Linux fat/bloated

Lennart Sorensen lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org
Mon Apr 10 14:32:27 UTC 2006


On Mon, Apr 10, 2006 at 06:27:52AM -0400, Walter Dnes wrote:
>   That's been solved in the current version (2.0).  It was older versions
> (1.4?) that had the Java dependancy.

Well I know openoffice 1.x on debian ran without java as well.  So they
did something to it.

>   If I were running an internet-exposed server, or letting a bunch of
> people log in, I'd use either PAM or NSA SElinux.  For a single-user
> desktop machine, it is overkill.  Not only that, "everything you know is
> wrong" when it comes to configuring files.  You end up using a different
> set of files.
> 
>   My introduction to PAM's idiosyncracies came early in my Gentoo days.
> I have a regular user account for day-to-day stuff, and a dedicated (not
> root) second account for certain admin stuff.  I discovered that when
> the first user logs on, all character devices are chowned to that user,
> with permissions 600 until such time as it logs off.  A user that logs
> on, before user1 logs off, is out of luck if it wants to play MP3s *EVEN
> IF USER1 NEVER TOUCHES AUDIO*, because /dev/sound/* and /dev/snd/* have
> all been chowned exclusively to the previous logon.  To allow user2 to
> play MP3s, I had to log both users off, and log on user2 before logging
> on user1.  I can do without that garbage, thank you.
> 
>   There is a place for PAM... as an optional security system in the same
> menu item of "make menuconfig" as where you find NSA SElinux.

None of that is PAM's fault.  On debian, which uses pam, the audio
devices are not messed with, when someone logs in.  Instead they are
owned by group 'audio' and any user in that group can use audio.
Simple, clean, efficient, and it works well.  I have seen redhat mess
with permissions when you login, and I certainly never liked that setup
myself.

Just because you can make pam do something doesn't mean you must do it,
and it doesn't mean pam is broken because you can do such things.

Len Sorensen
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list