Search Members Help

» Welcome Guest
[ Log In :: Register ]

Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic
Pages: (5) </ 1 2 3 [4] 5 >/

[ Track this topic :: Email this topic :: Print this topic ]

 reply to topic new topic new poll
Topic: starting fluxbox without icons on desktop, how to achieve that?< Next Oldest | Next Newest >
StevenCheng Offline





Group: Members
Posts: 14
Joined: Aug. 2005
Posted: Aug. 02 2005,02:40 QUOTE
Quote (mikshaw @ Aug. 01 2005,09:35)
Quickest and easiest way is to remove the "enhance" line in $HOME/.xinitrc.  This will prevent the dockapps AND icons from loading.
If you want to keep the icons, replace this line with "xtdesk &>/dev/null &".
If you want to keep the other dockapps, add a command for each.  

EDIT:  I see now this is all covered in this very thread.  Beyond that, what more are you looking for?  The mounting is done with mount.app.  The other docakapps are listed in /usr/bin/enhance.

Thanks again,

I've tried to remove the enhance line in .Xinitrc. It works fine but the user still can use the DSL--Desktop--Full Enhanced Desktop to resume the "tools windows" and use that windows to mount the HD...

I'm thinking may be the best way is to restrict the user right of mounting. But since I'm completely new in Linux, I don't know how to restrict user right...
Back to top
Profile PM 
mikshaw Offline





Group: Members
Posts: 4856
Joined: July 2004
Posted: Aug. 02 2005,03:20 QUOTE
Remove "user" from the 4th column of /etc/fstab, for any device which you do not want the non-root user(s) to mount.  However, user dsl still has power to use "sudo mount" without a password.  You'll need to run the command "visudo" as root in order to edit the sudoers file, which means learning a little about vim, and a little about sudoers.

You could also remove or change permissions on mount.app (I think it's in /usr/X11R6/bin).  If you made it executable only by owner, normal users wouldn't be able to run it.
This is only a cosmetic fix, though.  Any user can still open a terminal and type commands.

DSL really isn't a great ball of security from local users...I don't believe it was ever intended to be that.  You can make it as secure as you want it, but it's going to take a lot of work for anyone who is new to Linux.

--------------
http://www.tldp.org/LDP/intro-linux/html/index.html
Back to top
Profile PM WEB 
StevenCheng Offline





Group: Members
Posts: 14
Joined: Aug. 2005
Posted: Aug. 02 2005,04:10 QUOTE
Quote (mikshaw @ Aug. 01 2005,23:20)
Remove "user" from the 4th column of /etc/fstab, for any device which you do not want the non-root user(s) to mount.  However, user dsl still has power to use "sudo mount" without a password.  You'll need to run the command "visudo" as root in order to edit the sudoers file, which means learning a little about vim, and a little about sudoers.

You could also remove or change permissions on mount.app (I think it's in /usr/X11R6/bin).  If you made it executable only by owner, normal users wouldn't be able to run it.
This is only a cosmetic fix, though.  Any user can still open a terminal and type commands.

DSL really isn't a great ball of security from local users...I don't believe it was ever intended to be that.  You can make it as secure as you want it, but it's going to take a lot of work for anyone who is new to Linux.

when I tried to run the visudo command, I got the following error message:
visudo: no editor found (editor path= /usr/bin/editor)

What does it mean? Does it mean that the editor program is not installed in my system?

So you mean that I have to learn how to use the visudo command (as root) to edit the sudoers file in order to restrict the user of mounting HD? Am I correct?

Thanks again...
Back to top
Profile PM 
StevenCheng Offline





Group: Members
Posts: 14
Joined: Aug. 2005
Posted: Aug. 02 2005,04:37 QUOTE
I've open the /etc/sudoers file with beaver editor (I don't know how to use the visudo yet!) and saw the following contains:

#sudoers file.

Cmnd_Alias    SHUTDOWN=/sbin/shutdown
Cmnd_Alias    HALT=/sbin/halt
Cmnd_Alias    REBOOT=/sbin/reboot

root    ALL=(ALL) ALL
dsl ALL=NOPASSWD: SHUTDOWN,HALT,REBOOT


So, do I need to modify the contain inside? How?

Thanks in advance...
Back to top
Profile PM 
mikshaw Offline





Group: Members
Posts: 4856
Joined: July 2004
Posted: Aug. 02 2005,05:01 QUOTE
From what I understand, you should not edit sudoers as a regular text file.  I don't know why, but then I never bothered to find out.  You might be able to link beaver to /usr/bin/editor (ln -s /path/to/beaver /usr/bin/editor), but I've never tried visudo with a gui editor.

I've edited sudoers only a couple of times, and needed to have the manpage next to me while doing it, so I can't say exactly what to do. You'll probably want to get rid of the NOPASSWD part though.
http://www.die.net/doc/linux/man/man5/sudoers.5.html

--------------
http://www.tldp.org/LDP/intro-linux/html/index.html
Back to top
Profile PM WEB 
22 replies since May 28 2005,15:56 < Next Oldest | Next Newest >

[ Track this topic :: Email this topic :: Print this topic ]

Pages: (5) </ 1 2 3 [4] 5 >/ 		reply to topic new topic new poll
Quick Reply: starting fluxbox without icons on desktop

Do you wish to enable your signature for this post?
Do you wish to enable emoticons for this post?
Track this topic
View All Emoticons
View iB Code