[422] in athena10
Re: root logins
daemon@ATHENA.MIT.EDU (Geoffrey Thomas)
Wed Aug 13 16:44:00 2008
Date: Wed, 13 Aug 2008 16:43:36 -0400
From: Geoffrey Thomas <geofft@MIT.EDU>
To: athena10-mtg@menelaus.MIT.EDU
In-Reply-To: <1218658821.12433.198.camel@error-messages.mit.edu>
Message-ID: <alpine.DEB.1.10.0808131622330.20980@vinegar-pot.mit.edu>
On Wed, 2008-08-13 at 16:16 -0400, Jonathan Reed wrote:
> On cluster workstations, obviously we will want to continue to disable
> root logins. However, will we still be setting a password for the
> root user? (And will that continue to be "profroot", or is it time to
> change? "deanroot", perhaps?) Alternatively, is there a need for
> ordinary users to become root in clusters any more? It should no
> longer be necessary for mounting peripherals like USB drives?
One thing to mention about Ubuntu is that it packages a lot of software,
almost certainly more in magnitude than is available in lockers. I assume
we want to let users install packages in clusters to be able to make use
of this; if so, we should make sudo / gksudo work with no password for
cluster logins. This is probably as easy as pam_group-adding people to
admin when they log in (see also Trac ticket #92) and setting NOPASSWD,
but I haven't tested this.
Incidentally, did we ever reach a conclusion as to whether cleaning up
after users (removing their packages or resetting a snapshot or whatever)
was a good idea?
--
Geoffrey Thomas
geofft@mit.edu
