On Thu, September 21, 2017 12:42 pm, Joseph L. Casale wrote:>> Than was my first reaction when I realized that logged in with GUI (X11) >> user can turn off (and on) network interfaces. Without being in sudoers >> file. > > Would not being in sudoers prevent them from pulling the cord out? The > rational for the control is well justified for users with multiple > interfaces > and is simply a convenience to something they could always do under any > condition anyway.Yes, I can understand the rationale as above - if it is somebody's laptop. Or someone's home computer. But it is arguable if it is centrally managed workstation. This ability to screw settings up is a pain for sysadmin if this workstation sits on common area (like library) and multiple users can access that, and even if it is workstation that is basically a single user one, but has to be managed centrally. I rest my case. Basically, all _I_ said on this sidetracked thread should be treated as enclosed into "rant" tags ;-) Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On Thu, Sep 21, 2017 at 05:23:23PM -0500, Valeri Galtsev wrote:> > On Thu, September 21, 2017 12:42 pm, Joseph L. Casale wrote: > >> Than was my first reaction when I realized that logged in with GUI (X11) > > Yes, I can understand the rationale as above - if it is somebody's laptop. > Or someone's home computer. But it is arguable if it is centrally managed > workstation. This ability to screw settings up is a pain for sysadmin if > this workstation sits on common area (like library) and multiple users can > access that, and even if it is workstation that is basically a single user > one, but has to be managed centrally. I rest my case. Basically, all _I_ > said on this sidetracked thread should be treated as enclosed into "rant" > tags ;-)Well, this is my longstanding rant against RedHat and friends. Take a look at what Fedora is doing before blithely throwing it into RedHat.>Most Fedora stuff is for single user laptops, and frankly, a lot of it seems developed by people with no concept of system administration. Things like this. One bug, back when I cared enough to file bug reports (at a FreeBSD shop these days, so it affects me less) was when had pkg kit or some other GUI allow any user to install and update any package without authorization. Too many things to make things easy for the less experienced user, which makes sense for Fedora, get put into RedHat, and they shouldn't. I wish there were a bit more competition for commercial Linux for RedHat here in the US so that they'd have to pay more attention to their user base. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6
On Thu, September 21, 2017 6:13 pm, Scott Robbins wrote:> On Thu, Sep 21, 2017 at 05:23:23PM -0500, Valeri Galtsev wrote: >> >> On Thu, September 21, 2017 12:42 pm, Joseph L. Casale wrote: >> >> Than was my first reaction when I realized that logged in with GUI >> (X11) >> >> Yes, I can understand the rationale as above - if it is somebody's >> laptop. >> Or someone's home computer. But it is arguable if it is centrally >> managed >> workstation. This ability to screw settings up is a pain for sysadmin if >> this workstation sits on common area (like library) and multiple users >> can >> access that, and even if it is workstation that is basically a single >> user >> one, but has to be managed centrally. I rest my case. Basically, all _I_ >> said on this sidetracked thread should be treated as enclosed into >> "rant" >> tags ;-) > > Well, this is my longstanding rant against RedHat and friends. Take a > look > at what Fedora is doing before blithely throwing it into RedHat. >> > Most Fedora stuff is for single user laptops, and frankly, a lot of it > seems developed by people with no concept of system administration. > Things like this. One bug, back when I cared enough to file bug reports > (at a FreeBSD shop these days, so it affects me less) was when had pkg kit > or some other GUI allow any user to install and update any package without > authorization. > > Too many things to make things easy for the less experienced user, which > makes sense for Fedora, get put into RedHat, and they shouldn't. > > I wish there were a bit more competition for commercial Linux for RedHat > here in the US so that they'd have to pay more attention to their user > base.Well, I guess we see Microsoft money invested into ("donated" to? ;-) RedHat at work. Yes, my servers are FreeBSD for long time already, but as we have to use Linux for wide variety of stuff, we may need to start looking which other distribution (better from sysadmin's prospective) to flee to. Scott, I'd be glad to hear your advise on that matter. (As CentOS public mirror maintainer I will keep maintaining that indefinitely as a token of gratitude to the project that gave us so much over long time). Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++