If you go multi-user will you asked for suggestions?

If you go multi-user wll you asked for suggestions like you kind of did for package management.

I am not really fond of how the other Os’s do multi-user. I like a lot more how some forum and web content delivery software have user, moderator and administrator. An administrator could be only for system maintenance and updates. A moderator can install packages/software (not system updates) and a user can’t install packages. Currently to install some software I have to drop to root. I don’t understand why I need to run in a mode where I could change the read only attribute on any system file just to try out some software to see if I like it. I feel the gap between user and administrator is to large on some systems. I am not sure if others would like user, moderator and administor. I hope I am not stepping on anybodies toes in suggestion a possible disscussion.

Boot Manager already lets you use a diffirent name for each partition used. There would be no problem setting up a separate partition for each family member.

When booted a list of family members will appear, then a person just has to cursor to their name and hit return.

Damn it all, I just remember what my mother would do in such a situation! You win!!! Strike 1.

Okay, okay. The partition/boot list would get bad there. But multiple home directories would handle 90% of the problems. The remaining 10% is still a problem. Strike 2.

The previous suggestion that system file/settings could be protected from being change without a password would still protect you against most of these attacks too. Ball 1.

Looks like I am going to lose. Oh well, can there be an option to just boot?

Hi jest!

I don’t think the exact multi-user implementation is on the radar yet. But when the time comes, I’m sure there’ll plenty of discussion and some sort of investigation into different approaches, just like with package management.

Personally, I’d too detest to be asked for passwords all the time. Since our PM is designed with the ability to install packages “locally” for the current user, a password will probably only be necessary when you want to install an app for another or all users or when Haiku itself is updated. So that one seems to be sorted.

On the other hand, there are probably countless complications everywhere that I would never think of… :slight_smile:

Regards,
Humdinger

As I view Haiku as a personal one-on-one OS, why the need for multi-user?

I know some people need to share the computer with others in their family, but other than that what does multi-user really bring to the table?

PS. Even on my own system I find it easier to use multi-boot to host different versions of Haiku-OS and use common ‘Data’ partitions keep the data files available to all. The most I would need personally is the ability with different home directories.

I don’t really know if Haiku needs to be a Multi-User OS. What Haiku could do is to offer some sort of Guest configuration so that someone can use the computer without having access to the main user and configuration files in a secure way.

Most of the security advantages people attribute to multi-user OS is seperation between user and system. In Linux distributions as well as the BSD’s you need the Root password to access files and processes owned by root. In a similar fashion, Haiku could by default restrict access to all sensitive system files and processes that if meddled with could cause serious damage to the system.

Instead of restricting access to the system files entirely, a password could be used to ensure the user is aware of what she is doing. In this way the user remains in complete control of the system (as it should be) while at the same time ensuring that a rogue user or process can’t damage the OS!

ddavid123

Having multiple family members share the same computer is a perfectly good reason for a multi-user feature. For most family members, it would be acceptable to turn the computer on, wait until it boots up and then click on their avatar image to log in. I can’t really see how I would tell my girlfriend to boot from a particular partition if she wants to use her files…

Then Ingo and I wrote and published eXposer, the animation software, and it was installed on “workstation” BeOS computers (which I administered) in my film school. These were used by multiple students of a class. It was a huge pain, because the students kept overwriting each other’s settings, for example the frame size and output format settings of their movies. They could all see each other’s files and projects and screw things up for each other. Why should Haiku artificially be prevented to be used properly in such a situation?

And as far as having to enter passwords goes… it’s not you as the user who makes every decision. You could search something on the web, open a previously unknown link and the site contains malicious code (perhaps because someone hacked their server, I know it happens) and makes your browser do something to your system. Just by looking at the site. Why is it so hard to accept that security measures make sense and it’s not even about protecting you from yourself?

@Earl Colby Pottinger … I think its pretty obvious many people wish for a single user Haiku that doesn’t get in the way… and many ALSO wish for a multiuser Haiku that allows them to have separate accounts without wasting space due to the inherent duplicaiton involved in multiple partitions.

Just because windows and Linux suck at password and security handling (honest developers on ether platform will tell you… it sucks)

I develop windows software at my job and… UAC sucks for developers too. And keyring management on linux is a failtrain… but that doesn’t mean Haiku cannot do it better. It has the advantage of good developers with a single vision (Unlike windows) and desktop integration is top priority unlike Linux.

