Utilities
Utilities copied to clipboard
helloSystem
Redesign some preferences
some design sketches
- Desktop Preferences
- Date time
[Note]This has a good design https://github.com/helloSystem/Utilities/issues/165#issuecomment-1604102400
- Display resolution
I have no trouble to remake the UI of Date and Time and use you template.
In general my source of insppiration is: https://flylib.com/books/en/2.585.1.237/1/
But i have really no trouble to use you template....
I just need a Go....
Hi @Hierosme, thanks for chiming in.
https://flylib.com/ is great, but let's make it different enough so that it cannot be mistaken for a clone. It should be familiar but not the same. Also, let's always ask ourselves, can we make things even simpler/leave away options no one uses.
It have no Ok or Cancel button ... The apply button is the Toogled Lock/Unlock (Still in progress) I let the Help Button on buttom, because it reauire to creat our Own Tab widget for got it (I can do but take long time) The Clock got AM / PM management .
Enjoy ...
The lock button is an unneeded complication. We can make it simpler by removing it.
Also, let's move "Set date and time automatically" to the top, and have it checked by default.
If it is checked, then everything below it should be greyed out.
That is:
If it is checked, then everything below it should be greyed out. ---> That is on the read...
what about the Help button ?
We don't have a Help, so we don't need a Help button for now.
Also, we don't need "Ok, "Cancel", "Apply". Everyhting should be applied immediately.
The Right Clock Tab is suppose to configure the global Menu Clock display on top/right of teh screen.
Have we a way to make it ? i just need a configuration file or i simply remove it ?
Everyhting should be applied immediately.
That is the root cause of the loop asking password.
I have to investigate sudo fine setting for make it possible. globaly we should play with sudo timestamp_timeout but unfortunally that not the only thing to do...
A good approch consiste to ceate our own sudo policy . The /etc/sudoers.d/ is here for that. it will be really easy to impose on fly a any option for certain command, like Date and Time.
I can say NOPASSWORD by example but in fact all Sudoers policy can be apply , and a lot of documentation or best practive all ready exist.
Can i create a Date and Time.app sudoers policy ?
That is the root cause of the loop asking password.
Do you know why that is?
As an alternative, we could run the whole peferences application with sudo -A -E - although it is not "nice".
I Think Yes, that the use of a subprocess child process The Child lost the parent and the sudo in that case destroy everything when quit.
That is explain on theat documentation: https://man.freebsd.org/cgi/man.cgi?sudoers(5)
You have to make the oposite and pass by the parent.
For example: It is possible to inform Sudouers about when a user start Date and Time it is automatically start with good permission if the user is part of Group X of Y. (Just a example).
In that case ENV var (timestamp informations) are preserved.
When you start a sub process child , Sudo start with a ultra short Env vars and by default destroy everything when exit .... Then normally the Timestamp sudo require to be in possition to impose the Env var to the child process.
BUT
When do it you have a ULTRA big security risk where the environement can permit to a bad user to jump ouside you SHELL and keep sudo permission.
The result we have is the default Sudo policy it not permit the actual code for Huge security risk ....
sudoers is not the best policy system of the world, but it is really reputate to work at all.
from it framework here how to:
Peprare a Alias command for permit apply a policy to they command alias. Prepare group/user for permit to appply a policy to they group/user Impose a poicy for the command.
The policy can be to ask the password, (Like what is done actually).
BUT now sudo know what to do globally and don't suppose to receive intructions from a subprocess child....
That method is static . It exist a aproch use by Samba team , where a Application generate dynamically all sudoers policy. Itś still static but it method Permit to fixe permission trouble for a Samba User. (The sudo trouble with Samba is a long story)
An other methos is to use a Sudoers Policy Manager Server , but really uncommon...
Here the part of the documenation it conserne our trouble:
sudoers uses per-user time stamp files for credential caching. Once a
user has been authenticated, a record is written containing the user-ID
that was used to authenticate, the terminal session ID, the start time of
the session leader (or parent process) and a time stamp (using a mono-
tonic clock if one is available). The user may then use sudo without a
password for a short period of time (5 minutes unless overridden by the
timestamp_timeout option). By default, sudoers uses a separate record
for each terminal, which means that a user's login sessions are authenti-
cated separately. The timestamp_type option can be used to select the
type of time stamp record sudoers will use.
The ultra important part : By default, sudoers uses a separate record for each terminal In that case terminal not mean QTerminal.app but Unix TERM, then in our case the TERM it have start teh session manager... Then impossible to start a subprocess child and conserve timestamp_timeout information inside the parent ....
OK i Got it.
depend of the case but sudo have Exactlly what we need for edit a file...
