@waddlesplash mentioned multiuser GUI session support when talked about hardware acceleration implementation plan, but I don’t know any use-cases for it. Having separate PC for each user is fine, PC are cheap nowadays. Can someone tell real world use cases of multiuser GUI sessions?
Note that multiuser support for controlling processes access privileges is different thing and I think that it is useful because it allows to restrict admin access by software and improve security.
If one has multiuser support (or at the very least, 2 “users”, for root and userland), what is precisely the big difference of having the ability to sign on as different users? You would just start the GUI processes as a different “second user”, yes?
Multiple active sessions is a different issue, and I think that is what you are talking about here. That indeed has more debatable value, but if you are going to go through the work to segment things properly, I’m not sure why it adds so much complexity vs. plain “multiuser” at all.
I see value in Haiku having a kind of “workstation server” ability, where multiple users share a physical machine but with different remote desktop sessions or the like.
One can argue this is outside Haiku’s scope of “personal computing”, and maybe it is, but most work today occurs under GUIs and being able to use Haiku for some of that instead of Linux or Windows would be good.
If it turns out that supporting such a thing is too tricky to implement, then maybe we shouldn’t do it. But from my knowledge of how the various servers in Haiku cooperate, I think it is perfectly doable without too much disruption (say, a “man-month” or so of work.)
This is slow, obsolete and insecure use case. It’s better and more secure to use network boot, I saw it in organizations. It is also possible to run each session in virtual machine.
Virtualization are used everywhere nowadays. Web services are running in virtual machine or container. Running processes from different users on same kernel is insecure because there are a lot of kernel vulnerabilities in kernels of major OSes.
Run applications as non root will not completely solve security problems, but improves it a lot. It will be harder to make file encryption malware etc.
If nobody use it, why to implement it? It is good that Haiku is minimalistic system without bloat.
I don’t see how it would add bloat either… even if you end up running multiple display servers it only uses more resources when multiple users are logged in… proper easy to use multihead has always been something just out of reach on Linux also. There are potentially “security” issues with it, but only if you consider someone local controlling your computer to be an issue to begin with.
That’s the thing about doing things in an elegant way sometimes… it ends up being flexible enough that such features really don’t add bloat.
From experience what my family tends to do is buy each sibling a very slow computer… if they pooled all that money that could have bought something very good (think 32GB ram and 8 cores, instead of 4GB ram and 2 cores) and 99% of the time they use them only at home anyway. More things would be possible with the fast computer than on several slow ones. that’s the rationale anyway… if you believe it or not. The obvious downside is that it isn’t portable, but then you gain the upside of you would probably be able to remote into such a machine or host your personal files from it, and use a laptop that acesses it on the go (I do this all the time at work). There is definite value to a shared powerful computer arguably alot more bang for buck that say 4 powerful computers that go unused much of the time.
Oh on several occasions my siblings have had to upload videos for classes… thier slow computers took HOURS, to do a simple transcode… the hypothetical fast computer would have saved thier butts on several occasions.
Haiku already have remote desktop support, but it should be improved. Multiple displays can be also handled by current app_server design when accelerant get support for it.
Regarding personal (non business) usage, Multiuser desktops are great for families sharing a computer with children. My son does his thing, and parents do their thing, and we switch sessions without logging out (preserving state). In this scenario, multiple AppServer instances is the only way to preserve GUI resource handles, so at the cost of more memory and threads, it greatly simplifies AppServer AND application code since you dont have to save/restore state.
Is there a better way to do it? How do virtual workspace work? Why cant another user session be treated like a virtual workspace instance? This approach may be the easiest/fastest to implement. If we can tie user account to a workspace, AppServer can stay the same.
“Computer are cheap” is not a real thing for all of our users, unfortunately. So yes, the “family computer” is still a thing, and providing some isolation between family members is desirable.
However, the general agreement in Haiku is (or was?) that this will not be done in Haiku R1. Maybe in R2, but we will have to set up a roadmap for R2 at some point (probably after or shortly before R1 is released). So there is a lot of time to think about this, and set our priorities. Maybe it will be a low priority item in the list.
That doesn’t prevent talking about it and drafting some ideas of how it should work and the use cases, but it’s not something that will happen in any short term scale.
Sometimes when I have friends or relatives over, they want to borrow my computer to do reliable video calling (due to using Ethernet) or getting a plane ticket while vacation planning during a family event. It’s inconvenient for them to use their phones or bring laptops (if they have one) for the most part. I don’t want them seeing my files or changing settings around, so there’s a special guest account just for those times.
Another new usecase due to the pandemic:
I have a little niece stuck with me due to travel restrictions who has to attend online classes and do assignments on a proper computer, but unfortunately she only has a tablet. She has her own limited account on my laptop for her use to prevent her from accidentally damaging the rest of the system.
but I don’t know any use-cases for it. Having separate PC for each user is fine, PC are cheap nowadays. Can someone tell real world use cases of multiuser GUI sessions?
Please don’t think that with a “rich 1st world country mindset”. One PC per person may not be affordable at all for some people with economic hardships. There are families in other countries in the world that barely have one computer for all the family. There, you would like to have one account for the mother and another for the father for things of their jobs, and another one(s) for their son(s) or daughter(s) to do homework. THere you have a use case.
Here’s another: you want to use another separate account for high privilege tasks, while leaving your main one you use daily as an unprivileged user for security and privacy reasons, specially with the dangers of the web. Or for maintenance reasons.
Also you would want to have more than one (unprivileged) account (besides the privileged one) in case you want to completely isolate files and mails of one account from another for whatever reason (you don’t want to mix things up…).
Or your company that uses Haiku wants to use the same computer with Joe in morning shift and Mary in afternoon shift.
One thing I think almost all OS’s get wrong is valuing system protection more than user data protection. It’s easy to reinstall the system, but losing my data is the worse thing that can happen on a PC. An ideal system would satisfy the following:
admin privileges for system configuration and installing system packages (ie. I dont want my child to corrupt printer settings or re partition a disk). A user should also be able to install user packages without requiring an admin. Therefore, packages must be classified as system and user.
separate home directories so that each user can have their own settings and file protection. This also allows for a sandbox user when you wish to test new apps (I dont want unauthorised apps from accessing some files).
I wonder if there’d be some way to leverage the packagefs system to maintain separately accessible disk space, set up at login. No separate user IDs like the ordinary multiple user system, everything still runs as “root”, but depending on who you identify yourself as at login, the other users’ files just aren’t there.
Take the case of a virus. If system files are infected, you may not able to save user files that are not. So, both are important. In our case packagefs take care of this part where most OS fail.
Actually, you can already install packages in your home if you put them in /boot/home/config/packages.
That would satisfy the user part.
I agree, that if you add several users, the shared area is necessary even if it is forgotten in most systems.
I would see in fact two areas,
in the first we let people decide about life of files, hoping it won’t end as a mess for things that are permanent i.e. family chores schedule :D,
in the second, smaller, we fix life of files to a duration to deterrminate and automatically wipe them after that. You know, for the “Give me the link, I’ll check later.” or “Send it to me, I’ll do asap.” kind of situation.
Maybe a plugin for FilWip could do the trick.
So, all you really need is a partition with two folders and the right permissions on files.
Finally, all we would need are separated home directories and a “guest” account.
You can always recover system and user data by using live USB. Creating Haiku live USB and reinstalling system takes less than minute on fast disk. Infecting packaged system files is also more difficult and easier to discover.
I use “data” folder in root of Haiku volume for this purpose.