Thursday, 13 August 2009

Release!

SkinnyDebbie for Lenny is out!

This should be considered a beta release. There has been a ton of refactoring and restructuring, so I am pretty sure that there are some bugs that need to be squashed. Also, all the development was done in a virtual environment where I was not able to test automounting or audio. I’ll do real automounting and audio testing in September, but the underlying code for both worked fine in Skinny for Etch.

The basic installation process is:

1) Do a Debian Lenny network install without any desktop environment.

2) Login to the user account you created. (Do not login as root.)

3) Install SkinnyDebbie by typing the command:

wget http://skinnydebbie.org/install

followed by:

install bash

I will integrate installation documentation into the main website in the next few days.

Saturday, 8 August 2009

Repository changes

I have closed the test repository I created earlier and created a new repository for SkinnyDebbie that I hope to use when everything goes live (next week?).

The new repository is:

deb http://download.tuxfamily.org/skinny/skinny-one/ binary/ 

Please update your entries accordingly.

Thursday, 6 August 2009

Almost there

All packages and scripts are done. (Phew!)

What remains is to put everything into the public repository, try the whole install process on a real system, and then start bug squashing.

Tuesday, 4 August 2009

Against the wind (part 3)

It turns out the poor man’s gksudo I came up with earlier has issues. It has something to do with how quotes are handed in bash and/or sudo, but I’ve tried everything to figure out what the problem is and have come up with nothing. In short, in a bash script, if you issue

echo $pw | sudo -H -S -b -u root rox "/home/mithat/test me"

it works as expected (assuming $pw is valid). But if you issue:

myCMD="rox "/home/mithat/test me""
echo $pw | sudo -H -S -b -u root $myCMD

it doesn’t, even though $myCMD echoes as rox "/home/mithat/test me". The sudo command seems to become blind to the quotes around the path, even though they appear just fine when echoed. Quoting the error verbatim:

File doesn't exist, or I can't access it: "/home/mithat/test
---
File doesn't exist, or I can't access it: me"

sudo sees rox just fine, but then it splits arguments at the space in the path even though the path is quotedand it sees the quotes! WTF?

So, here’s a list of things that don’t work reliably, even though they should:

  • gksudo
  • su-to-root
  • handmade GUI sudo wrapper

And here’s a list of things that work reliably:

  • su
  • sudo

It really shouldn’t be like this.

A new sudoers structure

If I keep sudo-based root access, the sudo structure will change as follows

1) The group wheel will be added by the Skinny install process.

2) The install process will also add

%wheel  ALL=(ALL)   ALL

to the sudoers file.

3) Then, making a user an superuser/admin simply involves adding the user to the wheel group (which the install process should also do for the installing user).

After the single addition to the sudoers file, no messing with the file is needed! Even better, removing someones admin status is as easy as removing them from the wheel group. Why wheel? I don’t know, but it seems to be the classic group to use for these purposes.

So, the relevant commands…

To add a group to the system:

groupadd <groupname>

To add a user to a group:

gpasswd -a <username> <groupname>

or

usermod -a -G <groupname> <username>

To delete a user from a group:

gpasswd -d <username> <groupname>

This is so much better than the sudoers hacks that were part of the original setup.