(Illustration by Gaich Muramatsu)
Hello James, On Tue, Aug 10, 2004 at 06:02:44PM +0100, James Le Cuirot wrote: > While I can write with my normal user account, I cannot write as root. When I Let us make it clear, for Coda "root" is nothing special, just an uid, like any other. That uid's rights are determined in the same way, by acls and by tokens that uid possesses (in your case probably none). > try, the command simply hangs until I press Ctrl+C. I use Entrance to log in and Would you include a small typesctipt? Otherwise it is hard to know for sure what situation it is and which command fails in which way. > as far as I can tell, it's writes the Xauthority file as root because when I try If the login program tries to write things into Coda without having tokens it is just plainly wrong. It should not succeed - unless the user's directory is wide open to the whole world. (the program _may_ have tokens as it gets the user's password, but yours probably doesn't...) > but I can imagine the inability to write as root causing problems in other ways. Sure, all programs which depend on special root rights on non-local filesystems, will fail. Period. It is not Coda-related, it is usual practice even on NFS. Programs, which switch uid to the user's one and try to write as the user, without acquiring the tokens, will fail too! It is their fault, as local uid posession can _not_ give global rights without proving the identity to the file server. Fortunately, pam can help to some degree, acquiring the tokens. You should also instruct login programs to create Xauthority somewhere on a _local_ file system as that file is inherently Xserver==host bound. You have no need (and you do not want) to share Xauthority information, as you do not want to run X without tunneling anyway. (it is a well-known security hole, .Xauthority on NFS... as Coda does not encrypt the traffic, the hole would be as big on Coda, too) Best regards, -- IvanReceived on 2004-08-10 13:50:14