LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 07-04-2009, 11:20 PM   #1
newbiesforever
Senior Member
 
Registered: Apr 2006
Location: Glendale, AZ
Distribution: Distro-homeless. Lost.
Posts: 1,868

Rep: Reputation: 62
can I give root permissions to my acct?


Is there any way I can give myself root permissions (preferably for anything) while staying out of the root account? It's my computer and only I use it; I'm obviously the admin; I should be able to do anything I want. If something I'm going to do is unwise, that's mine to find out. (As a lesser issue, I don't like needing passwords on a system no one but me uses.)
 
Old 07-04-2009, 11:40 PM   #2
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
If you had root permissions then your account would be as potentially vulnerable to system attacks as if you were using the root account.

So no you cannot give your normal user account root privileges. The user account system isn't set up to handle that kind of configuration anyway. You are either logged on as root and you have privileges or you are logged on as a normal user and you don't have privileges.
 
Old 07-05-2009, 01:05 AM   #3
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
Quote:
Originally Posted by newbiesforever View Post
Is there any way I can give myself root permissions (preferably for anything) while staying out of the root account? It's my computer and only I use it; I'm obviously the admin; I should be able to do anything I want. If something I'm going to do is unwise, that's mine to find out. (As a lesser issue, I don't like needing passwords on a system no one but me uses.)
It might well become other peoples problem before it becomes yours. You might only at a very late stage notice that you're spreading spam ore viruses because someone managed to install something on your system because you were logged in as root.
But if I'm e.g. in your contact list, I will get that stuff (and e.g. eat away my bandwidth).

Sorry, but I'm not going to help you to make this place a worse world.
 
Old 07-05-2009, 01:07 AM   #4
newbiesforever
Senior Member
 
Registered: Apr 2006
Location: Glendale, AZ
Distribution: Distro-homeless. Lost.
Posts: 1,868

Original Poster
Rep: Reputation: 62
Okay, but I didn't ask about being logged in as root. I asked about giving my user account root permissions.
 
Old 07-05-2009, 01:08 AM   #5
TITiAN
Member
 
Registered: Mar 2008
Location: NRW, Germany
Distribution: Debian GNU/Linux with XFCE and packages from "testing"
Posts: 377

Rep: Reputation: 46
I feel similar, so:
I added
Code:
%wheel    ALL=(ALL) NOPASSWD: /usr/bin/gnome-terminal -e su
to my file /etc/sudoers.
Then I added a button on my Gnome desktop which executes
Code:
sudo gnome-terminal -e su
Of course, on any other desktop than Gnome, the command (and maybe the -e switch as well) should be replaced with the approtiate one.
That way (I hope) no tricky stuff can get its hands on my root account, and I can still do anything with root privileges.

Last edited by TITiAN; 07-05-2009 at 06:14 AM. Reason: forgot SUDO
 
Old 07-05-2009, 05:55 AM   #6
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
TITiAN's answer is not bad. S/he is using the security system correctly to access system privileges. The su command issued when the gnome-terminal is started actually is the traditional way for a normal user to have one specific process using system/root privileges.

The difference bewteen TITiAN's idea and the idea of giving root privileges to the user account is that all of the supporting software such as X that is run by the normal user is still running with normal privileges.

TITiAN's method is not a problem. It would be better if s/he had to enter a password for the su command to work but his/her solution is better than logging in to the console as the root account from a security point of view because most of the software running under the console will be running with normal user privileges.

The question remains: Why do you want to run with root privileges. If your computer is configured correctly then it is designed to work running applications with normal user account privileges. What do you think you are gaining by running any applications as root or by having a root shell easily available?

Last edited by stress_junkie; 07-05-2009 at 06:05 AM.
 
Old 07-05-2009, 06:08 AM   #7
TITiAN
Member
 
Registered: Mar 2008
Location: NRW, Germany
Distribution: Debian GNU/Linux with XFCE and packages from "testing"
Posts: 377

Rep: Reputation: 46
I forgot the sudo in the button, so the command is:
Code:
sudo gnome-terminal -e su
If you edit the sudoers file accordingly, you can just open a root-terminal like that.
The "-e su" switch is for security, if there was no argument you could pass anything, like '-e /path/to/my/virus'.

btw i'm a guy ("he/she" stuff)

Last edited by TITiAN; 07-05-2009 at 06:15 AM. Reason: forgot: why -e su
 
Old 07-05-2009, 11:41 AM   #8
cmdln
Member
 
Registered: Apr 2009
Location: Lawrence, KS
Distribution: Debian, Centos
Posts: 102
Blog Entries: 1

Rep: Reputation: 24
You can but you should not.
Using sudo as described above is common for workstation use. It's not advised but you can also change your uid to 0 and add yourself to the root group.
 