So chill! It’ll be great :wink: btw… just locked myself out of my car I’m sure there is some multi user analogy for that X.x

It is too bad that you locked yourself out of the car! That is a real bummer. Perhaps if you installed “The Clapper” in your car and configured different clap patterns for each family member to unlock, start and lock the car you would not need keys! :slight_smile: Perhaps you wanted some people to be able to enter your car, but not drive it. With a modified version of “The Clapper”, you could exercise that level of control.

I can see the appeal of having different /home directories and logins for each family member. I have family members that use my computer and have their own login and home directory in Linux. To implement it in Haiku would add extra complexity especially at a time when Package Management is being done and adding additional complexity to the system.

Perhaps R2 will be a multi-user Operating System. Haiku will soon (unless things have changed?) enter beta and new features will be put off until R2 A1.

For all those who do not know what “The Clapper” is, google it!

ddavid123

[quote=stippi]Having multiple family members share the same computer is a perfectly good reason for a multi-user feature. For most family members, it would be acceptable to turn the computer on, wait until it boots up and then click on their avatar image to log in. I can’t really see how I would tell my girlfriend to boot from a particular partition if she wants to use her files…

Then Ingo and I wrote and published eXposer, the animation software, and it was installed on “workstation” BeOS computers (which I administered) in my film school. These were used by multiple students of a class. It was a huge pain, because the students kept overwriting each other’s settings, for example the frame size and output format settings of their movies. They could all see each other’s files and projects and screw things up for each other. Why should Haiku artificially be prevented to be used properly in such a situation?

And as far as having to enter passwords goes… it’s not you as the user who makes every decision. You could search something on the web, open a previously unknown link and the site contains malicious code (perhaps because someone hacked their server, I know it happens) and makes your browser do something to your system. Just by looking at the site. Why is it so hard to accept that security measures make sense and it’s not even about protecting you from yourself?[/quote]

Thank you for this! My thoughts too. It would indeed be SIMPLER for a user (normal user who doesn’t know/care about bootloaders, etc… i.e., they just want to use the system and access their files, and work) to have a multi-user environment.

Having “administered” family shared computers and devices under Windows, there are a few things which could have made my life easier.

I would see four user levels and this is similar in some ways to what you are suggesting.

Owner: Have all rights for common devices drivers and software, read/write access to individual user files but restricted internet access (only whitelisted sites for OEMs of devices, operating system, and software packages). Can create/delete user accounts. Can reset user account passwords. Password required. Only way for Owner rights is via a direct log-on after a cold or warm reboot.

Administrator: Have all rights necessary for general system administration (similar to Owner) but no read/write access to individual user files and restricted internet access (as per Owner). Cannot create/delete/reset user accounts. Password required. Administrator cannot elevate rights to Owner in any fashion.

User: The common user. Can install software to own subfolder/world but cannot alter the system folders/properties. Can create access/create shared devices/drives/folders. Password optional. User can temporarily elevate rights to Administrator for specific task (e.g. update of a common software package).

Guest: Sand-boxed account. Password optional. Guest cannot elevate rights to User in any fashion. Maybe even set-up under a virtual machine.

To Stacked_Lambda

You are still missing the point of what some people like me want from their machine/OS. Everyone of the options you gave puts some limits on what the user can do with his machine, for those of us where the machine is used by only us and us only the present boot option is fine.

So why is it not in your list of boot options? A straight and simple boot - no passwords - no resisted access - just a simple machine booting to the desktop as Haiku and BeOS has already done to date.

[quote=Earl Colby Pottinger]To Stacked_Lambda

So why is it not in your list of boot options? A straight and simple boot - no passwords - no resisted access - just a simple machine booting to the desktop as Haiku and BeOS has already done to date.[/quote]

Earl, you are a ‘power user’, who also enjoys a physically secured computer.
From your point of view, it makes sense to have an unencumbered Haiku boot, without any security.

However, most users will be in environments where user accounts need some minimal form of management.
Where family members are concerned - there will be fighting with the occasional desire to to inflict traumatic injury on each others accounts.

However, Stacked_Lambda (and others) illustrate another good point. That using ‘root’ or ‘administrative’ level accounts for casual day to day activities needs to be discouraged, since a virus or web exploit can gain full access to the system through such an account.

Haiku will need multi-user security for the majority of its users.
However, some ‘power users’ also want the ability to be able to operate without even a single password request slowing them down.

