root password. The only way to proceed > at that point is to bypass the normal init (remember to load SELinux > policy manually or face a full relabel, which is irritating) and set a > root password. It is possible to boot such a system with 'systemd.debug-shell=1' boot parameter, and you'll get a root login on tty9, and from here you can run 'passwd' and enable the root account. Like, the fact we can do this so easily is something of a security risk, which is also ironic that the #1 reason I'm aware of and use this work around is because I'm locked out of maintenance mode boot due to the root user not having a password which is ostensibly more secure. From one fire into the next... While I agree that the options are suboptimal, the whole fall over behavior when something doesn't assemble correctly is more suboptimal. There aren't that many folks who can troubleshoot such things in the initramfs, it's such a severely limited environment, and requires esoteric knowledge to even figure out why things don't assemble let alone fix them. A few ideas have been floated to make it better: * enabling read-only rootfs startup * possibly use overlayfs with a read/write layer on volatile /run, and somehow indicating to the user things are running in a degraded/safe/emergency read-only startup. * a recovery partition to enable starting up a more complete and user friendly environment * could be based on Live media used for doing installations > This IMHO should have been addressed before making "root account locked" > a default. At a minimum, you shouldn't be prompted for a password that > doesn't exist. It used to be possible to edit the sulogin options to > add --force (so that a locked root account bypassed the password > request), but then systemd removed that. There's a possibility that systemd-homed is available soon after a read-only mount of rootfs, and could be used to authenticate a user in the wheel group to login to the maintenance mode prompt. But right now, none of the user authentication stuff is running by the time early startup file system assembly tends to fail, and also needs rw mount for whatever reason. So I guess it's not such a simple problem to solve at the moment. -- Chris Murphy ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
Dne 01. 12. 21 v 16:16 Jonathan Wakely napsal(a): On Mon, 29 Nov 2021 at 19:36, Ben Cotton wrote: == Release Notes == In the User spoke, the "Make this user administrator" checkbox is now checked by default. This improves installation experience for users who do not know and need to rely on the default values to guide them. What's the context of this text? Is it in a section that is specifically about anaconda? Because "the User spoke" isn't very meaningful on its own. Arguably talking about spokes at all isn't very meaningful for end users who are reading the release notes. I did a double-take when reading it, until remembered that's the anaconda terminology, and I've been using anaconda for years and years. Yes, you are correct it's the Anaconda context. Good point, maybe it would be good to change the proposal a bit to clarify that? Jirka ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
Dne 01. 12. 21 v 1:10 Michel Alexandre Salim napsal(a): On Tue, Nov 30, 2021 at 10:08:19AM -0600, Michael Catanzaro wrote: On Tue, Nov 30 2021 at 10:57:37 AM -0500, Colin Walters wrote: https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8 Should we be using this on other Fedora variants too...? At least for Workstation, where root is always locked? That seems sensible, can it be part of this Change or should it be worked on separately? I don't think it should be part of this change. It seems unrelated to the change proposal. Jirka It's probably also a good idea to prompt to set the root password, /iff/ the user unchecks the administrator box, but understandable if the Change authors feel that's out of scope. Best regards, ___ devel mailing list --devel@lists.fedoraproject.org To unsubscribe send an email todevel-le...@lists.fedoraproject.org Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it:https://pagure.io/fedora-infrastructure ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Wed, 2021-12-01 at 09:29 -0600, Brandon Nielsen wrote: > On 11/29/21 1:33 PM, Ben Cotton wrote: > > https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda > > > > = Users are administrators by default in the installer GUI = > > > > == Summary == > > > > The Anaconda installer GUI will have the administrative rights > > checkbox on the User screen ticked by default. > > > > == Owner == > > > > * Name: [[User:Vladimirslavik| Vladimir Slavik]] > > * Email: vsla...@redhat.com > > > > > > == Detailed Description == > > > > Currently, the Anaconda installer GUI presents an unticked checkbox > > "Make this user administrator" on the user setup screen by default. > > This means users have to discover the control, understand its > > meaning, > > and consciously decide to change the value from the default one. > > > > [Snip] > > I find this wording confusing, and I've been using Linux for at least > 15 > years now. I think if we're making changes to reduce user confusion > we > may want to change the wording as well? > > Perhaps a better wording would be "Grant user administrator > privileges > (allow sudo)"? Something to make it clear the resulting user isn't > root, > but can act as root. I think being able to use sudo is not the only user visible thing - IIRC it will also ask for your password to unlock some configuration screens or to confirm some forms of package installation/updates. So non-CLI Fedora users might not actually know what "sudo" means, while they might understand the administrator privileges concept. > > I had always assumed the "Make this user administrator" checkbox > meant > the created user would effectively _be_ root, just with a different > username. AFAIK it always added the user to the wheel group. AFAIK there is just one special root account and you can't change its username. > > After playing with yesterday's KDE rawhide compose, I boldly decided > to > check the box. Apparently what it really means is the created user is > a > member of the wheel group and can use sudo. This also appears to > disable > the root user spoke in Anaconda. AFAIK it is not disabled - just not required to be configured before installation can be started. It should still be possible to configure both user & root accounts from the Anaconda GUI - we just want to emphasize user with admin privileges as the default. > The resulting install fixes one of my > biggest gripes with the KDE spin. So I say the checking it by default > part of the change proposal is great! Why was I not checking this all > along? My guess is historic inertia. ;-) > As mentioned in the change proposal this basically matches what > happens with the user gnome-initial-setup creates so it's a > consistency > win as well. Yep, that was one of the motivations/validations for this change. > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
Once upon a time, Adam Williamson said: > Boot with `systemd.debug-shell=1` and there will be a root console > available on tty9 from very early in boot. Not sure if it's early > enough for this specific scenario, but it is for a lot. > > You can also boot to the initramfs environment by booting with > `rd.break`, from where you can fix up most problems. Those are okay work-arounds (I didn't know about the systemd.debug-shell, have to see if I can remember that one), but the base problem remains: in the default root-locked config, boot errors stop and require a password that is not set (and systemd internalized the sulogin call so there's no way to override it with local config). That is bad user experience and should be fixed. I always thought the change to prompting for a root password for repair and single-user mode was odd, since the default boot loader config is not locked down to prevent going right around such a requirement. Either lock it all down or make it configurable. Part of my default system config was to change the sulogin call, until systemd took that option away. -- Chris Adams ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On 11/29/21 1:33 PM, Ben Cotton wrote: https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda = Users are administrators by default in the installer GUI = == Summary == The Anaconda installer GUI will have the administrative rights checkbox on the User screen ticked by default. == Owner == * Name: [[User:Vladimirslavik| Vladimir Slavik]] * Email: vsla...@redhat.com == Detailed Description == Currently, the Anaconda installer GUI presents an unticked checkbox "Make this user administrator" on the user setup screen by default. This means users have to discover the control, understand its meaning, and consciously decide to change the value from the default one. [Snip] I find this wording confusing, and I've been using Linux for at least 15 years now. I think if we're making changes to reduce user confusion we may want to change the wording as well? Perhaps a better wording would be "Grant user administrator privileges (allow sudo)"? Something to make it clear the resulting user isn't root, but can act as root. I had always assumed the "Make this user administrator" checkbox meant the created user would effectively _be_ root, just with a different username. After playing with yesterday's KDE rawhide compose, I boldly decided to check the box. Apparently what it really means is the created user is a member of the wheel group and can use sudo. This also appears to disable the root user spoke in Anaconda. The resulting install fixes one of my biggest gripes with the KDE spin. So I say the checking it by default part of the change proposal is great! Why was I not checking this all along? As mentioned in the change proposal this basically matches what happens with the user gnome-initial-setup creates so it's a consistency win as well. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Mon, 29 Nov 2021 at 19:36, Ben Cotton wrote: > == Release Notes == > > In the User spoke, the "Make this user administrator" checkbox is now > checked by default. This improves installation experience for users > who do not know and need to rely on the default values to guide them. What's the context of this text? Is it in a section that is specifically about anaconda? Because "the User spoke" isn't very meaningful on its own. Arguably talking about spokes at all isn't very meaningful for end users who are reading the release notes. I did a double-take when reading it, until remembered that's the anaconda terminology, and I've been using anaconda for years and years. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Wed, 2021-12-01 at 14:39 +0100, Lennart Poettering wrote: > On Di, 30.11.21 15:57, Adam Williamson (adamw...@fedoraproject.org) > wrote: > > > On Tue, 2021-11-30 at 22:39 +, Sérgio Basto wrote: > > > On Tue, 2021-11-30 at 16:03 -0500, Matthew Miller wrote: > > > > On Tue, Nov 30, 2021 at 11:13:19AM +, Sérgio Basto wrote: > > > > > I don't use sudo , and I'm against the use of sudo , Fedora > > > > > tradition > > > > > do things as root . > > > > > > > > I hope we don't! Doing things with least required privilege is > > > > an > > > > important > > > > security principle, one which was actually pioneered here with > > > > the > > > > usermode/consolehelper tools and then policykit and dbus > > > > helpers for > > > > GUI > > > > applications. And we've been putting people in `wheel` by > > > > default and > > > > configuring sudo in the corresponding way since... F15, I > > > > think. > > > > > > yes , I mean be administrator with sudo (more than like in > > > Debian, is > > > like in Ubuntu) and do commands like `sudo dnf` I guess . > > > As subject says "Users are administrators" and use sudo to > > > execute all > > > kind of administration, I prefer do `su -` and execute the > > > commands, > > > that what I meant by "I don't use sudo" . > > > > You know you can just do "sudo su" if you prefer that style, right? > > So you transition to root one way, and then transition again to root > from there? What's the point of that? We must go deeper? > > "sudo -s" is what you are looking for: one transition only, and you > get a shell. I usually use "sudo -i" > Lennart > > -- > Lennart Poettering, Berlin > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure -- Sérgio M. B. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Di, 30.11.21 15:57, Adam Williamson (adamw...@fedoraproject.org) wrote: > On Tue, 2021-11-30 at 22:39 +, Sérgio Basto wrote: > > On Tue, 2021-11-30 at 16:03 -0500, Matthew Miller wrote: > > > On Tue, Nov 30, 2021 at 11:13:19AM +, Sérgio Basto wrote: > > > > I don't use sudo , and I'm against the use of sudo , Fedora > > > > tradition > > > > do things as root . > > > > > > I hope we don't! Doing things with least required privilege is an > > > important > > > security principle, one which was actually pioneered here with the > > > usermode/consolehelper tools and then policykit and dbus helpers for > > > GUI > > > applications. And we've been putting people in `wheel` by default and > > > configuring sudo in the corresponding way since... F15, I think. > > > > yes , I mean be administrator with sudo (more than like in Debian, is > > like in Ubuntu) and do commands like `sudo dnf` I guess . > > As subject says "Users are administrators" and use sudo to execute all > > kind of administration, I prefer do `su -` and execute the commands, > > that what I meant by "I don't use sudo" . > > You know you can just do "sudo su" if you prefer that style, right? So you transition to root one way, and then transition again to root from there? What's the point of that? We must go deeper? "sudo -s" is what you are looking for: one transition only, and you get a shell. Lennart -- Lennart Poettering, Berlin ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, 2021-11-30 at 08:49 -0600, Chris Adams wrote: > Once upon a time, Ben Cotton said: > > Further, this change of defaults complements the default for root > > account. The redesign of root setup screen in Fedora 35 makes it clear > > that root should be left locked. > > So, not directly related to the proposal, but jumping in here because it > goes with the above statement - the "root should be left locked" setup > is a problem that keeps single-user mode broken. I tried to follow the > Fedora (and other distros) default of root being a locked account, and > then found that it's a broken setup. > > I was changing some disk config and made a typo in /etc/fstab, so > filesystems wouldn't mount on boot. The boot process stopped and > prompted for the (non-existant) root password. The only way to proceed > at that point is to bypass the normal init (remember to load SELinux > policy manually or face a full relabel, which is irritating) and set a > root password. > > This IMHO should have been addressed before making "root account locked" > a default. At a minimum, you shouldn't be prompted for a password that > doesn't exist. It used to be possible to edit the sulogin options to > add --force (so that a locked root account bypassed the password > request), but then systemd removed that. Boot with `systemd.debug-shell=1` and there will be a root console available on tty9 from very early in boot. Not sure if it's early enough for this specific scenario, but it is for a lot. You can also boot to the initramfs environment by booting with `rd.break`, from where you can fix up most problems. -- Adam Williamson Fedora QA IRC: adamw | Twitter: adamw_ha https://www.happyassassin.net ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, 2021-11-30 at 16:10 -0800, Michel Alexandre Salim wrote: > On Tue, Nov 30, 2021 at 10:08:19AM -0600, Michael Catanzaro wrote: > > On Tue, Nov 30 2021 at 10:57:37 AM -0500, Colin Walters > > wrote: > > > https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8 > > > > Should we be using this on other Fedora variants too...? At least for > > Workstation, where root is always locked? > > > That seems sensible, can it be part of this Change or should it be > worked on separately? > > It's probably also a good idea to prompt to set the root password, /iff/ > the user unchecks the administrator box, but understandable if the > Change authors feel that's out of scope. anaconda is already designed not to let you out unless *either* a root password is set *or* an admin account is set to be created. -- Adam Williamson Fedora QA IRC: adamw | Twitter: adamw_ha https://www.happyassassin.net ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, Nov 30, 2021 at 10:08:19AM -0600, Michael Catanzaro wrote: > On Tue, Nov 30 2021 at 10:57:37 AM -0500, Colin Walters > wrote: > > https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8 > > Should we be using this on other Fedora variants too...? At least for > Workstation, where root is always locked? > That seems sensible, can it be part of this Change or should it be worked on separately? It's probably also a good idea to prompt to set the root password, /iff/ the user unchecks the administrator box, but understandable if the Change authors feel that's out of scope. Best regards, -- Michel Alexandre Salim profile: https://keyoxide.org/mic...@michel-slm.name signature.asc Description: PGP signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, 2021-11-30 at 22:39 +, Sérgio Basto wrote: > On Tue, 2021-11-30 at 16:03 -0500, Matthew Miller wrote: > > On Tue, Nov 30, 2021 at 11:13:19AM +, Sérgio Basto wrote: > > > I don't use sudo , and I'm against the use of sudo , Fedora > > > tradition > > > do things as root . > > > > I hope we don't! Doing things with least required privilege is an > > important > > security principle, one which was actually pioneered here with the > > usermode/consolehelper tools and then policykit and dbus helpers for > > GUI > > applications. And we've been putting people in `wheel` by default and > > configuring sudo in the corresponding way since... F15, I think. > > yes , I mean be administrator with sudo (more than like in Debian, is > like in Ubuntu) and do commands like `sudo dnf` I guess . > As subject says "Users are administrators" and use sudo to execute all > kind of administration, I prefer do `su -` and execute the commands, > that what I meant by "I don't use sudo" . You know you can just do "sudo su" if you prefer that style, right? -- Adam Williamson Fedora QA IRC: adamw | Twitter: adamw_ha https://www.happyassassin.net ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, 2021-11-30 at 16:03 -0500, Matthew Miller wrote: > On Tue, Nov 30, 2021 at 11:13:19AM +, Sérgio Basto wrote: > > I don't use sudo , and I'm against the use of sudo , Fedora > > tradition > > do things as root . > > I hope we don't! Doing things with least required privilege is an > important > security principle, one which was actually pioneered here with the > usermode/consolehelper tools and then policykit and dbus helpers for > GUI > applications. And we've been putting people in `wheel` by default and > configuring sudo in the corresponding way since... F15, I think. yes , I mean be administrator with sudo (more than like in Debian, is like in Ubuntu) and do commands like `sudo dnf` I guess . As subject says "Users are administrators" and use sudo to execute all kind of administration, I prefer do `su -` and execute the commands, that what I meant by "I don't use sudo" . > -- > Matthew Miller > > Fedora Project Leader > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure -- Sérgio M. B. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, Nov 30, 2021 at 11:13:19AM +, Sérgio Basto wrote: > I don't use sudo , and I'm against the use of sudo , Fedora tradition > do things as root . I hope we don't! Doing things with least required privilege is an important security principle, one which was actually pioneered here with the usermode/consolehelper tools and then policykit and dbus helpers for GUI applications. And we've been putting people in `wheel` by default and configuring sudo in the corresponding way since... F15, I think. -- Matthew Miller Fedora Project Leader ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, 30 Nov 2021 12:49:24 +0100 Vít Ondruch wrote: > I think it would be more constructive if you enumerated pros/cons of > sudo to support your argument then the tradition. Not the original poster, but I find that I like the separation of roles into two. When I do things as root, I mentally know that they can have very severe consequences, so I have a different mindset, a more vigilant mindset. I measure three times and cut once. In fact, I do things as root only in a single virtual console (usually), so when I go there, I know I'm someone different. Also, because of long usage, these are habits that are familiar and any change means I have to develop new habits, and while I am developing those habits, I will inevitably make mistakes. If I continue doing things the way I normally do, I won't make those mistakes, so they are unnecessary mistakes. I presume that the root account isn't going away, so it isn't a big deal. I'll just modify it after install to fit my work flow. Security isn't a huge issue because I have no internet facing services active, so people hacking root remotely is only possible through the browser, and locally installed malware (I think). I see this as just another small inconvenience for experienced users in order to cater to all those 'new users'. They do pile up, though. I have all kinds of notes about how to 'correct' them on install. I imagine this happens to everyone who joins Fedora, as the changes accumulate, and they get left behind in their way of doing things. Or maybe other people don't create routines to simplify their user experience, and so never experience this. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, Nov 30 2021 at 10:57:37 AM -0500, Colin Walters wrote: https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8 Should we be using this on other Fedora variants too...? At least for Workstation, where root is always locked? ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On Tue, Nov 30, 2021, at 9:49 AM, Chris Adams wrote: > Once upon a time, Ben Cotton said: >> Further, this change of defaults complements the default for root >> account. The redesign of root setup screen in Fedora 35 makes it clear >> that root should be left locked. > > So, not directly related to the proposal, but jumping in here because it > goes with the above statement - the "root should be left locked" setup > is a problem that keeps single-user mode broken. I tried to follow the > Fedora (and other distros) default of root being a locked account, and > then found that it's a broken setup. https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8 ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
