Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.6: Enable root user on Snow Leopard' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.6: Enable root user on Snow Leopard
Authored by: blinkintosser on Sep 28, '09 09:24:21PM

One of my reasons for enabling root is to allow my father, who lives out-of-state and has difficulty with complicated computer tasks, an easy method to back up his home folder. After logging out of his normal user, he logs in as root where he has a "burn folder" on the root desktop that contains an alias to his home folder. He just right clicks and chooses the "burn" item to commit his entire home folder to DVD-R that he can file away in his safe deposit box. (Yes, he also has an external Time Machine disk, but that is no substitute for cheap, easily managed, self-contained backups to keep off-site.)

I have no doubt there are a number of other ways to accomplish the same task, but I'm equally sure none are as simple and reliable. Since he's logged out as his normal user, all his files--especially his FileMaker databases--are certain to be in a closed, consistent state. Since he's logged in as root, *every* file can be read and backed up, regardless of any odd permissions that may be encountered. Since he doesn't log into root for any other reason, he doesn't stay in root for any longer than it takes to back up, and he doesn't perform any other tasks while in root, I genuinely don't worry about him breaking something.

For that matter, I honestly don't understand the great panic about anyone enabling root. Sure, it's marginally easier to accidentally break the system while logged in as root, but if all one really cares about is in his home folder, root is no more of a threat than one's own non-root user. After all, the OS and apps can always be reinstalled if they get hosed. On the other hand, if the bogeyman is the risk of infection from trojans, worms, viruses, etc., maybe the advice should simply be to stick to the maintenance task for which you logged in as root, and stay away from the web browsing, email, and unfamiliar executables.

The bottom line is that sometimes root is simply convenient. Sometimes we grown-ups can accept a little risk for a little reward (and we have backups). We'll be OK.



[ Reply to This | # ]
10.6: Enable root user on Snow Leopard
Authored by: tedw on Sep 28, '09 10:24:59PM

not to be a pain, but you could accomplish that just as easily with rsync (and with a skillful application of launchd, your father wouldn't even need to log in and burn - that could be done automatically). I don't really have a position on the whole root-user/no-root-user debate, but as a rule I don't like enabling things that don't need to be enabled.



[ Reply to This | # ]
10.6: Enable root user on Snow Leopard
Authored by: blinkintosser on Sep 29, '09 07:06:24PM

At risk of drifting too far off topic, I'll follow up simply to further illustrate one convenience of an enabled root:

>Posted by Me:
>>One of my reasons for enabling root is to allow my father ... an easy method to back up his home folder.

Posted by tedw:
>...but you could accomplish that just as easily with rsync (and with a skillful application of launchd, your father wouldn't even need to log in and burn - that could be done automatically).

Having written an uncountable number of scripts in a number of languages, I'm keenly aware of the fragility of even the best written of them. While I'm reasonably capable in bash and no novice to rsync--especially under Cygwin where it likes to choke on long and/or Unicode filenames--seeing a claim that "you could accomplish that just as easily with rsync" and "that could be done automatically" leaves me with a lot of questions so easily avoided by enabling root. For example, from the top of my head:

Easier for him? When does he insert the disc? When is it finished? Does he have to boot up without logging in and wait for something to happen? Does he have to log out and wait for something to happen? Do it get triggered upon the insertion of a disc while logged out? What if the burn fails? What if he inserts a non-blank disc? What kind of feedback does he get that the disc was burned correctly and that it contains all of his files and is completely up-to-date?

Easier for me? Do I have to write and debug the script and launchd plist? What if a bug in my script goes undetected and leaves some files uncopied or doesn't properly update the pre-burn mirror directory leaving stale files? What if the scheduled time for the mirror or burn becomes an undesirable time or if he wants to backup at another time? How should I handle all the possible errors or a bad burn? Do I also have to write and debug a script that programmatically confirms that all files are backed up and up-to-date?

While scripting can be a viable method for this type of backup, you'll have to admit no script can ever approach the sheer simplicity, reliability, and certainty of: (1) log out as <user> an in as root; (2) insert disc and click "burn", watching the progress bar if you're bored; (3) log out as root and back in as <user>. If the burn fails verification, it will tell you and you can try again. It if succeeds, it will tell you that, too.



[ Reply to This | # ]
10.6: Enable root user on Snow Leopard
Authored by: tedw on Sep 29, '09 08:32:20PM

It's clear you think this is simpler, and it's clear it's a system that works for you, so fine. Would I recommend it to someone else? Doubtful. For one, I'm picturing your dad's safe deposit box filling up with dozens (or hundreds) of old CDs that will never be looked at again...

There is a vast difference between choosing to do something because it works for you, and suggesting it as a course of action for others. Heck, I've gotten by for years with my laptop swinging around on the back of my motorcycle, but I'm not about to suggest that carrying a laptop that way is generally innocuous. I'm willing to take the risk because I recognize the risk for what it is (and I'm good with computers <i>and</i> motorcycles), as do you in your situation. I don't see any sense in trivializing the risk any more than I see in aggrandizing it.

Your system works (though I still think it's overkill - a normal administrator account could do the same thing - possibly even a burn folder within his own account - unless there's something absurd in your father's home directory), and I don't argue with success. But I still think a cautious approach is a better approach when it comes to security.



[ Reply to This | # ]