Maybe I did not say it right.

I have no problem with the diffirent options that Stacked_Lambda suggested being added to Haiku, what I am pointing out is in his zeal (sp?) to push these options he left out clean boot option that has always existed with BeOS/Haiku.

A ‘clean boot’ option should be added to his list for those who want it.

I did not expect my suggestions would have generated so much discussion!

For the benefit of all, my evolution in terms of operating system and multi-user/security has been from DOS (single user, single) to Windows 3.11 (two users, married), then Windows 98SE (four users, married with pre-school children; separate user folders without log-on), Windows XP (two administrators and two users; married with school-aged children) and currently Windows 7 (one administrator and four users, married with teenagers). This evolution has come naturally from my de-facto geek household role when it comes to computers and networking.

The shared machine situation brings some limitations many having commented here do not appear to have - e.g. my play-time with Haiku is only via LiveCD or USB boots!

My earlier suggestions were in the context of one having enabled multi-user support in Haiku (once available).

Although I never though of it this way, not much changes would be required for a single-user computer:

Default boot privileges/rights level is “User”.

An “User” could temporarily esclate privileges/rights level via a command similarly to the “sudo” command in Linux. Alternatively, installation of software packages could be initiated at “User” level but would still require “Adminstrator” password to go beyond their splash screen.

The log-on for the “Owner” level with full privileges/rights, but with restricted internet surfing rights, would be accessed via a keyboard key press during the boot process. It could be left to the owner of the machine to define if failure to enter the right password returns to the log-on window or skips to the default boot at “User” privileges/rights level.

Furthermore, the owner of the machine could set-up the boot script to have the “Owner” privileges/rights level as default boot with a pre-entered password (if so desired).

The main reason in allowing access to the highest privileges/rights only from a boot is to minimize the risk of installation of a rootkit via privileges/rights escalation by a malicious code fragment. There has been numerous reported exploits of such escalation to “root” in Linux and Windows.

Some more thoughts are required with respect to the desirability of default passwords for the “Administrator” and “Owner” levels and how to support this in a LiveCD or USB boot. That’s for another day.

why not lock code into userland and block each user’s access to other users’ files? the root/common/user setup seems tailor-made for such an environment, each upper level mirroring root – it makes more sense to restrict code than a user, and definitely more worthwhile to cultivate responsible users (it’s not hard).

Hi there,

I imagine a multi-user system so ago, everyone has his own home directory, in which he can do what he wants.
These home directory should be on a different partition or hard drive to be outsourced (maybe the end of the development could be this partition / hard disk provided with an encryption)

Further receiving the package manager should have the opportunity for all to install software, but then only as administrator.
The common users should only install in his home directory.
The user stores his personal settings mails etc, independently of the other users.

best regards

lorglas

1 Like

Haiku should port over sudo. Yes the linux and OSX way works. haiku’s file system is similer to how OSX’s works so why not do the same. Now I want to see Haiku suport MUMT witch stands for Multipule User Multi Tasking. Haiku needs multi user suport just like OSX, Linux, PC-BSD, AROS, Amiga OS, and Windows. How is haiku going to get adoption in schools and offices if it does not suport this. If Jami installs some apps in here /boot/home/Jami or /boot/Jami or how ever the debs rewrite the file hiarkey, Jami’s folders should not be seeable or editable by any other user other then her or ROOT. Again this is a feature that Linux has with the home directery. Now THAT also means redoing all the input drivers to suport MUMT and create a low powered easy system to do it. For all who don’t know what MUMT would do let me give you an example. Normaly in a class you have 30 to 40 students and each one of them NEEDS their own computer. With MUMT you in theory you can cut that down by 50%. How this would be possible is simple. With MUMT each computer would be able to have up to 4 pysical users. Each time you plug in an moniter the first user or the Root can detrmin the settings and what devices that user would be able to use. Now this would be crazy with an OS like Windows or Linux , how ever with Haiku’s light weight it would be realy pratcial.

Your “MUMT” is actually called “multi-seat” (as distinct from multi-head, which just means having several displays connected to the same machine) and there have been many thousands of seats provided in this way on Linux systems, in schools and other environments where driving down per-seat costs is important.

For security, multi-user is not enough. You also want to be able to control what any app is allowed to do on your system. Just because you are running as admin doesn’t mean that every app should be able to screw up your stuff on its own.

Ok… You do not want to make multi-user, so what is about Administrator/User separation?