ubuntu-phone team mailing list archive

[K1773R <K1773R@xxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 14.08.2014 21:09, Michael Zanetti wrote:
> On Thursday 14 August 2014 20:56:15 K1773R wrote:
>> On 14.08.2014 20:09, Oliver Grawert wrote:
>>> hi,
>>> 
>>> as of image 189 a new way of enabling ssh landed ... as you
>>> might know we will soon disable all root access to the device
>>> and make adb default to run as phablet user. for this some
>>> system services need to be able to be enabled by the phablet
>>> user without requiring a password ... we have the
>>> dbus-property-service in the image to provide that
>>> functionality ...
>>> 
>>> today i landed the dbus support for en/disabling ssh as
>>> phablet user, if you have any scripts that call something like:
>>> "adb shell start ssh" (which operates on the assumption that
>>> your adb shell actually runs as root), please make it use the
>>> following lines now (works via adb or manually)
>>> 
>>> gdbus call -y -d com.canonical.PropertyService -o 
>>> /com/canonical/PropertyService -m 
>>> com.canonical.PropertyService.SetProperty ssh true
>>> 
>>> this will enable sshd ...
>>> 
>>> gdbus call -y -d com.canonical.PropertyService -o 
>>> /com/canonical/PropertyService -m 
>>> com.canonical.PropertyService.SetProperty ssh false
>>> 
>>> this will disable sshd ...
>>> 
>>> ciao oli
>> 
>> 'disable all root access to the device' This is very unfortunate,
>> please dont restrict root access.
>> 
>> The reason why i like Ubuntu Touch, is that i can change and do 
>> whatever i want (at my responsibility). The more restrictions,
>> the less interesting it gets.
>> 
>> Why does the urge to lock-down everything exist? Some ppl
>> need/want that level of control so taking this away is a huge
>> step backwards.
> 
> 
> Well, you can still use sudo, and if you really feel like I'm quite
> sure you can use sudo to restore real root login. This change is
> more about preventing other people just using adb shell on your
> device and ending up with a root account in there.
> 
> Br, Michael
> 
> 

Aslong sudo is possible, this shouldnt be a issue.
I misunderstood it as complete lock-down with no (or really hard) way
to get root permissions.

adb shell + sudo in combination will be fine :)

Thanks

greetings
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJT7QslAAoJEHowQq3O0BRFcAoQAIQ+ZsdPfgrvh+xWDgTimZlA
2ht5R/mximNt96LNsPQGYs/Z/Wk97nhA82EeL35RQuJFyJaxYsy7S7J1q7tljlVD
WB2LvNfFr0QAZcXVlw/InVEk24vNv4Ve3a/ApqIRLG2MwgUaFzCfFkWSdTNB3Xjj
eI84J0/ncruehqnqodq4wt9BG0sPKyNMDFEX5UDzgv79s7mV3SmhnrLtgJiqcDAl
ThbwNgV+TVKR9YDwgHohW3FdDNw+Qy7NrZ7we9qBvffGhIFYNarcD13OUzLanh3V
mFYg+LN8iP9OabEu7ZtV9ArS/Qmac3JiF2dm3d1HF18Y/SbMaAeEBVq4fIpc2t4E
z33RCpGTlToSYCMWrq4yEyjn6nQHxk4CAHpjRHDE86KC1Np6kSkIEGB7zHqKlJ9Y
Jmazd8RTrtZvMtAe6z45m4JYx+X3lhlT7S5R+WXvqhOcfc5IcS4l1+daysF6aXN9
xaoQoYvzVpjyJfjsSoHvfM3g5T3qyFtL9VU3iTTI/XecxScbSE5itOHQwpomWaou
jhUrnTZqQvK1E+moW0BjQ7VaS5N9PwHa2rb6RffG7u2ec3m843FO3AD3klsdI164
wGc7iC8Nso/VDCdYSxkqAO7eWswf30IY7ECE4//g0AVad8NQBvb9Y615/a2oy7BP
Ge/fj1eTcBCiKB90/Juc
=po+x
-----END PGP SIGNATURE-----