root -"You are not allowed to access the system configuration"
 

Very frustrated.
Running slack 12 w/ GSB on top. Logged in as 'root', if I click 'Network', 'Services', or 'Users and Groups' I get a popup that says The configuration cannot be loaded. "You are not allowed to access the system configuration".

Run in a terminal:
\>> gksu root services-admin
\>> ----------------------------->(nothing happens)
Another terminal:
\>> whoami
root
\>> su - root
root@slackright:~# gksu services-admin

(gksu:4698): Gtk-WARNING **: cannot open display:
root@slackright:~#

Another terminal:
gksu services-admin ------------------>(command line for the icon)

(services-admin:4678): Liboobs-WARNING **: There was an unknown error communicating with the backends: The name org.freedesktop.SystemToolsBackends was not provided by any .service files

INFO:
\>> locate org.freedesktop.SystemToolsBackends
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.ServicesConfig.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.IfacesConfig.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.GroupsConfig.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.SMBConfig.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.TimeConfig.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.NTPConfig.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.NFSConfig.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.Platform.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.HostsConfig.service
/usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.UsersConfig.service
\>>

MORE INFO: less /usr/share/dbus-1/services/org.freedesktop.SystemToolsBackends.ServicesConfig
[D-BUS Service]
Name=org.freedesktop.SystemToolsBackends.ServicesConfig
Exec=/usr/share/system-tools-backends-2.0/scripts/SystemToolsBackends.pl -m ServicesConfig
org.freedesktop.SystemToolsBackends.ServicesConfig.service lines 1-4/4 (END)

MORE INFO:
\>> ls -l /usr/share/system-tools-backends-2.0/scripts/SystemToolsBackends.pl

-rwxr-xr-x 1 root root 1509 2008-01-11 20:08 /usr/share/system-tools-backends-2.0/scripts/SystemToolsBackends.pl*

So, I don't see that I'm missing any files.

It bothers me that I get different results depending if I click the icon, run the icon script from a terminal, run gksu root services-admin (zip), or log into 'root' as root, and still get another message. gksu works for gslapt, (which btw reports a blazing 8kb/s download speed on my dsl line).

Anybody out there have any ideas? I'm fresh out. Everything I look at either looks ok or too complicated to mess with.

Oh, :rolleyes:one other weird thing: When I scroll the programs on the menu bar, almost all of them start w/ "K". This is the first time I tried 'GnomeSlackBuild', and that may even be normal, but somehow I doubt it.

Sure could use some help:scratch:

Thanks in advance for any hints or help.

lynnevan

If you are already logged in as root there is no need to use gksu or su -this may be confusing gnome. This can also happen if you don't have a root password set. Either way, you say that glapt, so it would appear to be a GSB error. If they have a forum it would be better to post the question there. If they don't hopefully someone else will post here with more ideas as to what may be wrong.

as normal user first run xhost + and then do su to root and run the services admin.

No. If `xhost +` is the answer, then the question is a very dumb one. Never run `xhost +` because this allows anyone and everyone to connect to the X display`, meaning they can sniff your keystrokes, grab screenshots, or wreak whatever other havok they can think of.

`su` will not prevent an authorized joe user from spawning windows to the X display once they gain root privs because it does not wipe out environment variables necessary for connecting to the X server. `su -` obtains a "complete" login shell, which wipes out joe user's previous environment and subsequently breaks spawning new X windows.

A safer way would be

xhost +local:

Then only local users can use X. Also you can start X safer with this in your .xserverc:

Wouldnt it be easier to make sure system-tools-backends was running first?

ofcourse that person would need to have a valid local username and passwd. For most home use , with a router blocking requests from internet , this seems safe to me.

I need X to listen on TCP port as I like to use ssh -X

gnashley
"If you are already logged in as root there is no need to use gksu or su"

I was just trying to show that being more root than root wasn't helping convince the program that I should have access. Also I have to have the root password to login as root at the login window. And no, there isn't a GSB forum, just some email thing. But I think yr right about it being a GSB mixup.