Once upon a time, Ben Cotton said: > Further, this change of defaults complements the default for root > account. The redesign of root setup screen in Fedora 35 makes it clear > that root should be left locked. So, not directly related to the proposal, but jumping in here because it goes with the above statement - the "root should be left locked" setup is a problem that keeps single-user mode broken. I tried to follow the Fedora (and other distros) default of root being a locked account, and then found that it's a broken setup. I was changing some disk config and made a typo in /etc/fstab, so filesystems wouldn't mount on boot. The boot process stopped and prompted for the (non-existant) root password. The only way to proceed at that point is to bypass the normal init (remember to load SELinux policy manually or face a full relabel, which is irritating) and set a root password. This IMHO should have been addressed before making "root account locked" a default. At a minimum, you shouldn't be prompted for a password that doesn't exist. It used to be possible to edit the sulogin options to add --force (so that a locked root account bypassed the password request), but then systemd removed that. -- Chris Adams ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
I think it would be more constructive if you enumerated pros/cons of sudo to support your argument then the tradition. Vít Dne 30. 11. 21 v 12:13 Sérgio Basto napsal(a): I don't use sudo , and I'm against the use of sudo , Fedora tradition do things as root . On Mon, 2021-11-29 at 14:33 -0500, Ben Cotton wrote: https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda = Users are administrators by default in the installer GUI = == Summary == The Anaconda installer GUI will have the administrative rights checkbox on the User screen ticked by default. == Owner == * Name: [[User:Vladimirslavik| Vladimir Slavik]] * Email: vsla...@redhat.com == Detailed Description == Currently, the Anaconda installer GUI presents an unticked checkbox "Make this user administrator" on the user setup screen by default. This means users have to discover the control, understand its meaning, and consciously decide to change the value from the default one. However, computer usage by individuals is heavily skewed towards single user machines where the (sole) user has administrative powers over the machine by invoking `sudo`. This has been always reflected by the design of the screen, which allows only a single user to be created. The GNOME first time setup also creates a single user - and makes them an administrator without asking. The proposed change merely changes the default GUI state to be in line with this expectation. Further, this change of defaults complements the default for root account. The redesign of root setup screen in Fedora 35 makes it clear that root should be left locked. This change makes it clear that the user should be the administrator. Together, these defaults will let the user satisfy all user account options by filling in nothing more than the user name and the password (twice to confirm). == Benefit to Fedora == One less footgun in the installer for entry-level users. They will be able to rely on defaults and achieve the expected outcome. == Scope == * Proposal owners: Isolated change - adjust Anaconda code to do so as suggested here. Low effort. * Other developers: No changes needed. * Release engineering: Different defaults ''could'' impact installer testing. [https://pagure.io/releng/issues #Releng issue number] * Policies and guidelines: N/A * Trademark approval: N/A * Alignment with Objectives: None. == Upgrade/compatibility impact == No impact. Installation implies teardown of previous system, including users. == How To Test == Start Anaconda installer for the Server variant, open the user setup screen, "Make this user administrator" is checked = pass. Should be variant / spin / hardware agnostic, with the caveat that the presence of user screen is configurable, so in many cases the screen is not reachable. Kickstart installs are not affected. == User Experience == Users installing Fedora will no longer be forced to spend time deciding how to arrange the administrative powers (they, root, both?) and configuring that. They will be able to fill in user name and password and the default configuration will be valid. They can give in to the power of defaults. For users that want to configure the system differently from the majority use case, the controls to do so are still as they were, only the defaults are different. For those installing Fedora manually often, muscle memory for user screen will break, as the checkbox will no longer have to be toggled. == Dependencies == None. == Contingency Plan == Any Fedora QA and OpenQA changes reflecting this will have to be reverted. Other than that, there is no technical or process requirement for this change, so no impact. The change does not happen and previous defaults remain. * Contingency mechanism: N/A * Contingency deadline: N/A * Blocks release? No == Documentation == * https://github.com/rhinstaller/anaconda/pull/3719 == Release Notes == In the User spoke, the "Make this user administrator" checkbox is now checked by default. This improves installation experience for users who do not know and need to rely on the default values to guide them. -- Ben Cotton He / Him / His Fedora Program Manager Red Hat TZ=America/Indiana/Indianapolis ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure OpenPGP_signature Description: OpenPGP digital signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct:
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
I don't use sudo , and I'm against the use of sudo , Fedora tradition do things as root . On Mon, 2021-11-29 at 14:33 -0500, Ben Cotton wrote: > https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda > > = Users are administrators by default in the installer GUI = > > == Summary == > > The Anaconda installer GUI will have the administrative rights > checkbox on the User screen ticked by default. > > == Owner == > > * Name: [[User:Vladimirslavik| Vladimir Slavik]] > * Email: vsla...@redhat.com > > > == Detailed Description == > > Currently, the Anaconda installer GUI presents an unticked checkbox > "Make this user administrator" on the user setup screen by default. > This means users have to discover the control, understand its > meaning, > and consciously decide to change the value from the default one. > > However, computer usage by individuals is heavily skewed towards > single user machines where the (sole) user has administrative powers > over the machine by invoking `sudo`. This has been always reflected > by > the design of the screen, which allows only a single user to be > created. The GNOME first time setup also creates a single user - and > makes them an administrator without asking. > > The proposed change merely changes the default GUI state to be in > line > with this expectation. > > Further, this change of defaults complements the default for root > account. The redesign of root setup screen in Fedora 35 makes it > clear > that root should be left locked. This change makes it clear that the > user should be the administrator. Together, these defaults will let > the user satisfy all user account options by filling in nothing more > than the user name and the password (twice to confirm). > > > == Benefit to Fedora == > > One less footgun in the installer for entry-level users. They will be > able to rely on defaults and achieve the expected outcome. > > == Scope == > > * Proposal owners: Isolated change - adjust Anaconda code to do so as > suggested here. Low effort. > * Other developers: No changes needed. > * Release engineering: Different defaults ''could'' impact installer > testing. [https://pagure.io/releng/issues #Releng issue number] > * Policies and guidelines: N/A > * Trademark approval: N/A > * Alignment with Objectives: None. > > == Upgrade/compatibility impact == > > No impact. Installation implies teardown of previous system, > including users. > > == How To Test == > > Start Anaconda installer for the Server variant, open the user setup > screen, "Make this user administrator" is checked = pass. > > Should be variant / spin / hardware agnostic, with the caveat that > the > presence of user screen is configurable, so in many cases the screen > is not reachable. > > Kickstart installs are not affected. > > == User Experience == > > Users installing Fedora will no longer be forced to spend time > deciding how to arrange the administrative powers (they, root, both?) > and configuring that. They will be able to fill in user name and > password and the default configuration will be valid. They can give > in > to the power of defaults. > > For users that want to configure the system differently from the > majority use case, the controls to do so are still as they were, only > the defaults are different. > > For those installing Fedora manually often, muscle memory for user > screen will break, as the checkbox will no longer have to be toggled. > > == Dependencies == > > None. > > == Contingency Plan == > > Any Fedora QA and OpenQA changes reflecting this will have to be > reverted. Other than that, there is no technical or process > requirement for this change, so no impact. The change does not happen > and previous defaults remain. > > * Contingency mechanism: N/A > * Contingency deadline: N/A > * Blocks release? No > > == Documentation == > > * https://github.com/rhinstaller/anaconda/pull/3719 > > == Release Notes == > > In the User spoke, the "Make this user administrator" checkbox is now > checked by default. This improves installation experience for users > who do not know and need to rely on the default values to guide them. > > > -- > Ben Cotton > He / Him / His > Fedora Program Manager > Red Hat > TZ=America/Indiana/Indianapolis > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure -- Sérgio M. B. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
Hi Brandon, this applies to all variants that display the user screen. Looking at the profiles we have, that means Server, KDE, Kinoite, IoT. Where this does *not* apply is Workstation and Silverblue. I believe the anaconda repository has all the relevant profiles, so hopefully that list is complete enough. It also applies to everything derived from the RHEL profile - alma, rocky, centos,... but these are not relevant for this discussion, I think. Best, Vladimir On Mon, Nov 29, 2021 at 9:15 PM Brandon Nielsen wrote: > On 11/29/21 1:33 PM, Ben Cotton wrote: > > > https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda > > > > = Users are administrators by default in the installer GUI = > > > > == Summary == > > > > The Anaconda installer GUI will have the administrative rights > > checkbox on the User screen ticked by default. > > > > == Owner == > > > > * Name: [[User:Vladimirslavik| Vladimir Slavik]] > > * Email: vsla...