Re: user perms

[gene heskett <gheskett@shentel.net>]

On 6/14/22 13:25, David Wright wrote:
> On Mon 13 Jun 2022 at 19:03:47 (-0400), gene heskett wrote:
> > On 6/13/22 14:36, Greg Wooledge wrote:
> > > On Mon, Jun 13, 2022 at 01:56:12PM -0400, gene heskett wrote:  >>
> > > I appear as user 1000 seem to be stuck behind some sort of a >>
> > permissions wall. > > SHOW. US.
> >
> > I got tired of fighting with it Greg, so I did install #32 and installed
> > gnome_desktop (that was new) and xfce4 during the install, and
> > now things including the screen colors are back to normal,
> >
> > I've installed the brother printers and scanner drivers and I can modify t
> > them by the usual rules. I also set a root pw in addition to adding myself
> > to /etc/group in the appropriate places. I created an /sshnet tree with the
> > other 5 machines here, did a root chown -R me:me on that path and just now
> > mounted all of them as me, so I own the path to me on the other 5 machines.
> "adding myself to /etc/group in the appropriate places" sounds just
> like the sort of thing that might have caused /etc/passwd to become
> screwed up in installation #31.
>
> > And my working environment is getting close to completed, something
> > that only been workable occasionally since that last Seagate 2T drive
> > went tits down in the night last Dec 8th.
> >
> > Kmail5 is buggier than road kill in June, but t-bird is more like
> > August, so
> > I'm looking for a mailer that actually works. tbirds sort filters
> > don't, and
> > they think everybody uses only html, so word wrap doesn't work So I'm
> > doing this by hand..
> >
> > So my only instant question is when will the developers understand that
> > stuff that runs as a $USER, needs one of two changes, either a .conf file
> > someplace readable by the $USER that tells things like t-bird, running as
> > the user, can have write privs to /var/log, /or/ an entry in that *.conf so
> > logging can be done instead of just gobbling up the denial w/o bothering
> > to tell the user it can't open the log. Its trivial to fix logrotate
> > to service
> > the logs in /home/$USER/logs where there's no perms problem because
> > the $USER owns the whole path.
> No idea what this is all about, sorry.
>
> > Same perms story for heyu and nut,
> > but some somebody, thinking security as opposed to usability, insists
> > on building /dev/ttyUSB*, with 0600 perms. Neither nut, nor heyu can
> > get past that to get their job done. And IF I reset those two devices
> > to 0777,
> > re reboot fixes that.
> >
> > I must have asked 15 or 20 times in the last decade, how to fix this in
> > permanently in /lib/udev, and have been ignored when I ask that for
> > several years. Usability, letting a computer actually DO its job simply
> > isn't on the menu. With a record like that, can you blame me for being
> > frustrated? Frustrated by asking for advice so I do do it right, and being
> > ignored.
> The trouble with writing this is that people can look back.
>
> There was a thread in May 2020 on this topic, where all your posts
> have followups except for the two that sign out just like this one
> does below; ie "Now I know how but my editing foo is burned out for
> today", and "I'll see about it tomorrow, having used up my creative
> juices on another project today".
>
> In that thread, there is a working set of rules showing how udev
> runs a script when a USB stick is inserted or removed, the scripts
> themselves, and the data files that the scripts read¹. The scripts
> have no problem performing mkdir and rmdir in the /media directory:
>
> $ ls -ld /media
> drwxr-xr-x 3 root root 4096 Jun 14 08:30 /media
> $
>
> > [...]
> >
> > > You're a goddamned 20+ year Linux veteran.  You should be able to
> > > handle something as ridiculously simple as this.
> > I just did,
> As usual, we don't know what you actually did to handle it.
yes I did, but you snipped that part. How convenient...
So I write it again:
As soon as it rebooted from the install, and I had gained root,
I nano'd /etc/group and added me to group lp, so I could configure
my 2 printers.

The catted group listing today, from install #32, now has
me all over that file 12 times where the previous 31 installs only had 
me in
sudo.

Is that because I finally gave up and defined a root pw during the install?
In that event IMNSHO the installer is broken in 2 ways. In ways not 
apparently
related to to the auto install of all the brltty and orca crap that 
drives a
sighted person into screaming fits. It stalls the machine while it 
trying to
speak every keypress, fails because it hasn't learned how to speak English
and can't be turned off w/o destroying the uptime.

I've met your blind person. He is running OpenSCAD, the gfx composer
from that synth. I'd have to assume it speaks a lot better german than
it does English. I have to admire his determination,
he has a quadruple share of it to run OpenSCAD blind.

If that's not changeable, then it should advertise the diff, but it does 
not.
> > but haven't changed the perms of /dev/ttyUSB* yet.
> Of course, the idea was that /you/ don't have to do that: udev should
> do it when you boot up the machine or plug in the items. That's what
> makes it permanent. And by reading their distinctive serial numbers,
> FTDHG45D and FTOOS09N, it also prevents the names of the two devices
> being swapped around by a race, or the order of insertion.
I've noted that that does seem to be stable now, but why does
it have to be owned by root:root, and 0600 perms? I have rather
diligently searched thru /lib/udev/rules.d without finding where or
how the perms are applied. And questions asking about it are snipped
and never replied to.  Why?????????
> > Only so
> > much time in one 24 hour day.  Up since 4:40 my time, by 20:00 I'm burned
> > out for the day.
> ¹
> https://lists.debian.org/debian-user/2020/05/msg00510.html
Is my answer as to how to fix this perms problem actually
contained in that post and I'm not reading between the lines
well enough to grok it?  Could happen you know...
> Unlike the email posts, the web version doesn't show that
> "usgs1g" (the mount point) is the contents of an attached file
> called "2017-0403" (the USB stick's UUID), and likewise "cdrom3"
> in file "KZ3E2DH0440" (the portable DVD Writer's serial number).
today, usb-devices does not show the most valuable info, it does
not show the mount point

Now, the weather has quieted, and I have a 1/4" square pcb to design and 
make for
one of my cnc'd machines, on that same machine. I'm adding an air 
pressure controller
to the mister nozzles air supply.
> Cheers,
> David.
>
> .


Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis