(Poll) Run as User account or Root most the time?

Started by NeXTsociety, July 08, 2010, 12:00:31 am

Previous topic - Next topic

Do you run as User or Root most of the time ?

Root
7 (31.8%)
User
15 (68.2%)

Total Members Voted: 21

Voting closed: July 08, 2010, 12:00:31 am

NeXTsociety

So, how are you all running NeXTSTEP on NeXT hardware these days, as a User or as Root?  I have heard some say always should be as User and only log in as root when you need to and then others, like me, are in root all the time.

Just curious the pros and cons and how you all run.

tj

RacerX

I think the question would be why the need to be root?

I haven't logged in as root on any of my OPENSTEP/Rhapsody systems in months (and in the case of a few systems... years). What is it that you are doing that you need to be root?

And on a side note... both the standard Me account and the normal user accounts all have home directories... as I recall, root does not. Where do you keep all your stuff?

For people who don't actually do anything with their systems, that isn't exactly a problem (they are usually just visiting the NeXT environment anyways). But for those who spend real time using their system in practical ways, you end up with personal files and the like. For those running as root, where do you keep all those things?

All my systems have been running for years, I'm not adding applications or playing with configurations... my systems are exactly the way I want them so I can't imagine needing root access.

kb7sqi

I never run as "root" account.  I think it's better to create an account w/ your own login info & if you need root access, you can always use asroot, sudo or Open Sesame via Services.  The only time I actually use the root account is when I first install/setup the system, after that I rarely use it.   Take care.

Steve

NeXTsociety

Everything I have done has been in root.  When I installed all my apps, setup email, setup NetInfo for web access, all of that.  I have a folder named LocalApps that I install my little apps in, and major apps I installed automatically went to the main Apps folder.  

So, rather than go in and out of root all the time, I have just done it all there.

Is there a reason not to be in root all the time?  I am not sure what OS X does on Macs but I have never made separate USER accounts and used the stock booting that came with the system new.  So, is that considered Root on the Mac OS X also, by not making a new account called Me or something there?

I always thought in OS X I am at root.  So, I have been running as Root on NeXTSTEP all along.

Now switching to logging in as Me on NeXTSTEP, I see most of my apps work fine that I installed while at root but a few are acting as if they are missing stuff to run (My Pages app needs something it no longer sees).  

So, maybe I should have installed all this as Me instead of root.  Now I would have to re-install various things again to make it all work.  Like email.  Can't send emails now as logging in as me.  Not sure why though.  I did reset mail under the Me account and can receive emails now but sending a no go.  Not sure if I have to re-install msmtp and prngd or what.  Would have thought it would see that from my Root installs.  Mail works perfect while I am logged in as root.

Oh well.   :lol: I will just run in Root.  Works fine for me.

tj

RacerX

In Mac OS X you have to enable root. The standard user account created when the system is first started up is given administrator privileges, but it is not root. It has it's own home directory where all of your personal settings (and hopefully your personal files) are kept. Root in Mac OS X doesn't have a (visible) home directory.

The thing is, once you start playing around in applications as root, your settings for those applications are tied to the root account... you won't have access to those settings in any other account.

Generally speaking, you are supposed to go into root, install what you need to install (or do what you need to do), and get out. You don't fire up apps in root because that isn't where you would normally be using them. And you really wouldn't want to start up an app like Mail in root because it not only has to create settings, it also has to create mail boxes (all tied to the account you set it up in... so they are most likely on the root level of your drive now). I would guess that things that would normally go to your library folder in your home directory are ending up in the system's library folder... not a good thing to mix that stuff together.

The difference between Mac OS X's administrator privileges and NEXTSTEP's root is that Mac OS X will ask you if you really want to do something that might screw up your system, NEXTSTEP won't (it assumes that you know what you are doing as you are root).

If you trust yourself to not screw things up, then you are fine. If you haven't had any problems and aren't worried about having any in the future, do what works best for you.

I, personally, don't trust myself. I've accidentally moved files I didn't intend to, and I'm sure that if I can make a mistake like that with simple files I can also do it with major ones. I don't even experiment with my real hardware systems (I do/did that stuff in VPC). I install all my services, input managers and fonts into my home directories library so those things can't effect the system itself.

But I've had my user account get messed up in Rhapsody, and the fall back for fixing things was to go to root. I have root enabled on all my systems, but I keep it pristine so that when things go wrong I have a place to go to to fix them. I also enable root on all my client's (Mac OS X) systems and don't tell them about it so that I have a place to go to on their systems when they inevitably have problems. So for me, root is where I go when things aren't going right... and that is why it is important (to me) to keep it as isolated from daily users functions as is humanly possible.

And honestly... if you are doing things that can only be done in root as daily activities, that should be the first major warning that you are doing something wrong. Nothing that you do on a daily basis in NEXTSTEP should require root access when done correctly.

NeXTsociety

All makes sense.  Now, the trick, is how can I correct this?  Meaning, I now have the system just the way I like it.  It all works in root.  I can login in the me account and although most of the apps works fine, I have some fixing to do like the email not working.  

So, do I need to re-install it all over again, all apps, while in the user ME account? Or, should I just re-install those apps that mis-behave and ask for stuff that it does not see and needs (like Pages did).  Do I leave all in the Apps folder that all the apps are now in.  We are talking about Virtuoso, Improv, Pages, PasteUp, & Frame.

Just curious how you would go about switching over to daily use of Me instead of Root.  Re-installing all over again, not sure if that doubles up space used on my hard drive or if it just installs in same place and only adds stuff to my Me account that it needs to run proper?

Here is an example of an issue I am having when in Me account now.  I can't send emails anymore.  Receive them fine with PopOver but sending a no go.  So, I go to re-install the prngd.pkg and msmtp.pkg that I use for sending emails and it will not let me re-install them while in Me user mode.  Says files already exist and I don't have permission to replace them basically.

So, do I need to in this case login as root, throw the files away, as best I can finding all the ones I need to replace, then login in Me user mode and try installing the apps again?

Is there not a way to give my Me user account most all admin priveledges so I can read write without these permission errors?

tj

*Do I suppose to use the UserManager.app and someplace in there allow my Me account to have full read and write as my Root account does or something?

Quote from: "RacerX"In Mac OS X you have to enable root. The standard user account created when the system is first started up is given administrator privileges, but it is not root. It has it's own home directory where all of your personal settings (and hopefully your personal files) are kept. Root in Mac OS X doesn't have a (visible) home directory.

The thing is, once you start playing around in applications as root, your settings for those applications are tied to the root account... you won't have access to those settings in any other account.

Generally speaking, you are supposed to go into root, install what you need to install (or do what you need to do), and get out. You don't fire up apps in root because that isn't where you would normally be using them. And you really wouldn't want to start up an app like Mail in root because it not only has to create settings, it also has to create mail boxes (all tied to the account you set it up in... so they are most likely on the root level of your drive now). I would guess that things that would normally go to your library folder in your home directory are ending up in the system's library folder... not a good thing to mix that stuff together.

The difference between Mac OS X's administrator privileges and NEXTSTEP's root is that Mac OS X will ask you if you really want to do something that might screw up your system, NEXTSTEP won't (it assumes that you know what you are doing as you are root).

If you trust yourself to not screw things up, then you are fine. If you haven't had any problems and aren't worried about having any in the future, do what works best for you.

I, personally, don't trust myself. I've accidentally moved files I didn't intend to, and I'm sure that if I can make a mistake like that with simple files I can also do it with major ones. I don't even experiment with my real hardware systems (I do/did that stuff in VPC). I install all my services, input managers and fonts into my home directories library so those things can't effect the system itself.

But I've had my user account get messed up in Rhapsody, and the fall back for fixing things was to go to root. I have root enabled on all my systems, but I keep it pristine so that when things go wrong I have a place to go to to fix them. I also enable root on all my client's (Mac OS X) systems and don't tell them about it so that I have a place to go to on their systems when they inevitably have problems. So for me, root is where I go when things aren't going right... and that is why it is important (to me) to keep it as isolated from daily users functions as is humanly possible.