@redhat.com > > > > > > == Detailed Description == > > > > Currently, the Anaconda installer GUI presents an unticked checkbox > > "Make this user administrator" on the user setup screen by default. > > This means users have to discover the control, understand its meaning, > > and consciously decide to change the value from the default one. > > > > However, computer usage by individuals is heavily skewed towards > > single user machines where the (sole) user has administrative powers > > over the machine by invoking `sudo`. This has been always reflected by > > the design of the screen, which allows only a single user to be > > created. The GNOME first time setup also creates a single user - and > > makes them an administrator without asking. > > > > The proposed change merely changes the default GUI state to be in line > > with this expectation. > > > > Further, this change of defaults complements the default for root > > account. The redesign of root setup screen in Fedora 35 makes it clear > > that root should be left locked. This change makes it clear that the > > user should be the administrator. Together, these defaults will let > > the user satisfy all user account options by filling in nothing more > > than the user name and the password (twice to confirm). > > > > > > [Snip] > > > > > == How To Test == > > > > Start Anaconda installer for the Server variant, open the user setup > > screen, "Make this user administrator" is checked = pass. > > > > Should be variant / spin / hardware agnostic, with the caveat that the > > presence of user screen is configurable, so in many cases the screen > > is not reachable. > > > > Kickstart installs are not affected. > > > > [Snip] > > "Detailed Description" section mentions GNOME, "How To Test" describes > the server variant. Which specific variants does this all apply to? > > If I recall correctly, the KDE spin already differs from Workstation in > this regard. > ___ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure > -- Vladimír Slávik Software Engineer, Platform Engineering Red Hat Czech, s.r.o. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
On 11/29/21 1:33 PM, Ben Cotton wrote: https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda = Users are administrators by default in the installer GUI = == Summary == The Anaconda installer GUI will have the administrative rights checkbox on the User screen ticked by default. == Owner == * Name: [[User:Vladimirslavik| Vladimir Slavik]] * Email: vsla...@redhat.com == Detailed Description == Currently, the Anaconda installer GUI presents an unticked checkbox "Make this user administrator" on the user setup screen by default. This means users have to discover the control, understand its meaning, and consciously decide to change the value from the default one. However, computer usage by individuals is heavily skewed towards single user machines where the (sole) user has administrative powers over the machine by invoking `sudo`. This has been always reflected by the design of the screen, which allows only a single user to be created. The GNOME first time setup also creates a single user - and makes them an administrator without asking. The proposed change merely changes the default GUI state to be in line with this expectation. Further, this change of defaults complements the default for root account. The redesign of root setup screen in Fedora 35 makes it clear that root should be left locked. This change makes it clear that the user should be the administrator. Together, these defaults will let the user satisfy all user account options by filling in nothing more than the user name and the password (twice to confirm). [Snip] == How To Test == Start Anaconda installer for the Server variant, open the user setup screen, "Make this user administrator" is checked = pass. Should be variant / spin / hardware agnostic, with the caveat that the presence of user screen is configurable, so in many cases the screen is not reachable. Kickstart installs are not affected. [Snip] "Detailed Description" section mentions GNOME, "How To Test" describes the server variant. Which specific variants does this all apply to? If I recall correctly, the KDE spin already differs from Workstation in this regard. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda = Users are administrators by default in the installer GUI = == Summary == The Anaconda installer GUI will have the administrative rights checkbox on the User screen ticked by default. == Owner == * Name: [[User:Vladimirslavik| Vladimir Slavik]] * Email: vsla...@redhat.com == Detailed Description == Currently, the Anaconda installer GUI presents an unticked checkbox "Make this user administrator" on the user setup screen by default. This means users have to discover the control, understand its meaning, and consciously decide to change the value from the default one. However, computer usage by individuals is heavily skewed towards single user machines where the (sole) user has administrative powers over the machine by invoking `sudo`. This has been always reflected by the design of the screen, which allows only a single user to be created. The GNOME first time setup also creates a single user - and makes them an administrator without asking. The proposed change merely changes the default GUI state to be in line with this expectation. Further, this change of defaults complements the default for root account. The redesign of root setup screen in Fedora 35 makes it clear that root should be left locked. This change makes it clear that the user should be the administrator. Together, these defaults will let the user satisfy all user account options by filling in nothing more than the user name and the password (twice to confirm). == Benefit to Fedora == One less footgun in the installer for entry-level users. They will be able to rely on defaults and achieve the expected outcome. == Scope == * Proposal owners: Isolated change - adjust Anaconda code to do so as suggested here. Low effort. * Other developers: No changes needed. * Release engineering: Different defaults ''could'' impact installer testing. [https://pagure.io/releng/issues #Releng issue number] * Policies and guidelines: N/A * Trademark approval: N/A * Alignment with Objectives: None. == Upgrade/compatibility impact == No impact. Installation implies teardown of previous system, including users. == How To Test == Start Anaconda installer for the Server variant, open the user setup screen, "Make this user administrator" is checked = pass. Should be variant / spin / hardware agnostic, with the caveat that the presence of user screen is configurable, so in many cases the screen is not reachable. Kickstart installs are not affected. == User Experience == Users installing Fedora will no longer be forced to spend time deciding how to arrange the administrative powers (they, root, both?) and configuring that. They will be able to fill in user name and password and the default configuration will be valid. They can give in to the power of defaults. For users that want to configure the system differently from the majority use case, the controls to do so are still as they were, only the defaults are different. For those installing Fedora manually often, muscle memory for user screen will break, as the checkbox will no longer have to be toggled. == Dependencies == None. == Contingency Plan == Any Fedora QA and OpenQA changes reflecting this will have to be reverted. Other than that, there is no technical or process requirement for this change, so no impact. The change does not happen and previous defaults remain. * Contingency mechanism: N/A * Contingency deadline: N/A * Blocks release? No == Documentation == * https://github.com/rhinstaller/anaconda/pull/3719 == Release Notes == In the User spoke, the "Make this user administrator" checkbox is now checked by default. This improves installation experience for users who do not know and need to rely on the default values to guide them. -- Ben Cotton He / Him / His Fedora Program Manager Red Hat TZ=America/Indiana/Indianapolis ___ devel-announce mailing list -- devel-announce@lists.fedoraproject.org To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
F36 Change: Users are administrators by default in the installer GUI. (Self-Contained Change proposal)
https://fedoraproject.org/wiki/Changes/Users_are_admins_by_default_in_Anaconda = Users are administrators by default in the installer GUI = == Summary == The Anaconda installer GUI will have the administrative rights checkbox on the User screen ticked by default. == Owner == * Name: [[User:Vladimirslavik| Vladimir Slavik]] * Email: vsla...@redhat.com == Detailed Description == Currently, the Anaconda installer GUI presents an unticked checkbox "Make this user administrator" on the user setup screen by default. This means users have to discover the control, understand its meaning, and consciously decide to change the value from the default one. However, computer usage by individuals is heavily skewed towards single user machines where the (sole) user has administrative powers over the machine by invoking `sudo`. This has been always reflected by the design of the screen, which allows only a single user to be created. The GNOME first time setup also creates a single user - and makes them an administrator without asking. The proposed change merely changes the default GUI state to be in line with this expectation. Further, this change of defaults complements the default for root account. The redesign of root setup screen in Fedora 35 makes it clear that root should be left locked. This change makes it clear that the user should be the administrator. Together, these defaults will let the user satisfy all user account options by filling in nothing more than the user name and the password (twice to confirm). == Benefit to Fedora == One less footgun in the installer for entry-level users. They will be able to rely on defaults and achieve the expected outcome. == Scope == * Proposal owners: Isolated change - adjust Anaconda code to do so as suggested here. Low effort. * Other developers: No changes needed. * Release engineering: Different defaults ''could'' impact installer testing. [https://pagure.io/releng/issues #Releng issue number] * Policies and guidelines: N/A * Trademark approval: N/A * Alignment with Objectives: None. == Upgrade/compatibility impact == No impact. Installation implies teardown of previous system, including users. == How To Test == Start Anaconda installer for the Server variant, open the user setup screen, "Make this user administrator" is checked = pass. Should be variant / spin / hardware agnostic, with the caveat that the presence of user screen is configurable, so in many cases the screen is not reachable. Kickstart installs are not affected. == User Experience == Users installing Fedora will no longer be forced to spend time deciding how to arrange the administrative powers (they, root, both?) and configuring that. They will be able to fill in user name and password and the default configuration will be valid. They can give in to the power of defaults. For users that want to configure the system differently from the majority use case, the controls to do so are still as they were, only the defaults are different. For those installing Fedora manually often, muscle memory for user screen will break, as the checkbox will no longer have to be toggled. == Dependencies == None. == Contingency Plan == Any Fedora QA and OpenQA changes reflecting this will have to be reverted. Other than that, there is no technical or process requirement for this change, so no impact. The change does not happen and previous defaults remain. * Contingency mechanism: N/A * Contingency deadline: N/A * Blocks release? No == Documentation == * https://github.com/rhinstaller/anaconda/pull/3719 == Release Notes == In the User spoke, the "Make this user administrator" checkbox is now checked by default. This improves installation experience for users who do not know and need to rely on the default values to guide them. -- Ben Cotton He / Him / His Fedora Program Manager Red Hat TZ=America/Indiana/Indianapolis ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
