Handbook Talk:AMD64/Installation/Finalizing
Before creating a discussion or leaving a comment, please read about using talk pages. To create a new discussion, click here. Comments on an existing discussion should be signed using
~~~~
:
A comment [[User:Larry|Larry]] 13:52, 13 May 2024 (UTC) : A reply [[User:Sally|Sally]] 10:51, 5 November 2024 (UTC) :: Your reply ~~~~
Suggested Addition "How to Set Up a Desktop"
A link to a page with instructions toward building a desktop, similar to building the base Gentoo system.
It took me hours to figure out that a desktop needs:
- a display manager
- a window manager
and even after I had installed a DM and a WM, the desktop still wouldn't get going because I didn't know I had to install ..
...X11 drivers for video, keyboard and mouse! --doh!!!
With clear instructions like the base Gentoo system, time taken would have been at most another 30mins.
This would be most helpful for noobs like myself ;) . --Russelld (talk) 12:37, 24 September 2018 (UTC)
- Sounds like a good idea to at least mention the building blocks of a desktop system in the Handbook. The Xorg guide used to serve the function of at least helping users get Xorg going (then building a WM or DE on top of it). I'll add a snippet mentioning the steps that are usually necessary to configure a graphical desktop. Thanks, Russelld ! --Maffblaster (talk) 17:28, 24 September 2018 (UTC)
- This has finally been implemented; however I did so differently than originally stated before. The approach I took was to link our readers to other areas of the wiki that provide relevant documentation. Since Xorg is being phased out by Wayland, and many DEs are in process, it would unnecessarily increase maintenance burden to duplicate the efforts of other article around the wiki. See Special:Diff/1023639/1023669. --Maffblaster (talk) 17:56, 27 October 2021 (UTC)
Stage files may be .xz
The command for removing a stage file from the root directory should be adjusted so that it works for .xz as well as .bz2 files.
--Rafo (talk) 22:00, 1 January 2019 (UTC)
- Fixed. Thank you! --Maffblaster (talk) 08:05, 2 January 2019 (UTC)
Discord Server
Just found this on b.g.o.: bug #694010
--Charles17 (talk) 05:48, 11 September 2019 (UTC)
- bug #694010 was voted on and closed as WONTFIX. This discussion is has ended; we will not be adding links to Discord servers (a closed source, closed stack software) to the Handbook or anywhere else on official Gentoo sites at this time. --Maffblaster (talk) 20:28, 26 October 2021 (UTC)
Suggested addition of doas as a sudo alternative
I believe adding doas as a sudo alternative here would be beneficial, as it would only take about a line and it would be inline with the plethora of choices Gentoo gives to the user. --Linobigatti (talk) 01:59, 28 January 2021 (UTC)
- This suggestion has been implemented as recommended. See Special:Diff/950178/1023639. Thanks! --Maffblaster (talk) 17:25, 27 October 2021 (UTC)
Warn about similar passwords to root
In Adding a user for daily use section, warn about setting same or similar password to root user out of convenience. -- Gso321 (talk) 01:07, 5 March 2023 (UTC)
- Good suggestion. Implemented here: Special:Diff/1267587/1272180. --Maffblaster (talk) 06:44, 3 January 2024 (UTC)
Suggested addition of adding user to cron group
I believe it would be beneficial to add a small section that said "If a cron provider was installed, then the users who wish to use it must be in the <cron> group". Something along those line I was thinking either here or in the "Installing tools" section. Lemon-Lime (talk)
- Your suggestion has been implemented along with a few other improvements to the list of groups in the table. See Special:Diff/1272180/1272202. Thank you! --Maffblaster (talk) 07:32, 3 January 2024 (UTC)
Suggest to disable root login after sudo or doas have been configured
In Adding a user for daily use section, for added security suggest to disable root login after sudo or doas have been configured. See references:
https://wiki.archlinux.org/title/Sudo#Disable_root_login
https://wiki.archlinux.org/title/Security#Restricting_root_login
Talk:Sudo#disable_root_login
--Lucatrv (talk) 21:11, 3 May 2024 (UTC)
- The root password can be deleted using
sudo passwd -dl root
. This is how Ubuntu does it. - — Waldo Lemmer 03:59, 5 May 2024 (UTC)
- How does this sound?