And honestly... if you are doing things that can only be done in root as daily activities, that should be the first major warning that you are doing something wrong. Nothing that you do on a daily basis in NEXTSTEP should require root access when done correctly.

NeXTsociety

Interesting, running 50/50 right now with 5 root and 5 user.

No one has posted why they do root though.

I guess for me, when I started installing all my apps, some said I needed to be root, etc...  I guess since I am technically the admin, my train of thought was I ALWAYS wanted full access to ALL without having to go to root, etc...  Not sure my decision was right but that was my train of thought. That I have access to all, the O Mighty GOD.   :lol:  :lol:

Anyway, interesting to see how the poll goes.

tj

RacerX

First... you shouldn't need to re-install apps. Most (all) apps should end up in either /NextApps or /LocalApps and be available to all users. That is why they are installed in those directories. It is very rare to have apps installed into your home directory (usually those would be apps you wouldn't want to share with others that might use your system with their own accounts).

Second, it doesn't sound like re-installing is the problem... you started using these things as root, so all your settings are now in root.

For example, you can't expect your mail settings that you configured in root to work for any other user account. You should have installed all the things you needed to install as root, and then gone back to your user account to set up the application to your specifications. By playing with the applications as root, you made their settings root dependent.

When you were setting these things up for e-mail, any settings that were personal (your mail servers, name, passwords, etc.) should not have been entered as root.

Here is the thing... I don't know how you have set things up, but as I said before, you should do the absolute minimum you have to as root, and then retreat back to your user account to find out if what you did works. Some apps need to be installed as root. Some can be installed from Me (I'm not sure what can and can't be done from Me as I deleted that account at the beginning in favor of a standard user account), but as a rule of thumb you shouldn't work in any application that isn't a utility in root.

In fact, the dock as originally configured when you first logged into root had pretty much the only applications you really ever should use as root. The fact that root has special apps already in the dock is a hint that root is not a normal place to be as a user.

Quote from: "NeXTsociety"I guess for me, when I started installing all my apps, some said I needed to be root, etc... I guess since I am technically the admin, my train of thought was I ALWAYS wanted full access to ALL without having to go to root, etc...

Like I said, I installed almost all my apps as root. Installing applications (specially those that come as packages and may want to  install additional frameworks) is an administrative task (a task for root). Using what has been installed is a user task (a task for the users).

Again though... I'm an overly cautious person. And to be perfectly honest, I'm practically phobic about things going wrong on my systems. Nothing screws me up more than to have something happen that takes down any of my systems. I have gotten my computers down to the point where I have issues once every couple years.

The only thing I would point out is that most people who say they want full access don't know enough to have full access. If the system is stopping someone from doing everyday tasks as a user, then that is the system's way of saying somethings wrong. If you are always running as root... you most likely aren't getting that message.

And I do have full access to everything on all my systems because I can go to root if I want to... and yet I almost never do.





As a side thought... I often think of the old TV show Home Improvement at times like these. Wanting to be root all the time is like Tim wanting more from all his tools. The thing is, no one could talk him out of doing what he wanted... no matter how many ambulance trips he took. :eek:

Morgon

There is no way for me to run as root all the time since we still use OpenStep in a productive environment in our company so there would be too much danger in running root all the time.

Beside that the customers wil get worried by receiving mails from root all the time ;)

I rarely log in on the graphical system as root after all since most tasks there are to do as root can be done from the command line once the system is set up and when tweaking netinfo you are asked for the additional privileges if necessary.

Some few things requiring root privileges like doing backups have been wrapped up in programs so every user can start and use them. For the backup this has changed further by the years in the way that only the UI is running on OpenStep by now, the real backup takes place on our linux file server.

Morgon

bkmoore

I have been following this post, but now I want to add my opinion.

If you run everyday tasks as root, you are basically using NeXT as if it were DOS or Win95 and defeating the purpose of having an advanced, protected, multi-user operating system.  But there are alway people who try to drive screws with a hammer. :roll:

The "me" account on NeXT is basically the same as the admin account you create when setting up Mac OS X, only less refined. The me is a member of the wheel group, and has more permissions than the normal user. But you can always add wheel to a normal user account to give it some admin privileges.

