Duet3D Logo Duet3D
    • Tags
    • Documentation
    • Order
    • Register
    • Login

    3.2b1 Duet 3 (DCS is not started)

    Scheduled Pinned Locked Moved
    Firmware installation
    10
    38
    1.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • bcrazycramerundefined
      bcrazycramer
      last edited by

      fdd68c9f-5749-4f06-abd3-5f1bf7c3413b-image.png

      1 Reply Last reply Reply Quote 0
      • bcrazycramerundefined
        bcrazycramer @chrishamm
        last edited by

        @chrishamm said in 3.2b1 Duet 3 (DCS is not started):

        @bcrazycramer Please see my earlier post.

        Which part?

        Dougal1957undefined 1 Reply Last reply Reply Quote 0
        • Dougal1957undefined
          Dougal1957 @bcrazycramer
          last edited by

          @bcrazycramer it was to me asking me to run the journal cads to see what was happening!

          1 Reply Last reply Reply Quote 0
          • bcrazycramerundefined
            bcrazycramer
            last edited by

            2293ef33-61e6-4768-8fa0-50e60461f90e-image.png

            chrishammundefined 1 Reply Last reply Reply Quote 0
            • chrishammundefined
              chrishamm administrators @bcrazycramer
              last edited by

              @bcrazycramer That's looking good. You should be able to connect to your board over HTTP.

              The GitHub releases and package feeds have been updated with the latest hotfixes as promised. If you're having problems, consider running another software update.

              Duet software engineer

              1 Reply Last reply Reply Quote 0
              • A Former User?
                A Former User @chrishamm
                last edited by A Former User

                @chrishamm said in 3.2b1 Duet 3 (DCS is not started):

                I suspect there may be a permission issue going on because we changed from root to a dedicate dsf user in the latest pre-release.

                Can you explain the thinking behind changing from root to a dsf user?

                As to be honest if it was working before, this seems to be a prime example of changes being made for the sake of it for diminishing returns.

                As my old journeyman used to say : if it's working fuc*ing leave it alone.

                Phaedruxundefined 1 Reply Last reply Reply Quote 0
                • Phaedruxundefined
                  Phaedrux Moderator @A Former User
                  last edited by

                  @CaLviNx Running things as root is generally frowned upon for security sake.

                  Z-Bot CoreXY Build | Thingiverse Profile

                  A Former User? 1 Reply Last reply Reply Quote 0
                  • A Former User?
                    A Former User @Phaedrux
                    last edited by A Former User

                    @Phaedrux that I understand but in this instance it should be fine as people "should" have their home network secured.

                    My printers all connected via my own wireless "intranet" that is not connected to the outside world, so no one can get into that small network, house innternet itself is run through a Secure DDWRT equipped router which is well locked down, and I'm not the most IT tech savvy but I'm I am happy to run my printers in "Root" mode.

                    So to find yet another thing changed for the sake of change just trips things/people up as this instance proven

                    Phaedruxundefined 1 Reply Last reply Reply Quote 0
                    • Phaedruxundefined
                      Phaedrux Moderator @A Former User
                      last edited by

                      @CaLviNx said in 3.2b1 Duet 3 (DCS is not started):

                      "should" have their home network secured.

                      Defence in depth would urge you to not assume any favorable circumstances exist.

                      Z-Bot CoreXY Build | Thingiverse Profile

                      A Former User? 1 Reply Last reply Reply Quote 1
                      • A Former User?
                        A Former User @Phaedrux
                        last edited by

                        @Phaedrux and to counter that why should people not be allowed to choose for themselves and a notification in the docs would suffice?

                        dc42undefined A Former User? 2 Replies Last reply Reply Quote 0
                        • dc42undefined
                          dc42 administrators
                          last edited by

                          Given the huge number of hacking attempts made against everyone these days, we would rightly be castigated if we continued running DSF as root. This is even more important now that DSF supports plugins.