Old 07-05-2009, 11:47 AM   #9
Uncle_Theodore
Member
 
Registered: Dec 2007
Location: Charleston WV, USA
Distribution: Slackware 12.2, Arch Linux Amd64
Posts: 896

Rep: Reputation: 60
Actually, if you mean "can I do as a user everything root can do?" then the short answer is no. There's only one account with uid=0 in the system, there's no way to get another. The su command switches users, you can set up something with sudo or suid bits, but if a file has root as the owner and the permission string grants certain rights (r, w or e) to the owner only, you can't get those permissions without being root.
 
Old 07-05-2009, 12:14 PM   #10
TITiAN
Member
 
Registered: Mar 2008
Location: NRW, Germany
Distribution: Debian GNU/Linux with XFCE and packages from "testing"
Posts: 377

Rep: Reputation: 46
Please note that my method doesn't ask for any password, so once a user in the group 'wheel' (might be anything else according to the sudoers file) is logged on a desktop, root access is open for anyone near the PC (but [hopefully] not for scripts/binaries/anything else than a privileged user).
 
Old 07-05-2009, 11:31 PM   #11
cmdln
Member
 
Registered: Apr 2009
Location: Lawrence, KS
Distribution: Debian, Centos
Posts: 102
Blog Entries: 1

Rep: Reputation: 24
Quote:
Originally Posted by Uncle_Theodore View Post
Actually, if you mean "can I do as a user everything root can do?" then the short answer is no. There's only one account with uid=0 in the system, there's no way to get another. The su command switches users, you can set up something with sudo or suid bits, but if a file has root as the owner and the permission string grants certain rights (r, w or e) to the owner only, you can't get those permissions without being root.
Well I suppose I just don't understand what you want. You want all the power of root but you don't want to be root. Nothing states that the privileged user has to be called root. And I dont believe there is anything stopping you from adding another user with the same uid (essentially an alias)
 
Old 07-06-2009, 12:15 AM   #12
newbiesforever
Senior Member
 
Registered: Apr 2006
Location: Glendale, AZ
Distribution: Distro-homeless. Lost.
Posts: 1,868

Original Poster
Rep: Reputation: 62
The trouble with editing the sudoers file is that I apparently have to also learn to use vi. The file says it must be edited only with the "visudo" command as root. So editing sudoers will take me some time.
 
Old 07-06-2009, 02:19 AM   #13
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
Quote:
Originally Posted by cmdln View Post
Well I suppose I just don't understand what you want. You want all the power of root but you don't want to be root. Nothing states that the privileged user has to be called root. And I dont believe there is anything stopping you from adding another user with the same uid (essentially an alias)
That will cause some confusion, because the system might display the files as being owned by root or all root files to be owned by the other user.
 
Old 07-06-2009, 05:55 AM   #14
TITiAN
Member
 
Registered: Mar 2008
Location: NRW, Germany
Distribution: Debian GNU/Linux with XFCE and packages from "testing"
Posts: 377

Rep: Reputation: 46
Quote:
Originally Posted by newbiesforever View Post
The trouble with editing the sudoers file is that I apparently have to also learn to use vi. The file says it must be edited only with the "visudo" command as root. So editing sudoers will take me some time.
I don't know where you set that up on your system, but you can use nano instead, which is more intiutive, but with less extra. I admit I don't see the point in stuff like vi(m), so on my system (Gentoo) I set the default text editor to nano in the file /etc/rc.conf.
 
Old 07-06-2009, 11:13 PM   #15
cmdln
Member
 
Registered: Apr 2009
Location: Lawrence, KS
Distribution: Debian, Centos
Posts: 102
Blog Entries: 1

Rep: Reputation: 24
Quote:
Originally Posted by Wim Sturkenboom View Post
That will cause some confusion, because the system might display the files as being owned by root or all root files to be owned by the other user.
I didn't say it wouldn't cause confusion. The OP wanted to run as root all the time but with his username. Its not a good idea but its possible. In the past it was not uncommon to have "backdoor" root accounts like toor.
http://en.wikipedia.org/wiki/Toor
 
  


Reply

Tags
gnome, password, root, terminal


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to give myself root permissions royeo Linux - Newbie 11 08-12-2006 03:01 AM
How to give permissions for users....... manikantha Linux - General 1 03-17-2005 04:27 AM
Not able to give execute permissions needanyhelp? Linux - General 4 08-20-2004 05:19 AM
How do I give mounting permissions? TheMusicGuy Linux - Security 4 04-20-2004 09:16 PM
ftp acct/permissions zoa artcc chief Red Hat 1 11-20-2003 11:08 AM


All times are GMT -5. The time now is 05:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration