terminal commands and permissions, specifically mount

[MarkMLl]

I never joke.

MarkMLl

[lucamar]

The reason I'm looking at running myapp as root is if a linux newbie takes a new drive, puts a partition on it

At some point you have to say "do I really want to give an inexperienced user this degree of control?

They have it already. Take, for example, the case of Ubuntu (and lots other distros); the root account is "locked" by default and normal users access root capabilities by elevating privileges (more or less) through gksu or other means.

The thing is that they can execute whatever by simply entering their own password, so there is little to prevent them from running, say, gparted to initialize a newly bought disk. And there is nothing you can do to prevent it from your own application: it's a system-wide issue.


Regarding the OP's original problem, try adding poWaitOnExit to the process options; otherwise you might be trying to read the output before the process even starts executing:

Code: Pascal  [Select][+][-]

1.  mntProcess:= TProcess.Create(nil);
2.   with mntProcess do
3.     begin
4.       { ... }
5.       Options:= [poWaitOnExit, poUsePipes,poStderrToOutPut];
6.       { ... }
7.     end;
8.  

[MarkMLl]

They have it already. Take, for example, the case of Ubuntu (and lots other distros); the root account is "locked" by default and normal users access root capabilities by elevating privileges (more or less) through gksu or other means.

Yes, but somebody's decided that specific users are to be on the sudoers list, are not to be locked out by a password-protected login screen and so on.

That's very much distinct from saying "because an arbitrary user can click on this program, he automatically is able to screw the system: whether or not he understands the consequences".

Don't get me wrong: I'm as enthusiastic about the "it's my computer and I'll pry if I want to" philosophy as anybody. But after being (peripherally) involved with an office where the receptionist had opened- and saved- c:\command.com with a word processor, and with somebody who was taken to court for selling an ISA bus modem card without telling the purchaser that it was advisable to power the computer off before plugging it in, I also believe that asking "is this user qualified to perform this operation" is in order.

MarkMLl

[taazz]

They have it already. Take, for example, the case of Ubuntu (and lots other distros); the root account is "locked" by default and normal users access root capabilities by elevating privileges (more or less) through gksu or other means.

Yes, but somebody's decided that specific users are to be on the sudoers list, are not to be locked out by a password-protected login screen and so on.

That's very much distinct from saying "because an arbitrary user can click on this program, he automatically is able to screw the system: whether or not he understands the consequences".

it is far safer to allow the application manage what ever needs to be managed than forcing the user to "learn" linux incantations to do his job. that way the application will only do the absolutely minimum required. Now having said that...

Don't get me wrong: I'm as enthusiastic about the "it's my computer and I'll pry if I want to" philosophy as anybody. But after being (peripherally) involved with an office where the receptionist had opened- and saved- c:\command.com with a word processor, and with somebody who was taken to court for selling an ISA bus modem card without telling the purchaser that it was advisable to power the computer off before plugging it in, I also believe that asking "is this user qualified to perform this operation" is in order.

MarkMLl

Just because some one is stupid enough to sue some one else for his own ignorance doesn't make you right to treat everyone else as an idiot.

[lucamar]

Yes, but somebody's decided that specific users are to be on the sudoers list, are not to be locked out by a password-protected login screen and so on.

That's very much distinct from saying "because an arbitrary user can click on this program, he automatically is able to screw the system: whether or not he understands the consequences".

Yes, but "somebody" in this case are the distro maintainers, who cater only to the most frequent use.

Note that we're not talking about enterprise-level installations, which sould be done by a person (whether administrator, IT drone or whatever) with the proper know-how, but common "home" installations, where the user and the admin are one and the same (which is what leads to, at least, the first user added to have root rights).

I'm saying nothing about whether this is an ideal situation or not, just what the current one is. And it is that in most default intallations the (frequently unique) user can obtain root privileges by simply typing his own password. And that's, in fact, how most people like it, rather than having to log-in as root or the system asking about your right to do anything; witness the debacle of the UAC prompts in Windows Vista

Anecdotical, but note that protecting that c:\command.com would have been as easy as making it system, hidden and read-only, which should have been done by the person installing that secretarial computer. But then, DOS offers little protection against mishaps which is why there was such a flowering of "recovery" tools in that era.

I remember a much worse case, and the blunder made by myself. I'd started working as (system) programmer for a software house using Prologue (a french MT/MU OS) and I was drafted to make a demo in a hope-to-be customer; the computer for the demo was a DOS one used, basically, for Lotus 1-2-3. I went there and, happily, deleted the DOS partition (after asking if they had backup, of course; I was not so green) and installed Prologue to demo our program. You can guess what happened: at the end I reinstaled DOS and tried to reinstall everything else, which went well ... except, of course, for Lotus 1-2-3, which had just one installation left (and would leave them without "backup" install). We ended having to buy them a new Lotus, and I was severely scolded.

[andyH]

While drifting off thread, think I read somewhere that windows assumes you are stupid, linux requires you to prove it. You can't stop users messing with their system, but at least you can force them to do it consciously with sudo (it's part of the learning process). Hence my backup app. Not be be confused with the likes of timeshift, backintime, lucky backup, et al. at the file level. When I first started I found clonezilla intimidating - you could call the UI user hostile. I used redo - simple, but not touched since 2012. Decided about a year ago to do a replacement - image backup with a simple point and click GUI.

I'll have a look at poWaitOnExit and see what happens, but can't use that throughout. Guts of the program is using partclone for partition backup/restore and I'm reading that continuously to update the user on % complete and time remaining as it runs.