                          Duet WiFi hardware designer and firmware engineer
                          Please do not ask me for Duet support via PM or email, use the forum
                          http://www.escher3d.com, https://miscsolutions.wordpress.com

                          1 Reply Last reply Reply Quote 0
                          • dc42undefined
                            dc42 administrators @A Former User
                            last edited by dc42

                            @CaLviNx said in 3.2b1 Duet 3 (DCS is not started):

                            @Phaedrux and to counter that why should people not be allowed to choose for themselves and a notification in the docs would suffice?

                            If you want to run DSF as root, you can modify DSF - it's open source. If you don't know how to, then IMO you shouldn't be trusted to run DSF as root. I don't want your RPi running DSF to be part of a botnet.

                            Duet WiFi hardware designer and firmware engineer
                            Please do not ask me for Duet support via PM or email, use the forum
                            http://www.escher3d.com, https://miscsolutions.wordpress.com

                            botundefined 1 Reply Last reply Reply Quote 0
                            • A Former User?
                              A Former User @A Former User
                              last edited by

                              @CaLviNx said in 3.2b1 Duet 3 (DCS is not started):

                              @Phaedrux and to counter that why should people not be allowed to choose for themselves and a notification in the docs would suffice?

                              because secure by default solves more problems than it can create? (ref OpenBSD it won't stop you from pulling down your pants, even though it ships with belts and suspenders)

                              1 Reply Last reply Reply Quote 1
                              • botundefined
                                bot @dc42
                                last edited by

                                @dc42 said in 3.2b1 Duet 3 (DCS is not started):

                                [...] I don't want your RPi running DSF to be part of a botnet.

                                Wait... is that, like, discouraged or something? 😁 😁

                                *not actually a robot

                                1 Reply Last reply Reply Quote 0
                                • A Former User?
                                  A Former User
                                  last edited by

                                  So these replies bring me to ask the next question.

                                  If running in "root" is as dangerous as YOU GUYS are pushing it to be, why was this not implemented from the get go ?

                                  For it to be as dangerous as is being said and for it to only be being implemented now many many months after the Rpi image was released shows recklessness and a lack of care for users in the extreme....

                                  1 Reply Last reply Reply Quote 0
                                  • Phaedruxundefined
                                    Phaedrux Moderator
                                    last edited by

                                    It's a best practice. I'm sorry it wasn't implemented initially and I'm sorry implementing it now has inconvenienced you. Your point about change for change sake is taken.

                                    Z-Bot CoreXY Build | Thingiverse Profile

                                    A Former User? 1 Reply Last reply Reply Quote 0
                                    • A Former User?
                                      A Former User @Phaedrux
                                      last edited by A Former User

                                      @Phaedrux

                                      So it has just been proven that best practice has not been followed, but im the one getting preached at from multiple directions for even mentioning it...

                                      On one hand being lectured about how important security is.

                                      Then after its pointed out about the delay the importance of said security gets glossed over as "not best practise"

                                      hypocrisy much.........

                                      1 Reply Last reply Reply Quote 0
                                      • oliofundefined
                                        oliof
                                        last edited by

                                        At a hazard, this came up during architecture review for plugins and has now been implemented, which is good. (Also, botnet membership is not the only risk; exposure in an internal network and being used for lateral moves or persistent footholds inside an internal network that has bridges to the outside somewhere is another risk scenario)

                                        Somewhat related: Gina Häußge is fighting to keep people from exposing Octoprint to the internet unsecured, yet you can easily find many instances that are at risk if you know where to look.

                                        I'm pretty sure if someone were to sponsor a thorough security review of DSF, that the results would be more than welcome by the Duet3D team.

                                        <>RatRig V-Minion Fly Super5Pro RRF<> V-Core 3.1 IDEX k*****r <> RatRig V-Minion SKR 2 Marlin<>

                                        1 Reply Last reply Reply Quote 1
                                        • First post
                                          Last post
                                        Unless otherwise noted, all forum content is licensed under CC-BY-SA