LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 06-15-2007, 04:42 PM   #1
bspus
Member
 
Registered: Aug 2005
Location: Greece
Distribution: Fedora
Posts: 45

Rep: Reputation: 15
Can I avoid giving password when su-ing to root?


Hi

As the title says, I would like to su without giving the password
I'm using fedora 7 with gnome

I have already setup sudo without a password for my normal user but I would still like a normal root terminal while avoiding the password

the info on su does not provide any information about passing the password as a parameter. I suppose that is out of the question

I tried making a file /etc/default/su and writing the line
PROMPT=No (or no, I tried both) which according to many websites was supposed to do it, but it doesnt

So does anybody know? I dont care about security at this point. The box is just for experimental toying around, I dont care about being compromised.

this is a script to open a root terminal in the current directory (right-click on a directory)

Code:
#!/bin/sh

base="`echo $NAUTILUS_SCRIPT_CURRENT_URI | cut -d'/' -f3- | sed 's/%20/ /g'`"
if [ -z "$NAUTILUS_SCRIPT_SELECTED_FILE_PATHS" ]; then
     dir="$base"
else 
     while [ ! -z "$1" -a ! -d "$base/$1" ]; do shift; done
     dir="$base/$1"
fi

gnome-terminal --working-directory="$dir" --command su
It is placed in ~/.gnome2/nautilus-scripts and it works ok, prompting for a password of course
What I'm really looking for is to remove the password requirement

Trying
sudo gnome-terminal --working-directory="$dir"

instead of
gnome-terminal --working-directory="$dir" --command su

does not work at all on the script, although it does work on an open terminal

Trying
gnome-terminal --working-directory="$dir" --command "sudo gnome-terminal --working-directory="$dir""

works but it opens 2 terminals, the original which is unusable and a second one which is usable. But this is rather ugly
 
Old 06-15-2007, 05:07 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928
visudo
%admin ALL=NOPASSWD: /bin/su -
or
user your_user=NOPASSWD: /bin/su -

And for the menu
rxvt -title "RootShell" -sl 8000 -e sudo su -


But I wouldn't recommend that practice....



Cheers,
Tink
 
Old 06-15-2007, 05:59 PM   #3
Emerson
LQ Sage
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~amd64
Posts: 7,661

Rep: Reputation: Disabled
sudo -i
sudo -s

man sudo
 
Old 06-15-2007, 06:41 PM   #4
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Mint
Posts: 17,809

Rep: Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743
Very bad idea to disable passwords---bad bad bad.

If you insist, edit the appropriate entries in /etc/passwd to remove the "x" between the first 2 colons, resulting in something like this:

root::0:0:root:/root:/bin/bash

Did I already say: "BAD IDEA"?
 
Old 06-15-2007, 06:48 PM   #5
Emerson
LQ Sage
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~amd64
Posts: 7,661

Rep: Reputation: Disabled
What Tink and pixellany said.

Very bad idea. Even if you do not care what happens with your box it may present danger others when hijacked.
Actually, every serious UNIX user should feel discomfort when running/messing with root, similar feel like driving a car on left lane. You go there if situation calls for it and it's safe but you do not want to stay there.
 
Old 06-16-2007, 01:31 AM   #6
bspus
Member
 
Registered: Aug 2005
Location: Greece
Distribution: Fedora
Posts: 45

Original Poster
Rep: Reputation: 15
Thanks for the replies

I checked out man sudo and tried the -i switch, as emerson suggested

Unfortunately, sudo -i gnome-terminal says it cannot execute binary file.

editing the /etc/passwd to remove the x worked. It is indeed too radical a solution. Now it never asks for a password. I only wanted it to not ask for the script

As for why I want to do this, its because this is my guinea pig box. I only ever test stuff on it, which means I have to become root all the time. The only reason I dont get a root desktop on it is because I want to keep a perspective from the users point of view as well. But getting rid of the password would be extremely convenient. It goes without saying I would never try this in any other case
 
Old 06-16-2007, 03:55 AM   #7
Tinkster
Moderator
 
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928
Did you try my sudoers suggestion?


Cheers,
Tink

Last edited by Tinkster; 06-16-2007 at 03:58 AM.
 
Old 06-16-2007, 07:09 AM   #8
coolb
Member
 
Registered: Apr 2006
Location: Cape Town, South Africa
Distribution: Gentoo 2006.1(2.6.17-gentoo-r7)
Posts: 222

Rep: Reputation: 30
this will make one uber insecure system
 
Old 06-16-2007, 10:37 AM   #9
bspus
Member
 
Registered: Aug 2005
Location: Greece
Distribution: Fedora
Posts: 45

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by Tinkster
Did you try my sudoers suggestion?


Cheers,
Tink

I couldnt make it work

For user nick I added in visudo the line

user nick=NOPASSWD: /bin/su

as the last line. It still asked for a password

Then I removed it and added the following

%admin ALL=NOPASSWD: /bin/su

On its own it does nothing again., so I also tried in the shell
gpasswd -a nick admin

(judging from the walkthrough I have seen with sudo and the wheel group, that should be OK)

but it says it knows nothing about group admin
I suppose I could have done a %users ALL=NOPASSWD: /bin/su but I suppose its not better that removing the x in /etc/passwd as has been suggested


As for
rxvt -title "RootShell" -sl 8000 -e sudo su

I dont even know where to put it!
 
Old 06-16-2007, 10:53 AM   #10
Emerson
LQ Sage
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~amd64
Posts: 7,661

Rep: Reputation: Disabled
/usr/bin/xterm -e sudo -i

This open a root terminal for me ...
 
Old 06-17-2007, 02:09 AM   #11
bspus
Member
 
Registered: Aug 2005
Location: Greece
Distribution: Fedora
Posts: 45

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by Emerson
/usr/bin/xterm -e sudo -i

This open a root terminal for me ...

Indeed it does
But xterm is not as nice as gnome-terminal

The equivalent gnome-terminal command would be
gnome-terminal --command "sudo -i"

Which is what finally did it for me. Thanks for the help guys. No longer do I need to visudo or mess with /etc/passwd
 
Old 06-17-2007, 07:08 AM   #12
Emerson
LQ Sage
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~amd64
Posts: 7,661

Rep: Reputation: Disabled
Put this into your .Xdefaults and the xterm looks much better.
Code:
 ~ $ cat .Xdefaults 
xterm*foreground: white
xterm*background: black
xterm*font: 9x15
xterm*geometry: 80x35
 
Old 06-17-2007, 12:50 PM   #13
dawkcid
Member
 
Registered: May 2007
Location: UK
Distribution: LFS,Slackware,Slamd64,NetBSD
Posts: 102

Rep: Reputation: 15
You can bypass the password entry for su too, or allow specific users to use their own password. man suauth.

Naturally, I reiterate all the warnings given previously.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How could normal user obtain root password or change root password ckamheng Debian 18 02-18-2009 10:28 PM
how can I customise my login to avoid prompt for user and password? krmane Slackware 6 07-13-2006 10:35 AM
avoid been ask password by ssh with script? Chowroc Programming 6 02-14-2006 05:17 AM
Samba Avoid repeating password possible ? saustin99 Linux - General 4 05-31-2005 09:57 AM
How to avoid the password when a mail sends out fidelis Linux - Security 1 09-13-2004 07:47 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 04:04 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration