Re: [Devil-Linux-discuss] Homedirectories

[R. <bj...@se...>]

Hi John, thank you for your very informative info!  You gave me a good=20
idea of how Devil-Linux harddisk option should be managed.  I browsed=20
through your enclosed LVM-instructions and also the LVM-Howto.  Yet=20
another exciting Linux aspect.

Unfortunately my question wasn't formed precisely enough.  In my=20
particular installation I do not have any hard-drive.  I still want to=20
create a home directory for a service-user, logging in via scp and a=20
script on another machine.  Thus this user needs a ".ssh" directory=20
containing keys for password free log in.  After the ssh configuration i=
s=20
done, the homedirectory will not change.

Perhaps the floppy can be used for this home-directory and then made=20
write-protected?

Another related question:  Using ssh for logging in as root is usually=20
considered as not so good practice.  It's common to remove access for=20
root through ssh, forcing you to log in as an ordinary user, and then=20
"su" to root.  What's the best practice for Devil-Linux, where you don't=
=20
have ".ssh"-directories for this "ordinary user"?

Perhaps ssh keys is the single alternative?


Anybody, appreciate a helping hand!  Thanks!


Bjoern

>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<

On 24.06.02, 18:17:40, "John van V." <joh...@ya...> wrote regard=
ing=20
Re: [Devil-Linux-discuss] Homedirectories:


> Hi Bjorn (pardon my American keyboard ;)

> Devil-Linux is not meant to preserve anything through reboots.

> Thats kind of the whole point.  For security reasons only two partitio=
ns=20
exist,
> /var and /swap.  I think of Devil-Linux as a vehicle for IPTABLES,=20
FreeSwan,
> and other front line protection systems for networks.

> /var exists for logging and /swap exists to accomdate the SHMFS type o=
f
> ramdisk.

> Personally, I think logging should go trough an encrypted tunnel.  /va=
r=20
can be
> wrapped with ssh for instance or messages can be transferred via a an =

encrypted
> signalling system similar to syslogd.

> This would make /swap the only DL disk component.

> About eLSD... (optional, you can skip to next paragraph)
> eLSD, The enhanced Linux Society Distro, is a user environment built o=
n=20
top of
> Devil-Linux.  At some point eLSD will have to compile its own kernel, =
use=20
GCC3,
> possibly make other enhancements which deviate far from the purpose of=

> Devil-Linux.  Ideally, we at the linux society want to create a platfo=
rm=20
for
> developing truly de-bloated server systems deployable to the 6 billion=
=20
humans
> out there.  In our enhancement, DL will be buildable under DL... =20
Ultimately
> the concept of an application will dissappear, the only application wi=
ll=20
be the
> OS and the OS will simply recognise datasets, addressed by URLs, and t=
hen=20
load
> the proper libraries (methods) so that the user can use the data.  Thi=
s=20
is the
> ThinMan model, and our favorite target is the cell phone.  The OS will=
=20
one day
> become a library written for the hardware further increasing efficency=
=20
and
> battery life.

> Having said all that, let me say that I have added /opt and plan to bu=
ild=20
a
> whole /usr type directory there, including its own "enhaced root" ther=
e=20
called
> sys_adm.

> You create your /home diretories on your harddrive using LVM (doing th=
is=20
makes
> us DL admins proud); very good instructions exist on the DL site.

> You then edit /etc/init.d/mountfs (on your floppy) to create your moun=
t=20
point
> (mine is /opt, yours is /home)  before the mount -a command.

> I tried to hack many of the init.d scripts but bash as it exists in DL=
=20
seems to
> seems be broken in many ways.. could it be busy box ??  Dont know.

> My advice is to keep it simple.  Here are the changed lines in my=20
mountfs:

> ## /etc/init.d/mountfs

> # Walk through /etc/fstab and mount all file systems that don't have
>                 # the noauto option set in the fs_mntops field (the 4t=
h=20
field.
> ee
>                 # man fstab for more info)
>                 #
>                 echo -n "Making other mount points..."
> #Here >>>>>     mkdir /opt
>                 evaluate_retval
>                 echo -n "Mounting other file systems..."
>                 /bin/mount -a
>                 evaluate_retval

> ##
> ### /etc/fstab ###

> # Begin /etc/fstab

> # location of filesystem        mount point     fs-type         option=
s

> #/dev/*LFS-partition device*    /               *fs-type*       defaul=
ts=20
1 1
> /dev/devil-linux/swap          swap             swap            defaul=
ts=20
0 0
> /dev/devil-linux/opt           /opt             reiserfs        defaul=
ts=20
0 0
> #proc                           /proc           proc            defaul=
ts=20
0 0
> # End /etc/fstab

> Attached are instructions for creating LVMs....

> Hope this helps, John



> =3D=3D=3D=3D=3D
> John van Vlaanderen

>       #############################################
>       #    CXN, Inc. Contact:  jo...@th...   #               #
>       #      Proud Sponsor of The Linux Society   #
>       #        http://www.thelinuxsociety.org     #
>       #############################################

> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com