As a regular user RUNNING FROM KDE
\>> gksu services-admin ------------> (icon command line)

** (gksu:4748): WARNING **: couldn't communicate with gnome keyring daemon via dbus: The name org.gnome.keyring was not provided by any .service files

** (gksu:4748): WARNING **: couldn't communicate with gnome keyring daemon via dbus: The name org.gnome.keyring was not provided by any .service files

** (gksu:4748): WARNING **: couldn't communicate with gnome keyring daemon via dbus: The name org.gnome.keyring was not provided by any .service files

THEN THE KEYRING CAME UP AND:
(services-admin:4759): Liboobs-WARNING **: There was an unknown error communicating with the backends: The name org.freedesktop.SystemToolsBackends was not provided by any .service files

jazzor
Wouldnt it be easier to make sure system-tools-backends was running first?

That's exactly what I was hoping for help with!!!!

This stuff about X and TCP isn't addressing the problem that there's some break in communications somewhere between who is root, and getting systemtoolsbackend.pl to run.

Ubuntu has the same set of "backends" files. If I knew of some way to follow the launch process, I might find out where my break is. Gksu is just another way of saying 'sudo'.

I'll probably wind up trying to reinstall GSB, or start all over w/ a fresh install and use dropline. I like Slack, but KDE is the pits.

BTW, I haven't received any emails about these postings. Wonder why??

Thanks for all the input anyway. I'll keep futzing w/ it for a while longer anyway.

I'd be grateful for any more ideas.

thanks, lynnevan

Im not sure what setup you have there exactly, but you shouldnt be running the perl script, you should be running the binary executable called "system-tools-backends". System tools binds itself to a specific group ("stb-admin" or something by default) so maybe you should add yourself to whatever that group is (look in the dbus backend files).

Hi,
Your correct somewhat with the never 'xhost +'. When working with updating, installing system level apps then just remove the 'inet' from the formula unless you are in need of it. Local installs are safe when you don't have internet access or even LAN.

Unplug the access either wireless or wired. That way those electrons can't jump that far. :) No worry or paranoia that someone is sniffing or whatever. :twocents:

Solved

jazzor had the right idea. More by accident than anything else I was looking around in /etc/rc.d. Found rc.stb was not executable. Made it so and now I can open 'users-admin' and 'services-admin' and 'network-admin'.

Thanks for everybodys help.

Whoopie!!

lynnevan

No, I'm entirely correct. It makes no sense to reach around and unplug the network instead of merely learning the difference between `su -` and `su`. If you can't be bothered to learn how to administrate a system properly, you should probably be running some other distribution.

Hi,
Judge as you be judged!

Your subtle personal attacks and setting up someone to be defensive are the drift of your threads generally. That seems to be your means of a personal 'firewall'.

If you don't want unwarranted access while setting something up then unplug the 'inet'. Isolation by doing that will insure a problem will not be created. If the inet is needed then be sure to have something in place to prevent a problem, ie; firewall, DMZ or whatever you deem necessary.

Where do you think that I can't admin a system properly? I keep looking over my right shoulder and I see nothing! :) I have my own shortcomings but admin of a system is not one of them.

Unplugging from the inet is not something that you have to do but it will insure that you get the machine to the proper state without the worry you speak of. I don't plug my machines until I have everything ready. My LAN is my safeguard but still practices can warrant setup with some thought. Plug in the 'inet' when it is ready to setup and needed. Do you automatically plug the inet to the machine before the distro install? Not unless you have safeguards.

You are not ' I'm entirely correct.'. You are making statements as to how YOU set things up. Each of us do things differently. The problem is that we don't have the means to semantically convey but we do have syntax.

If your so worried about or seem to imply that everyone is out to get the machine then your paranoia is warranted. It's just that if you are secure and believe what you have setup with proper safeguards then the 'never' you speak of is not valid.

If running 'root', `xhost +` are your arguments then how do you work with your systems? Admin them at all? You place your safeguards, right? Administration techniques? Keep your passwords rotated or secure level?

The authorized 'joe' user you speak of? Paranoia! Worst case scenario can always scare the weak. Encourage a user to use proper techniques or alternate ways to maintain something is the way people learn. Not by creating fear by not providing a full path to a solution. Babel is not something to produce with a newbie or for that matter a experienced user.


I don't want to get into a war with you. You seem to be intelligent but please realize that people do have different methods than yours. Means of providing complete information without offending someone is a trait that I've been working on most of my life. Not that I'll let someone step on me but that I will attempt to assist without offense.

I'll stick with Slackware! Thank You.

