Ubuntu Philosophy

Asked by Michael Hanson

Greetings, I'm a long time Ubuntu user and a very happy one too. Until today. I was in the #ubuntu channel just doing a little community service so to speak and gave someone some help with getting their user back into the proper groups as he had borked it. I also mentioned to him how to set roots password as he had commented on it and I got this response from the channel bot:

"< ubottu> raido: We do not support setting a root password. Please don't offer instructions on how to set a root password or ask for help with setting it. See !root and !wfm for more information."

I was dismayed. Is Ubuntu ceasing to be a platform for freedom? Does Ubuntu wish to control and restrict its users? Why? Why? Why, would Ubuntu ever act to restrict a users complete and total freedom over their system?

I can understand the default choice on how to handle the root account on installation but when a user wishes to differ, they should not be turned away.

I have to say I'm disgusted by this, and I fear that Ubuntu is becoming a distribution that I will not be happy to use and promote.

Regards

Mike Hanson

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu IRC Bots Edit question
Assignee:
No assignee Edit question
Solved by:
Michael Hanson
Solved:
Last query:
Last reply:
Revision history for this message
marcus aurelius (adbiz) said :
#1

"as he had borked it"

what is "borked"?

restricting access to root has advantages
1) provide security from malicious programs
2) prevent new users from fiddling with and corrupting the system

Revision history for this message
Mechanical snail (replicator-snail) said :
#2

The consensus seems to be that enabling root login is a bad idea, and using sudo is superior for every use. I presume that a lot of people, unfamiliar with the new system, ask how to enable root. I presume somebody decided that people would ask on IRC, get a reply, and enable root login, without understanding the security implications. Hence the automated warning. The message should have been phrased less brusquely and briefly explained the reasons, I admit.

Ubuntu does provide instructions at https://help.ubuntu.com/community/RootSudo#Enabling%20the%20root%20account .

Revision history for this message
marcus aurelius (adbiz) said :
#3

oh. making the root inaccessible isn't a philosophy. it's a program design.

a philosophy would be something like: software should be free so even those who are disadvantaged in life will have access to technology.

Revision history for this message
Eliah Kagan (degeneracypressure) said :
#4

I agree that enabling root is a bad idea, in virtually all cases. I would even be willing to stipulate, for the sake of argument, that root logins on Ubuntu system should never be enabled. Nonetheless, deliberately chastising people just for *asking* or *telling* people how to do it is a bad thing, for at least four reasons:

(1) It treats users like the way people who disrespect children treat children. Ubuntu users are capable of making their own decisions about how they use their computers. But they can only do that if they are provided with the ability to access information about how stuff works. Not only does the current message prohibit the free flow of information and tell users that they shouldn't be in control of their own computers, but it also does not explain (or hyperlink to an explanation for) why it is widely considered a bad idea to enable root logins. (Many users on #ubuntu and other channels have not previously used IRC and don't understand how !... commands work.)

(2) It degrades users' freedom. One of the major reasons many users use Ubuntu is that they don't like the way proprietary operating system vendors tell them that *their* computers are not *theirs* to use as they wish.

(3) It violates the Ubuntu Code of Conduct, which says that members of the community should ask for help when unsure, and that "[t]hose who are asked questions should be responsive and helpful." Maintaining a mysterious taboo on enabling root logins by responding with aggressive admonishments whenever the issue is raised is not helpful to anyone. The "behavior" of the bot "ubottu" might violate the Code in another way, in that it is disrespectful. However, arguably the Code invokes respectfulness in the sense of being nice and polite, whereas this behavior of ubottu is instead disrespectful in the different sense that it deeply disrespects users' liberty.

(4) It constitutes censorship. I cannot speak for the Ubuntu community as a whole, but it seems to me that most of us oppose censorship in almost all cases. The argument that "we have to discourage off-topic discussions" does not apply, since enabling root logins is not off-topic in #ubuntu.