To prevent possible threat actors from logging in as root, deleting the root password and/or disabling the root login can help improve security.
To disable root login:
root #
passwd -l root
To delete the root password and disable login:
root #
password -dl root
- Fixed in Special:Diff/1278160/1298171, thanks!
- --csfore (talk) 19:31, 11 May 2024 (UTC)
Simplify the useradd command
Tip: To get this fixed sooner, use {{Proposal}}.
Please consider the following points:
- The '/etc/login.defs' file contains 'CREATE_HOME yes', so the '-m' option is not needed.
- The '/etc/default/useradd' file contains 'SHELL=/bin/bash', so the '-s /bin/bash' option is not needed.
- AFAIK it is not suggested to add all users to the 'users' group, see for instance here, here, and here.
Therefore the suggested plain command to add a new user could be for instance:
useradd -G wheel,audio larry
Finally, a note should explain that with 'systemd' some groups are not needed anymore, such as 'audio' (see here), so when using 'systemd' the example above would become:
useradd -G wheel larry
--Lucatrv (talk) 22:22, 3 May 2024 (UTC)
- audio is not in the table you linked. It is mentioned here. You seem to be correct that it's only required on non-systemd systems — we experienced this here. — Waldo Lemmer 05:49, 4 May 2024 (UTC)
- Actually I realized that it is preferable to add administrator users to the 'wheel' group, for several reasons. For instance, if the current user is not in the 'wheel' group 'polkit' will ask for the root account password (instead of the user password) to give superuser privileges, which would not work if the root login has been disabled (as suggested in the handbook, see Disabling root login). Moreover users belonging to the 'wheel' group have by default full read access to 'systemd' journal files and the right to administer printers in 'CUPS', see: [1]. Therefore I updated my comment above to keep the suggestion to add the administrator user to the 'wheel' group. --Lucatrv (talk) 21:07, 24 August 2024 (UTC)
Typo on floppy drives
The following sentence has a typo:
Enable the user account to directly access ancient mechanical devices known floppy as drives. This group is not generally used on modern systems.
Should be changed to:
Enable the user account to directly access ancient mechanical devices known as floppy drives. This group is not generally used on modern systems.
Add warning note to the "Disabling root login" section
Please add the following note (or similar):
Before disabling root login, make sure that either sudo, doas, or run0 (if you are using systemd) are up and running, otherwise you will be locked out of root privileges.
--Lucatrv (talk) 20:04, 24 August 2024 (UTC)
- I agree with the addition but lets make the message something like:
- Proposed changes - Please make edits here until a final revision is agreed upon.Warning
Before disabling the root login, double check a user account is in the wheel group and you have setup a system to elevate system privileges using something like app-admin/sudo, app-admin/doas or run0, otherwise you will be locked out of root privileges.
- How is this?
- Proposed changes - Please make edits here until a final revision is agreed upon.Warning
Before disabling the root login, ensure that a user account is a member of the wheel group and that a method to elevate user privilege exists; otherwise root access will be locked and system administration will be impossible without performing recovery. Some common methods to elevate user privilege include: app-admin/sudo, app-admin/doas, or systemd's run0. - --csfore (talk) 21:18, 24 August 2024 (UTC)
- Added in Special:Diff/1314375/1316833!
- --csfore (talk) 16:40, 20 October 2024 (UTC)
Temporarily elevating privileges
Once systemd 256 has been stabilized, please add a note stating that on systems running systemd >= 256, the 'run0' command can be used in place of 'sudo' or 'doas', which does not need any installation and should work out of the box.--Lucatrv (talk) 21:43, 24 August 2024 (UTC)