few ideas how to make fedora better as a desktop

Fri Mar 28 09:44:04 UTC 2008

On Wed, 2008-03-26 at 20:29 -0400, Jesse Keating wrote:
> On Wed, 2008-03-26 at 15:12 -0600, Gian Paolo Mureddu wrote:
> > Sarcastic disclaimer.
> > 
> > Why not install all binaries into /bin, /usr/bin, /usr/local/bin and be 
> > done with it, then? Why EVEN have another path, anyway? Better yet, why 
> > don't we follow Ubuntu and make sudo the default, make regular users 
> > have admin rights! Why do we even need root? What's that? Geeze, I mean 
> > why even keep an ancient file system layout?
> 
> Believe it or not, these are all pretty useful suggestions.
> 
> Links to (/usr)/sbin can be maintained for legacy or FHS compliance.
> However due to shortcomings in RPM this isn't feasible.  Instead we'll
> just munge the normal user's path so that (s)he doesn't have to go
> hunting for useful tools.

Hm. Most of the commands found in {/usr,}/sbin only make sense for a
user with elevated privileges, i.e. root. Those that also make sense for
normal users (e.g. tools which provide read-only access as well like
ip/ifconfig, sysctl, etc.) could easily be hardlinked into the bin
directories on the same level without much hassle on the RPM side of
things.

> Sudo should (optionally) be the default for the first user added, like
> say through firstboot.  A checkbox that would have to be cleared that
> will drop the user in the wheel group which by default has sudo rights
> (that way we don't have to munge the sudors file).

Sudo is all fine and dandy if you think about the command line, but this
is still a "legacy" way of doing things. Mind that as long as they're in
good order I'm all for keeping "legacy" as "legacy" often also means
"tried and true". I also don't see a reason why "legacy" and new ways
can't coexist.

> "root" is a legacy concept.  Either the local user is also the admin, or
> the admin is a site wide admin where local root accounts are just jokes
> and instead things are done as sudo, or through config management
> systems.

"root" is only a legacy concept inasmuch as UIDs are seen as users, not
as roles that someone assumes temporarily, e.g. by way of sudo or
PolicyKit/dbus proxies. Keeping the privileged role separate from the
normal role, even for the primary user of a system, is one line of
defense against malware.

> I also agree that ancient filesystem layouts are needless confusion.
> They (almost) made since way back in the day, but fear of chance has
> kept them coming forward into modern day operating systems where they're
> just not needed, and only add confusion and frustration.  "Where do I
> install this binary into?  What level man page do I give this?" etc...

Man pages are a particularly bad example, as it's not only "What level
man page do I give this?" but also "What level is this man page I want
to read?" -- "man foo" almost always displays the wrong one if there are
multiple.

Other than that, the distinction and compartmentalization between /
and /usr is quite sound -- the former contains the basic set of tools
and libraries to bootstrap the system, regardless of where from the rest
comes. If disaster strikes, a small root volume is much less likely to
be than a giant single volume and it gives me the tools necessary to
salvage what is salvageable.

Nils
-- 
     Nils Philippsen    /    Red Hat    /    nphilipp at redhat.com
"Those who would give up Essential Liberty to purchase a little Temporary
 Safety, deserve neither Liberty nor Safety."  --  B. Franklin, 1759
 PGP fingerprint:  C4A8 9474 5C4C ADE3 2B8F  656D 47D8 9B65 6951 3011