In my opinion, this is a bug in the IRC channel(s). I would like to report it as one (at which point, as with other bugs, people who think it's not a bug will continue to have the opportunity to express that position). However, I don't know how to report such a bug, so I have asked how to do this at https://answers.launchpad.net/ubuntu/+question/147068. That is a technical question with a technical answer (which will apply to future, unrelated bugs too), so I would request that question 147068 not be sidetracked with the discussion that is happening here (and which may happen when this is reported as a bug).

In my opinion, it is not sufficient for the automated message to be more genteel and to explain what's wrong with enabling root logins. I think it's a good idea to have an automated message discouraging users from doing this, but users' decisions about how to configure their Ubuntu systems should be respected, and people who wish to help other users enable root logins shouldn't be told not to. I would suggest that a message like the following would be a very appropriate substitute for the current message:

"We strongly discourage setting a root password. This is not necessary to perform administrative tasks, nor it is a desirable way to do so. If you offer instructions on setting a root password, please make sure to explain why doing so is unnecessary and considered problematic. See !root and !wfm for more information."

I do not represent that proposed text as ideal. Perhaps it is a bit too long. Perhaps it is inadequately clear. But that expresses the sort of message, respectful of users' liberty and agency, which I think would be more in line with our community's principles.

Revision history for this message
Mechanical snail (replicator-snail) said :
#5

I agree this is a bug.
Assuming the user being helped also sees the message, why not just:
"[Automated message] We strongly discourage enabling root login. This is not necessary to perform administrative tasks, nor it is a desirable way to do so. See !root and !wfm for more information."

Revision history for this message
Michael Hanson (mhanson) said :
#6

I wish I had the eloquence that Eliah has. But thankfully he has hit at the heart of the problem. Indeed as Marcus states "making root inaccessible is not a philosophy". I agree, and as I said, I don't dispute the Ubuntu designs decision to treat the root account as it does. That is not a problem. However there is a problem with the activity of restricting a users desire to use his system as he wishes such as the ubottu bot did in IRC.

Additionally, I take great exception to the following statement from Marcus above: "2) prevent new users from fiddling with and corrupting the system"

Exploration and curiosity is what beats in the heart of freedom. In fact most everything I understand about running a Linux system has come by exploration and the your so-called "fiddling and corrupting" of my system and having to figure out how to make it work again. Marcus, if this is not also your experience then you have missed out. If you have had that experience then you should know better and shame on you and any like-minded in the Ubuntu admisistration for attempting to keep others from having those experiences of their own.

Revision history for this message
actionparsnip (andrew-woodhead666) said :
#7

Enabling the account isn't necessary as g/sudo will do anything you can EVER need. Keeping the root account locked improves security as 'root' is on EVERY linux based system so is the first account tried by attackers. It also stops unwitting users logging on as root and running web based app (IRC clients and web browsers) as root which is a HUGE security risk.

You have to remember the target audience for which Ubuntu is aimed for, new linux users. If you can control them in this small way it will more than likely give them a sturdier system.

Logging in as root is never necessary, also setting the password may remove the ability to drop to root recovery mode to easily reset passwords if they forget the root password.

You are completely free to set it but it is not advised nor supported.

Revision history for this message
Terence Simpson (tsimpson) said :
#8

There are no automated warning messages in #ubuntu, someone would have triggered the bot, with something like "!noroot | raido"

Revision history for this message
Eliah Kagan (degeneracypressure) said :
#9

The message is problematic even if manually (vs. automatically) triggered. As I explained in the bug report, that there exists a command to cause this message (and not a message more respectful of users' freedom) to be printed is problematic--that's the root of the bug.

Revision history for this message
actionparsnip (andrew-woodhead666) said :
#10

Why is it problematic to tell users the facts?

Revision history for this message
Terence Simpson (tsimpson) said :
#11

There is almost never a need to enable the root account, I have been using Ubuntu for over 5 years and have never needed to set a root password. What's more, enabling the account can leads to other things breaking. The support community in #ubuntu, and other channels, have decided that encouraging (or even not discouraging) users to set a password leads to more trouble.

