[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Lack of transparency of automatic actions



Hello,

This has been bugging me for some time now, and I'd like to see if we
can improve the situation.

The main problem is that it's not clear how all this media
autodection/automounting works.  It's not clear how to enable it, it's
not clear how the permissions work, and it's not clear how to manage it.

Let's start from the worst scenario: a system administrator.
Traditionally, to know who can mount a device, you can look at
/etc/fstab: if something is marked "user", then a user can mount it.
You can also look at the permissions of the entry in /dev to see if a
user can access it directly.

Now, apparently, if a user is in the plugdev group, then that user could
mount it even if it appears nowhere in fstab and even if the user
doesn't have access to the /dev entry.  But this isn't documented
anywhere obvious, certainly.  It should be in big capital letters
somewhere.

Next, what about from the user's perspective?  By default, when you
add a user, that user is not a member of plugdev, so these things don't
work.  Gnome warns you that you need to be a member in some cases; KDE
doesn't.  It would be nice for KDE to do that.

It's also not clear how it reacts to devices that are in fstab, or how
to make it shut up about stuff.  One annoying bug with Gnome was that it
would see my cryptsetup partition -- which was accessed on boot, and
which had the LVM LVs mounted at boot -- and prompt me for the password
to try to access it again.  (That one could lead to data corruption.)
KDE never did that.

But worse -- what if you're not using Gnome or KDE?  I can find no way
for a user that doesn't use any X applications to take advantage of this
automatic support, even if the user is in the plugdev group.  I can't
even find a way for a user to take advantage of it manually, again even
if the user is in plugdev.  Why are we restricing this to users of GUIs?

Now, what about networking?  We have two competing systems: ifupdown and
network-manager.  ifupdown works fine for static servers or
workstations, but it doesn't do any of the automatic network scanning
and connecting that network-manager does.  It's great to have those
network-manager features -- automatically bringing up eth0 when a cable
is plugged in, automatically connecting to a known wireless network,
etc.  But network-manager only works for interfaces that don't have
things specified in /etc/network/interfaces.  So I can't tell it to run
an iwpriv command on my wireless card before scanning for networks.

Even worse, you again have to use KDE or Gnome to take advantage of
network-manager.  Why are we leaving CLI users out in the cold?  It is
quite possible to use mutt, ssh, and ftp on a laptop.  And it's
frustrating to know that my network setup will be useless when I'm not
running in X.

Moreover, it is completely unclear how permissions for taking network
devices up and down are managed in this scenario.  Ordinarily, only root
can do that, but now we're apparently letting anyone.  How can we
restrict that?  But more important than answering the question here is
to document all of this in a comprehensive place, obviously visible to
users and admins.


The bottom line is that I think we have some useful functionality here,
but our implementation needs work.  It would be very nice to have these
issues ironed out before etch.

Thanks,

-- John



Reply to: