From fb210a9b7a1f1dcb1912294a802d4abaf1c6c6f3 Mon Sep 17 00:00:00 2001 From: "reaction.la" Date: Sat, 18 Jun 2022 19:21:04 +1000 Subject: [PATCH] suggested disabling root account. modified: set_up_build_environments.md --- LICENSE.html | 84 ------------------------------- NOTICE.html | 83 ------------------------------ RELEASE_NOTES.html | 72 -------------------------- docs/set_up_build_environments.md | 50 +++++++++++++++++- 4 files changed, 48 insertions(+), 241 deletions(-) delete mode 100644 LICENSE.html delete mode 100644 NOTICE.html delete mode 100644 RELEASE_NOTES.html diff --git a/LICENSE.html b/LICENSE.html deleted file mode 100644 index 8ccc91d..0000000 --- a/LICENSE.html +++ /dev/null @@ -1,84 +0,0 @@ - - - - - - - LICENSE - - - - - -
-

LICENSE

-
-

Copyright © 2021 reaction.la gpg key 154588427F2709CD9D7146B01C99BB982002C39F

-

This distribution of free software contains numerous other -distributions with other compatible free software licenses and copyrights. -Those files and directories are governed by their own license, and their -combination and integration into this project by this license and this -copyright, and anything in this distribution not otherwise licensed and -copyrighted in this distribution is governed by this license, and this -copyright.

-

Licensed under the Apache License, Version 2.0 (the “License”); -you may not use this distribution of software except in compliance with the License. -You may obtain a copy of the License at -https://directory.fsf.org/wiki/License:Apache-2.0

-

Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an “AS IS” BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License.

- - diff --git a/NOTICE.html b/NOTICE.html deleted file mode 100644 index 916f3fb..0000000 --- a/NOTICE.html +++ /dev/null @@ -1,83 +0,0 @@ - - - - - - - NOTICE - - - - - -
-

NOTICE

-
-

Copyright © 2021 reaction.la gpg key 154588427F2709CD9D7146B01C99BB982002C39F

-

The license of this software, and the licenses of the packages on which it -relies, grant the four software freedoms:

-
    -
  1. The freedom to run the program as you wish, for any purpose.
    2. -
  2. The freedom to study how the program works, and change it so it -does your computing as you wish.
    3. -
  3. The freedom to redistribute copies so you can help others.
    4. -
  4. The freedom to distribute copies of your modified versions to -others.
    5. -
-

This software is licensed under the apache 2.0 license.

-

This product includes several packages, each with their own free software licence, referenced in the relevant files or subdirectories.

-

Or, in the case of Sqlite, the Sqlite blessing in place of a license, which is -morally though not legally obligatory on those that obey the -commandments of Gnon. See also the contributor code of conduct.

- - diff --git a/RELEASE_NOTES.html b/RELEASE_NOTES.html deleted file mode 100644 index 8143673..0000000 --- a/RELEASE_NOTES.html +++ /dev/null @@ -1,72 +0,0 @@ - - - - - - - Release Notes - - - - - -
-

Release Notes

-
-

To build and run README

-

pre alpha documentation (mostly a wish list) (In order to read these on this local system, you must first execute the document build script mkdocs.sh, with bash, sed and pandoc)

-

This software is pre alpha and should not yet be released. It does -not work well enough to even show what it would do if it was -working

- - diff --git a/docs/set_up_build_environments.md b/docs/set_up_build_environments.md index b6f82d8..7a1d0d3 100644 --- a/docs/set_up_build_environments.md +++ b/docs/set_up_build_environments.md @@ -176,10 +176,36 @@ Setting up an actual server is similar to setting up the virtual machine modelling it, except you have to worry about the server getting overloaded and locking up. -On an actual server, you probably want to totally disable passwords by corrupting the shadow file once you have `ssh` working. +On an actual server, it is advisable to enable passwordless sudo for one user. + +issue the command `visudo` and edit the sudoers file to contain the line: + +``` default +cherry ALL=(ALL) NOPASSWD:ALL +``` + +That user can now sudo any root command, with no password login nor ssh in for root. And can also get into the root shell with `sudo su -l root` + +On an actual server, you may want to totally disable passwords to +accounts that have sensitive information by corrupting the shadow file ```bash -usermod -L root +usermod -L cherry +``` +When an account is disabled in this manner, you cannot login at the +terminal, and may be unable to ssh in, but you can still get into it by `su -l cherry` from the root account. And if you have disabled the root account, +but have enabled passwordless sudo for one special user, you can still get + into the root account with `sudo -s` or `sudo su -l root` But if you disable + the root account in this manner without creating an account that can sudo + into root passwordless, you are hosed big time. So instead, once `ssh` is + working, give one user passwordless sudo, make sure you can ssh into that + account, and disable password and ssh access to the root account. + +You can always undo the deliberate corruption by setting a new password, +providing you can somehow get into root. + +```bash +passwd -D cherry ``` If a server is configured with an [ample swap file] an overloaded server will @@ -198,6 +224,26 @@ on wake. Swapping should never escalate to lockup, and if it does, bad memory management design, though this misfeature seems common to most operating systems. +When the OS detects the cpu idling while waiting for pages to be loaded +into memory, should disable one process so its pages do not get loaded for +a while, and derank all pages in memory that belong to that process, and +derank all pages that belong to processes waiting on that process. When the +cpu has idle time, and nothing to do for enabled processes, because +everything they need has been done, and is only awaiting for disabled +processes to get their pages loaded, then the OS can re-enable a disabled +process, whereupon its virtualed paged get loaded back into physical +memory, possibly resulting in some other process starting to thrash and +getting disabled. So instead paging out the least recently used page, pages out an entire process, and stalls it until the cpu is adequately responsive to the remaining processes, and has been adequately responsive for a little +while. This is inefficient, but it is a lot more efficient than a computer +thrashing on paging. If the computer is stalling waiting on page load, then +it is just running more processes than it can run, and the least recently used page algorithm is not going to accomplish anything useful. Some entire +processes just have to be paged out, and stay paged out, until the +remaining processes have completed and are idling. A thrashing computer +is not running anything at all. Better that is run some things, and from time +to time changes those things. + +When the cpu has nothing to do because all the processes are waiting for pages to be loaded, something has to be done. + I prefer an ample swap file, larger than total memory, plus [thrash protect], which will result in comparatively graceful degradation, plus the existence of the file `/tmp/thrash-protect-frozen-pid-list` will tell you that your