freedesktop - Oct 2004 - [fdo] Integration of network-softwares like samba, nfs and sftp with the desktop

Hi there,

I would like to enable the desktop user to create shared folders, for
example using protocols like Samba, nfs and sftp.

For the user to make this possible, the user needs (on a Linux machine
configured with the defaults of most current Linux distributions) root
privileges.

However. In a desktop environment, in my humble opinion the possibility
for a normal user to configure a simple share within his or her own
home-directory should exist. Worse! It should be easy! Really easy!!

No wait, you don't understand what I am saying yet. REALLLYYY easy. My
girlfriend should NOT have to read ANY document. Yet she SHOULD have to
just KNOW by the freaking menu labels how to do it. You get my point?

To make this possible we could, for example, create a small daemon which
runs as a user with the right privileges to alter that part of the
configuration of systems like Samba, nfs and sftp (openssh), and alter
softwares like Nautilus.

A very simple (but perhaps quick-n-dirty) solution would be to take a
tool like Fedoras system-config-samba and turn it into an ORBit server,
and let applications (like nautilus) talk CORBA to configure Samba.

It would also be a possibility if the developers of technologies related
to the desktop-world, stick their selfish heads together to create a
standard for talking with the normal-user about such configuration.

A lot like, on the GNOME desktop, gconf. It would be nice and easy for
GNOME application if a system like Samba would peek into the gconf-
configuration-settings of a user to know about shares this user has set.
(And then we have the stupid discussion with the KDE people who believe
their configuration system is superior with GConf bla bli bla bla).

Any such solution should happen, of course, in a secure fashion. Being
opensource, we know that we can code this in a secure fashion, don't we?

It would be nice if we could get the attention of those people involved
with the softwares mentioned. I have strong beliefs that the Linux
desktop is ready for integration with all those parts that made the
Operating System strong in the server-room.

I am willing to put my energy into getting it to that point, if and only
if people are with me. And not against the idea, not against the
concept. Not if people are "just" scared and parano?a of
security-issues
while not knowing one little thing about secure-programming. There is
nothing scary to it, in my humble opinion. Yeah Microsoft makes a lot
security mistakes and perhaps those happen because they want to
integrate such security-critical tasks with the desktop-environment. But
that doesn't mean that we shouldn't do it the way it should be done. It
means that the Linux desktop might have the advantage that this system
has been coded in a way that allows all this integration to happen: in a
secure fashion.

ps. Before Januari I will have ten vacation days left. I would like to
spend them doing something (very) useful for the Linux desktop. Last
time I decided to help Gaute Hope create gnome-schedule, which has been
more or less a success. This issue is one of the many that have been
itching me for a long time, so I am being serious about it. I am not
only looking for talkers.. I am looking for doers.



-- 
Philip Van Hoof, Software Developer @ Cronos
home: me at freax dot org
gnome: pvanhoof at gnome dot org
work: philip dot vanhoof at cronos dot be
junk: philip dot vanhoof at gmail dot com
http://www.freax.be, http://www.freax.eu.org

At this moment, I have the following in mind:

Option one: Create a ORBit daemon that will monitor the configuration-
files of Samba using fam (and will reload it's configuration if the file
is altered). This server will reparse the configuration-file each time
it's asked to do something (for a user) and will append/alter the
configuration-file if the security-checks are good. (so if the share is
within the homedir, if there are no symbolic/hard-links in the tree that
could give the user access to another place, etc etc).

   pro: Other desktops like KDE can easily talk CORBA with this daemon.
        They will probably never use this for CORBA smells to much like
        GNOME (they even have the same amount of characters in their
        name!!) but ... okay

contra: Yet another daemon, running as evil-root



Option two: Create a plugin or piece of code for Samba that will read
and listen for GConf-events/configuration key changes and will reload
the configuration of Samba.

   pro: Tight integration, no learning curve for developers who want to
        integrate their software with this folder-sharing. It's just
        adding GConf configuration-keys for that user.

contra: KDE desktops can't use this (for their developers will whine
        about GConf until we will all starve to death of it)



Option three: +s root binary that can alter the Samba configuration but
does some security-checks first. 

   pro: You can still create a silly daemon for this that will launch
        the tool, and it's usable for really any desktop. Even without
        a CORBA implementation. 

contra: Yet another +s binary. You can also create such a silly
        commandline tool for the daemon-option. Or you could use silly
        gconftool-2 for the GConf option.


Option four: Let the Samba people do it

   pro: They won't hate you because they think you made their secured-
        software insecure by proxying their configuration.

contra: You will probably have to wait for ever until this stupid small
        software/feature is created.


For sure: Alter software like nautilus to have popupmenus and property-
pages for folder-sharing. And let these softwares talk or CORBA with the
daemon, or GConf, or let it launch the +s tool.

For sure: Listen to developers of other desktops that you are an idiot
because you didn't use (their) technology x which is superior to
technology y for the stupid reason z.



-- 
Philip Van Hoof, Software Developer @ Cronos
home: me at freax dot org
gnome: pvanhoof at gnome dot org
work: philip dot vanhoof at cronos dot be
junk: philip dot vanhoof at gmail dot com
http://www.freax.be, http://www.freax.eu.org