We should use sudoedit and our editor will be our app, by example Date and time.app is in fact a editor for /etc/ntpd.conf. (We inform /etc/sudoers.conf about that)
In that case that is Sudo is manage the user to work on a copy of the file to edit and only when apply Sudo will impose the security policy.
Then from documentation YES i got a good idea about how to... From Date and Time.app il have no code to do. I'll simply remove any call of Sudo, and create a sudoers policy ...
It will normally work like a charm, and that a big GO from security ppoint of view.
Mmm it is visually weird, is should be like this. I think.
I'm sorry for my bad remarks.
Supplement: Why is the arrangement of the calendar week so strange.
This would be more like what most people are familiar
The calendar is simply the defautl widget setting.
The position of day depends of you Locales configuration, that mean here in France the first day of the week is Monday.
Normaly you havent to care about custom format, because all they rules are standard and impose by the configuration of Locales. On OsX it is done with International.app.
Here we are:
When auto config is not set
when it is set
It have been long because AnalogClock widget have been monify for permit to be disabled.
"Use 24 hour clock" option should not be locked
and red words of the locked calendar can be changed to dark gray.
Below the date options, add these two options above the button.
I think the Help button is kept at the bottom, but it is locked, and then it says that this feature is under construction, at least. 『Correction of incorrect terms』
@probonopd Yes i'll remove the Apply button, at time i keep it for the Trigger, the time to provide a Sudoers policy for the Date and Time.app.
Normaly evrything about Sudo is correct, Date and Time.app will be a editor for /etc/timezone /etc/ntpdate.conf, and simply let the global Sudoers policy determine what have to be done.
@louies0623 Not trouble about bad remarks, bad or not a remarks is a start of a exchange. We working arround our exchange.
Actually it have no Tab for configure the Global Menu Clock. Option you asking for is not relatif to any configuration file. By example: Where the application is suppose to store the 24h clock setting ?
The original Date and Time.app provide the Global Menu widget (Docked), then all they options is store as setting of the global menu widget.
I have no trouble to provide the Date widget for Global Menu... Then here all options you asking for will be use and functional.
The global menu can load a widget i can make it really .... we need a configuration file for store the setting but it will be user space. (No sudoers policy needed)
I just have confirm it work like a charm
export SUDO_EDITOR=./date_and_time.py; sudoedit /etc/timezone /etc/ntpd.conf
poooooooIt work. Now i can write on the two files, and havent to care about permissions...
That is the job to sudoedit to track modifications and use the Sudoers policy if needed ......
That is really a nice thing. And a super news for users. I put that line of code inside le Shell script it call date_and_time.py
Everything work like a charm
Look ntpdate will be remove from FreeBSD:
https://man.freebsd.org/cgi/man.cgi?query=ntpdate&sektion=8 (Inside the Note on the Top)
ntpd i a good value, but actually chrony is the boy...
can i consider edit a /etc/ntpd.conf file ?
What change would be needed in that file? Would that be a static change that we can make one time in the ISO, or would that file be needed to be updated by your Python code?
ntpd can be use on a ISO Live launcher with the option ntp -q == ntpdate. In that case The clock is Set via CLI then a dedicated sudoers policy have to be create for it.
That is like ntpdate in that case only cron script make the job.
In True installer system the file is /etc/ntpd.conf, here the variable SUDO_EDITOR is use and the permission is done just for write inside /etc/timezone and /etc/ntpd.conf (Only if modification).
The sudoers policy is for permit to keep 15 minutes of sudo permission. Thr trick of SUDO_EDITOR is teh true way Sudo recommand to write on files.
The python SCript write nothing, by using the python script as a SUDO_EDITOR sudo create a copy of the file, and let the application write as it want on the copy. When save and modification have been done the sudoers policy is evaluate, and That Sudo if make teh write.
The Python script think about a write on a file but sudo overlap a copy of the file. Write/Read come from a copy ...
Hope i have well understand the question
Note: It work in both case because we true pass by the parent of the Application for get permissions.
Here the script i use as entry point for Date and Time.app
#!/bin/sh
HERE="$(dirname "$(readlink -f "${0}")")"
SUDO_EDITOR_TMP=$HERE | sed 's/\ /\\ /g'
export VISUAL="${SUDO_EDITOR_TMP}/Resources/date_and_time.py"
exec "sudoedit" "/etc/timezone" "/etc/ntpd.conf"
It depend of the sudoers policy, but the password is as only ask one time at start, and i keep the permision edit of the two files during 15 mns....
Can you test that it works fine at 640x480 (WVGA)? because it's the minimum screen requirement.If not then you add a scroll bar.