If you don't know how to do everyday tasks without resorting to root, you probably should get a good UNIX reference and read up on users, groups and permissions.  There is a reason for the way UNIX was designed and it wasn't designed to make the lives of users more difficult.

I don't mean to sound conceited, but there seems to be a lot of posts lately by people who have obviously not taken the time to read some basic UNIX for dummies before asking the board.

Brian

NeXTsociety

Quote from: "bkmoore"

I don't mean to sound conceited, but there seems to be a lot of posts lately by people who have obviously not taken the time to read some basic UNIX for dummies before asking the board.

Brian


I guess that is directed at me.  Just as an FYI I do have some unix books in my Amazon wish list and hope to get some not too long down the road.  Budget is tight with my wife being laid off so we are playing catch-up on bills, etc...  So, I normally google unix questions and search the forums here and if I am still confused, which with Unix it is like another planet to me ( :shock: ), I ask questions here.  I personally don't think anything I have asked is too out of the realm but what do I know.

I guess the way I look at it, the NeXT platform and these forums have a rather low volume of posts and users.  It is not like the forums here are over-flowing with activity.  Compared to other platforms of old, Atari, Amiga, etc....  the forums over yonder have more posts in an hour than probably we see here in a month (hehehe).  So, to me, having people like myself that are a bit timid of Unix asking questions keeps these forums alive and from becoming a place where a handful of Unix experts check the forums once a year to see if someone else posted.   :wink:

I figure the activity happening, even if basic questions, is keeping this platform alive for more people to catch the NeXT bug like has happened to me.

Just my humble opinion is all.   :lol:

But, I do have a handful of books on my wish list for the future and happy to say I have learned all sorts of stuff since getting back into NeXT being the last time I was in mid 90s.  Heck, I have a decent couple of NeXT's being used everyday now here at the stead.  Keeping these guys alive and serving a purpose instead if in some closet someplace.

Now if I can just learn to stop hosing my hard drive and NS3.3 on my Cube I would be happier.  I don't think any book would cover what I have happening.  hehehe

tj

NeXTsociety

BTW, I am now running as user.  Rebuild of my whole system yesterday and I am now doing all in Me as user.  I see the true benefits of doing this now.   :)

tj

bkmoore

TJ,

I am sorry if I gave you or anyone else the impression that I was singling you out.   :oops:  I was just making a general observation about UNIX literacy.  I remember when you had to practically rob a bank to be able to afford a NeXTStation and almost all industrial-strength computing was done on UNIX or VAX or something like that.  Now days, at least in engineering, it's a Windows world. So UNIX literacy is no longer what it once was.  It's kind of like having learned navigation in the days before GPS came along and somebody asks how to find the northern star.

I am by no means a UNIX expert, I know just enough to configure my systems to do what I want them to do.  I really do enjoy reading your posts, especially your thread about your adventures in the nine-levels of installer hell.  I think most of us have been there at one time or another.

Again, I apologize if I offended anyone.  I didn't mean to. Please keep the questions coming. Even the basic ones, as I do learn a lot of new things from reading some of the responses.

Brian Moore

NeXTsociety

No worries man.  

tj

Quote from: "bkmoore"TJ,

I am sorry if I gave you or anyone else the impression that I was singling you out.   :oops:  I was just making a general observation about UNIX literacy.  I remember when you had to practically rob a bank to be able to afford a NeXTStation and almost all industrial-strength computing was done on UNIX or VAX or something like that.  Now days, at least in engineering, it's a Windows world. So UNIX literacy is no longer what it once was.  It's kind of like having learned navigation in the days before GPS came along and somebody asks how to find the northern star.

I am by no means a UNIX expert, I know just enough to configure my systems to do what I want them to do.  I really do enjoy reading your posts, especially your thread about your adventures in the nine-levels of installer hell.  I think most of us have been there at one time or another.

Again, I apologize if I offended anyone.  I didn't mean to. Please keep the questions coming. Even the basic ones, as I do learn a lot of new things from reading some of the responses.

Brian Moore