Re: Sunray Controlled Access Browser. utxconfig -s ?

From: brian lockwood (t100ss_at_hotmail.com)
Date: 11/16/03

  • Next message: Gary Jahrig: "Re: Command line editor for /sbin/sh"
    Date: 16 Nov 2003 07:11:31 -0800
    
    

    Thanks for your comments
    <snip.............>>
    > > It appears from further work that in order to use utxconfig -a I need
    > > to be a root user and to be logged on at a Sunray. It is no good to be
    > > logged in at the console.
    >
    > If true then that would be a bug, you should be able to run
    > 'utxconfig -a' from anywhere.

    If I log on as root at the console and issue a utxconfig then I get a
    complaint that a file related to X dsiplay:0 does not exist.
    (Somewhere in temp). If I look in the place then ther is one relating
    to the Sunray (display:2). If I copy 2 to make a 0 file then utxconfig
    reacts as I would expect and says tha Xconfig has been changed.
    However the required system wide effect does not happen. Hence the
    business about enabling root login in order to effect the change.

    > <Snip> .................
    > Lots of people believe that
    > you should never log in as root even on the console, you should
    > instead log in as yourself and then 'su' to root. This leaves a
    > better audit trail and reduces the possibility that you will
    > accidentally damage the system while working as root. Of course
    > it's your system so you get to make the rules.
    >

    I sympathise with this view and I have to say I am a bit too cavalier
    about these things. I do sign any configuration changes I have made so
    that people can find them. Having got the effect I want, and by way of
    a salute to Solaris Professionals out there, I will disable root
    logins again. The system is isolated from the internet mind.

    > > I then could log in at a sunray and issue
    > >
    > > /opt/SUNWut/bin/utxconfig -s off
    > >
    > > Was that necessary I wonder?
    >
    > Yes, it's absolutely necessary. This is a huge wart in the
    > 'utxconfig' syntax. If you leave '-s on' then nothing you do
    > with '-r' or '-g' has any effect. With a little luck this
    > will get fixed in the next release of Sun Ray.
    >
    > However, without '-a' that command just modifies the settings
    > for the current Sun Ray session, it doesn't apply globally.
    > What you needed was 'utxconfig -a -s off -r 1024x768'. It
    > sounds as though you got there in the end but you may have
    > forced some other configuration changes for individual
    > sessions on the way. If 'utxconfig -o' shows settings for
    > access tokens other than "default" then you should look at
    > those extra settings and decide whether you really want to
    > keep them.

    Ah, now that is interesting. When I implemented the 7 Sunrays in the
    library with the captive login I found that I had to visit each
    separate workstation and issue the utxconfig commands.

    Somewhere, each Sunray appears to have its own Xconfig?

    > > My next trick is to make Netscape 7 into the controlled access browser
    > > rather than 4.78. If someone else has already done this then I would
    > > appreciate any advice.
    >
    > Ask your SE, he might be able to get you a recipe for doing
    > that.
    I am setting up a backup server for the library system and have
    successfully made the default browser into Netscape 7, however I
    haven't tried implementing it as a captive browser yet.

    Brian L


  • Next message: Gary Jahrig: "Re: Command line editor for /sbin/sh"

    Relevant Pages

    • Re: Sunray Controlled Access Browser. utxconfig -s ?
      ... >> I am running the Controlled Access Browser and want the browser to run ... > to be a root user and to be logged on at a Sunray. ... The default disallows root logins from anywhere but the console. ... Sun Ray and any other non-console mechanism. ...
      (comp.sys.sun.admin)
    • Re: Sunray Controlled Access Browser. utxconfig -s ?
      ... Do I need -s off in utxconfig? ... > users on the Sunray for normal logins. ... The default install makes root login not work at a sunray. ...
      (comp.sys.sun.admin)
    • Re: Encrypted file system without initial password:
      ... It works OK but my question is, can one make it boot ... This was not a question about potential root exploits. ... These settings can then be password-protected in the BIOS ...
      (comp.os.linux.security)
    • Re: ASP.NET webs not working
      ... I tend to always go into IIS and verify the Application Root setting for each web / subweb on my ... Thomas A. Rowe ... FrontPage Resources, WebCircle, MS KB Quick Links, etc. ... >>> application settings were simple and easily reversible in an effort to ...
      (microsoft.public.frontpage.client)
    • Re: [opensuse] lpadmin -d acts different than expected
      ... On Jul 1 08:39 Roger Oberholtzer wrote: ... as root I ran lpadmin -d newQueue. ... Perhaps an lpoptions section is needed in the KDE's Personal Settings. ...
      (SuSE)