https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# rancher-desktop
a
This message was deleted.
f
It will only ask you for the password when it needs it. It is used for different purposes: for vmnet to get a routable IP address, and for creating the 
/var/run/docker.sock
socket.
For vmnet access it creates the file 
/etc/sudoers.d/zzzzz-rancher-desktop-lima
to allow it to start/stop the privileged daemon repeatedly. This file will not get deleted when you tell RD to not use admin access; it will just not start the daemon anymore.
So when you re-enable admin access (with an otherwise unchanged configuration), it will find that the sudoers file is still valid and will just use it again
Similar with 
/var/run/docker.sock
, it will only get deleted when you reboot the machine, at which point it will ask you for the password again.
You could argue that the sudoers file should be deleted when you disable admin access. But we are planning to move away from using sudo completely and use a privileged helper process instead in the future, so we are unlikely to change anything until we have implemented the helper process.
b
Thank you for the explanation, @fast-garage-66093! It actually proves that my system works as expected.
@fast-garage-66093 you might still consider removing docker socket and sudoers file in case of Factory Reset, for a consistent experience. I just did a factory reset and it didn’t ask me anything. If I were to take it to extreme, I’d treat Factory Reset as a fresh install. Just a suggestion/opinion, no hard feelings either way 🙂
f
I do want to remove the sudoers file once we don't use it anymore at all. I'm not convinced removing the socket helps with anything, but once we have the privileged helper it should be simple enough to do on shutdown of the app
b
Oh, I’m glad I checked - the Factory Reset set my CPUs to 2, dropping from 18. But left RAM unchanged, I think; 6GB. If you compute these numbers, from OS resources, I have 10 cores/20 threads and 128GB RAM in this box. Hope this helps
f
It left the RAM at 6 because that is the default 😄
b
once we have the privileged helper…
Ah, yes indeed, you’ll only ask for root permission once for that helper, and won’t need them anymore.
RAM at 6 because that is the default
fair enough, so we get defaults after factory reset. Consistent experience 🙂
f
That is the idea of factory-reset: all custom settings are discarded; the configuration is like a fresh install
b
Right, that’s how I understand it. Red font helps, too
f
I just argued again this morning that the factory reset should not by default delete cached Kubernetes images because they are not custom settings; just additional content that is downloaded at a later time. Deleting it doesn't reset anything because it will just be replaced again with identical content when needed
b
I agree with that; it helps to save bandwidth and does not test patience of those users with slow or intermittent Internet connections. The content is identical to the level of enforcement; in my co people started using Nexus development Docker repos that allow redeployment, for production, thus version/tag meant nothing because the content could and did change. Worst experience I ever had. But of course we trust GCR to not change the content without changing tags, or else the whole world will be broken :)
f
Well, it is the package owner you have to trust... You can use sha256 checksums instead of tags in your image names, if you want to be sure
b
Of course, we do that in some cases. Tags can be moved, checksums, good luck with that
175 Views
Open in Slack
PreviousNext
Powered by