Revision history for this message
Eliah Kagan (degeneracypressure) said :
#12

Sentences like "Don't ask about X!" and "Don't answer about X!" don't *tell* anything. They are imperative, not declarative. They constrain users' freedom, rather than educating or explaining. They make people feel coerced into remaining silent instead of helping other users use their computers as they see fit.

actionparsnip, you've answered many questions about Ubuntu. More than anybody else ever has, I think. I have never seen you command someone to shut up instead of providing information. Are you really unclear about the difference?

Revision history for this message
actionparsnip (andrew-woodhead666) said :
#13

It's because the Ubuntu community doesn't support nor advises having a password and the factoid is there to inform users.

Difference of what, exactly?

Revision history for this message
Eliah Kagan (degeneracypressure) said :
#14

I have no objection to providing a way for users to trigger bots to discourage other users from enabling root logins. I think root logins should rarely if ever be enabled, and that it would be irresponsible to tell users how to enable them without also discouraging them from doing so.

There is a difference between saying, "We discourage X, we do not support X," and saying, "You there -- don't you dare ask/answer questions about X." That's the difference I'm referring to. The first is a good idea. The problem that Michael, Mechanical Snail, and I have with the second, is that (*unlike* the first), we think it restricts users' freedom.

Revision history for this message
actionparsnip (andrew-woodhead666) said :
#15

I see your point but I guess it makes it clearer. You can change the bot if you wish. Join irc and type:

!root is textyoudesirehere

The submission will go to the moderators who may talk to you about it, or simply add your suggestion.

Revision history for this message
Michael Hanson (mhanson) said :
#16

actionparsnip, in you comment above you say, "If you can control them in this small way". This is the wrong way for the Ubuntu (or any free software community) to think about its users and it is this mentality that leads to statements like ubottu made in IRC. Again, this is not a discussion on weather enabling the root password is good or bad or otherwise. I am only concerned that Ubuntu users receive all the benefits afforded them by their choice to use free software. Ubuntu is a freedom focused distribution and needs to promote this at every opportunity.

From the Ubuntu Philosophy statement the first line reads: "Should have the freedom to download, run, copy, distribute, study, share, change and improve their software for any purpose, without paying licensing fees." And then later it states: "Free software gives everyone the freedom to use it however they want" "The freedom to study how the program works and adapt it to your needs." The Ubuntu Philosophy is available here http://www.ubuntu.com/project/about-ubuntu/our-philosophy

If there are some in the Ubuntu community with the authority to represent the distribution in some official manner (IRC mod or otherwise) it is important that they understand, respect and promote the freedoms that free software affords its users, not discourage them.

Sincerely

Mike Hanson

Revision history for this message
actionparsnip (andrew-woodhead666) said :
#17

Then submit a change to the bot and it will be considered

Revision history for this message
Michael Hanson (mhanson) said :
#18

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I will do so. Thanks.

Mike

<email address hidden>
GnuPG Key ID - A7BC8236

On 02/27/2011 10:09 AM, actionparsnip wrote:
> Your question #147061 on sudo in ubuntu changed:
> https://answers.launchpad.net/ubuntu/+source/sudo/+question/147061
>
> Status: Open => Answered
>
> actionparsnip proposed the following answer:
> Then submit a change to the bot and it will be considered
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk1qaWcACgkQBMRafae8gjag1QCfZeCjtK3KBzs6XDH6l+6X2ZBi
DLoAn0K/xLdVT7PW35sa3h2Annlo5Tbn
=DJjX
-----END PGP SIGNATURE-----

Revision history for this message
Mechanical snail (replicator-snail) said :
#19

Message has been changed. See http://ubottu.com/factoids.cgi?search=noroot

Revision history for this message
Michael Hanson (mhanson) said :
#20

I think we have come to a positive resolution/solution. The ops in IRC made a change to the ubottu language.

Thank to everyone who showed an interest.

Cheers.

Mike Hanson