Look man, it's real simple. If someone engages in flagrantly insecure practices on the small scale, then they're likely going to continue doing so indefinitely and this sort of thing can quickly become disastrous to not only a job site but a career as well.

When the issue is something as simple as whether or not to use the '-' argument to su, in conjunction with simply being aware of how X apps connect to the display (i.e., they just need some environment variables to point the way!), this is really a no-brainer. Unplugging the network is an even more crude resolution to the problem caused by using su crudely.

This isn't "just" how I personally do things--this is how professionals do things. Even from the perspective of effort involved, typing two characters or not should be preferable to going for an "air gap" firewall in just about anyone's eyes. People can talk all they want about unjacking the ethernet to compensate for completely disabling X's security controls, but at the time I posted what I did no one had bothered to mention that it would be needed. Face it--that's very bad advice to hand someone without even so much as mentioning what the command is really doing. Lord only knows how long X's security controls might stay disabled, and I can assure that I still see probes to port 6000 on a weekly basis.

...and this bit about using some other distribution isn't a snipe. It's simply honest advice. There are other distributions out there for people who actually don't want to futz with this sort of stuff, and Slackware has literally nothing to protect one from one's own mistakes. If one goes around trying to avoid learning even the simple things one's experience with Slackware is going to be uncomfortable on the best of days, and frankly I would rather someone use Ubuntu and be happy with it than struggle with Slackware if all they're really wanting to do is email and a bit of code development or word processing for classes. Six months of having a system appear to fight against them is more than it would take for most people to go running right back to Windows, and no one wants that.

Hi,

Look Man? Professional statement!

I'm a retired professional and don't address you in that manner.

We are speaking to a broad audience here on LQ not a narrow IT department or Enterprise audience. As for 'unjacking' as you put it. Not a primitive method for someone who doesn't work at the level of an expert. Nothing wrong with knowing specifically how or what to do when performing administration. Just most new users don't have the level of expertize that we may share. Breaking it down for a newbie to understand is a great avenue for Slackware or for that matter GNU/Linux users to get our OS proliferating .

I have no argument with your statement about knowing the proper way or a way that may cause harm. You need to remember that not everyone will work at the level of expertize nor desire too. They just want to get the thing to work. Keep it simple stupid (KISS)! Does apply at times but not always. We all need a little more common sense.

Sure in the real world someone may cause a problem that could cause a system problem. But how many of the people on LQ we are giving advice to are going to be at the level that will harm as you state? Not that many! And if they are at the level of admin and use the command set improperly then they will deserve to be dismissed. That is one of the reasons we have 'professional certification'. Be it a Professional Engineer 'PE', Certified Engineer (CE) or whatever certification you desire or qualify for. In order to get the label you need to test or acquire the education to become qualified to test.

I took the switch distribution as a personal 'snipe' since the quote and you seemed to be addressing me directly.

Your last paragraph seems to clear that portion up. I can't agree more with the statements concerning Slackware. But all people don't learn at the same level nor at the same rate. Some must be motioned or referenced to the proper material(s) to gain a understanding. While others will need some hand holding. Or expansion of how to perform some administration(s) on a system. Add to the mix the International flavor and you get another problem set.

Detail exclusion can be a trap and we all fall into that one at times. I always tried to tell my students that you will need to learn to communicate with people at their level in a manner that will not be talking down to them but in a way that brings both to a level that a good exchange of information occurs. Learn to read the person and allow oneself to convey and provide understanding not overwhelming.

You would not address your boss or someone directly as we do here on LQ. One would provide the amount of detail required to allow the person to fully understand yet just enough information provided so as to get the explanation across.

One point, why do you think the 'DUMMY' series is so poplar among the populace? Simple definitions and explanation. Sure the information will get someone into some trouble but it will start them in a direction. I don't endorse the use but as an example that people reach to something that will not confuse. I would rather they learn the 'man' pages but that is big request for some.

Please note that my linking of some words is not directed at you but for some international friends that English is not their primary language. Most of my threads are done in this manner for that reason.

One wish would be to have a 'cli' wiki for good online reference. I've found online reference but some just fall short of being a really good reference. The 'man' is one but it can be confusing to a lot of people. Nothing intuitive. I would like something to reference someone that has the command with a breakdown that the average 'joe user' you speak of, can realize how to apply and even experiment with via examples.