Re: [Zope] The not-very-Super user
Brian Lloyd wrote: > > > > > I notice there were some CVS checkins about renaming it to the > > > > 'emergency user'. Cool, does this mean you're going to be > > able to define > > > > a manager at install-time? > > > > > > Yes - the whole lame login-as-superuser-create-a-manager-and-relogin > > > process will be gone in 2.3. At install time you'll create a first > > > manager and just use that. > > > > Yay! > > > > As Max asked, any 2.3 timeframe? Python Scripts and no Super User alone > > make it _very_ enticing :-)) > > I would reaaally like to see a beta by the end of > Dec. - but don't quote me yet. Part of what I'm doing > today is figuring what the resource situation looks like. > > > > He can un-screw permissions or users if you ever manage to > > > get totally locked out of your site. Think of it as a user mounted > > > in a box on the wall labeled "in case of emergency, break glass". > > > > How does this differ from a normal manager and how would you 'create a > > super user' as you descriebd in the bit I snipped? > > An example might be: if somehow someone took all permissions > away from all of your managers, they'd be out of luck. The > superuser could still log in and fix that though. > > I don't know the exact details of how a superuser is created > yet - I expect that you will run zpasswd.py with a special > option though (and restart). The relevant install docs will > be updated to outline this when that branch is merged. Here's how it is implemented right now. The details could change if someone can see any holes. When Zope is started, there is already some initialization code that gets run and has the opportunity to modify the ZODB if necessary. A procedure has been added that allows the root user folder to set up the initial user. If there are no users listed in the root user folder, it checks for a file named "inituser" which has the same format as the "access" file. If found, it adds that user and tries to delete "inituser". If, on the other hand, there is already at least one user, the code that checks for "inituser" is never executed. The file named "access" now defines the emergency user. It is no longer required to exist--if it doesn't exist, no one can log in as the emergency user. Creating the emergency user or the initial user is easily done with the zpasswd.py script. You use it just as before. The only difference is that wo_pcgi.py calls a method which generates "inituser" rather than "access". So, to create an emergency user, execute: python zpasswd.py access Or to create the inital user, execute: python zpasswd.py inituser The Windows installer is an unfinished detail: there's a script that executes "python zpasswd.py access". It needs to execute "python zpasswd.py inituser" instead. There will be some problems with alternate user folders. They expect to be able to call methods on the SpecialUsers.super object. When there is no emergency user, the value of SpecialUsers.super is None. The quick solution is to create an emergency user. The long-term solution is to fix the user folders. Shane ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] The not-very-Super user
> An example might be: if somehow someone took all permissions > away from all of your managers, they'd be out of luck. The > superuser could still log in and fix that though. I actually got bit by this with what I suspect was a web browser having severe mental problems - a submit of the security page cleared _every_ single button. Double-plus ungood - I plan to make a patch that won't allow you to turn off all the buttons. Anthony -- Anthony Baxter <[EMAIL PROTECTED]> It's never too late to have a happy childhood. ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] The not-very-Super user
> > > I notice there were some CVS checkins about renaming it to the > > > 'emergency user'. Cool, does this mean you're going to be > able to define > > > a manager at install-time? > > > > Yes - the whole lame login-as-superuser-create-a-manager-and-relogin > > process will be gone in 2.3. At install time you'll create a first > > manager and just use that. > > Yay! > > As Max asked, any 2.3 timeframe? Python Scripts and no Super User alone > make it _very_ enticing :-)) I would reaaally like to see a beta by the end of Dec. - but don't quote me yet. Part of what I'm doing today is figuring what the resource situation looks like. > > He can un-screw permissions or users if you ever manage to > > get totally locked out of your site. Think of it as a user mounted > > in a box on the wall labeled "in case of emergency, break glass". > > How does this differ from a normal manager and how would you 'create a > super user' as you descriebd in the bit I snipped? An example might be: if somehow someone took all permissions away from all of your managers, they'd be out of luck. The superuser could still log in and fix that though. I don't know the exact details of how a superuser is created yet - I expect that you will run zpasswd.py with a special option though (and restart). The relevant install docs will be updated to outline this when that branch is merged. Brian Lloyd[EMAIL PROTECTED] Software Engineer 540.371.6909 Digital Creations http://www.digicool.com ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] The not-very-Super user
Brian Lloyd wrote: > > > I notice there were some CVS checkins about renaming it to the > > 'emergency user'. Cool, does this mean you're going to be able to define > > a manager at install-time? > > Yes - the whole lame login-as-superuser-create-a-manager-and-relogin > process will be gone in 2.3. At install time you'll create a first > manager and just use that. Yay! As Max asked, any 2.3 timeframe? Python Scripts and no Super User alone make it _very_ enticing :-)) > He can un-screw permissions or users if you ever manage to > get totally locked out of your site. Think of it as a user mounted > in a box on the wall labeled "in case of emergency, break glass". How does this differ from a normal manager and how would you 'create a super user' as you descriebd in the bit I snipped? cheers, Chris ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] The not-very-Super user
From: Brian Lloyd [mailto:[EMAIL PROTECTED]] >Yes - the whole lame login-as-superuser-create-a-manager-and-relogin >process will be gone in 2.3. At install time you'll create a first >manager and just use that. A "superuser" will not even exist, unless >and until you need it and explicitly create it. Any timeframe on that 2.3 beast? regards Max M ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] The not-very-Super user
> I notice there were some CVS checkins about renaming it to the > 'emergency user'. Cool, does this mean you're going to be able to define > a manager at install-time? Yes - the whole lame login-as-superuser-create-a-manager-and-relogin process will be gone in 2.3. At install time you'll create a first manager and just use that. A "superuser" will not even exist, unless and until you need it and explicitly create it. > Hmmm, if so, what is it that the emergency/super user can do that a > normal manager can't? He can un-screw permissions or users if you ever manage to get totally locked out of your site. Think of it as a user mounted in a box on the wall labeled "in case of emergency, break glass". In practice, few should ever have to break the glass. Brian Lloyd[EMAIL PROTECTED] Software Engineer 540.371.6909 Digital Creations http://www.digicool.com ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] The not-very-Super user
Phil Harris wrote: > > The decision has been made that the superuser cannot own anything, apart > from user objects and user folder type objects. Maybe this should be painted in big bright red flashing letters on the Tutorial add form? How about actually writing some code in the tutorial to check when someone is logged in as Superuser and warn them? I've said it before, but this mail has prompted me to say it yet again... Is it really necessary to hamstring the superuser like this and confuse the hell out every new user while annoying the rest of us who have to log in as superuser, then restart our browsers ('cos there's no log-me-out link!) ? I notice there were some CVS checkins about renaming it to the 'emergency user'. Cool, does this mean you're going to be able to define a manager at install-time? Hmmm, if so, what is it that the emergency/super user can do that a normal manager can't? cheers, Chris (happy Monday morning to you all ;-) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )