TB0ne |
04-08-2013 03:01 PM |
Quote:
Originally Posted by scottyg123
(Post 4927752)
Since the intro of the sudoers file my debian box has become unusable. I can not install or really do anything root(admin) related. I tried editing that stupid file and it still doesn't work. I figured I would give it one more chance before I installed windows, at least if I install windows I won't be locked out of my own system!!!!!!!!
My question is, how do I log in as root? I am done with that stupid sudoers file. I want to just log in as root and get the job done. before this fiasco the whole company was going to move to linux desktop, but now our desktop support says sudo apt-get install doesn't work anymore, and they cannot visudo because they're users aren't in the file they want to edit. I didn't think it was possible to break linux. I stand corrected!
I type root as the user name then type in the password and it tells me to pound sand "Authentication failure". I have reinstalled the OS and paid great attentions to root's user name and password, and no luck. Please don't bother with anymore suggestions concerning that stupid sudoer file. I am done with it, we just want to login as root now, we don't care about the risks, at least it will be usable.
|
Hate to say it, but sudo is VERY widely used, and is the de-facto standard for any company who is using Linux. The only way I've seen sudo not work, is either it's not set up correctly, or it's not used correctly.
To set it up: - Log in as normal user
- Enter "su - root" (essentially, 'logging in as root')
- Enter 'visudo'
- Put user ID's into the file to run whatever command(s)/shell(s) you see fit.
- Save and exit
That's it. If a user is listed, they can run whatever commands with root-access that they're allowed to, by prefacing them with "sudo". The password they're prompted for is THEIR password, not root's. That's to prevent someone from sitting down at a terminal and banging in a command without permission. Easy to fix too, you can make sudo not prompt for a password. A simple SUDOER's file from one of my workstations:
Code:
# Host alias specifications
# User alias specifications For example, help-desk folks
User_Alias HELPDESK = chris,bob,sally
# Cmnd alias specifications
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, /usr/local/bin/tcsh, /usr/bin/rsh, /usr/local/bin/zsh
Cmnd_Alias SU = /usr/bin/su
# Defaults specification
# Prevent environment variables from influencing programs in an
# unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151)
Defaults always_set_home
Defaults env_reset
# Change env_reset to !env_reset in previous line to keep all environment variables
# Following list will no longer be necessary after this change
Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE"
# Comment out the preceding line and uncomment the following one if you need
# to use special input methods. This may allow users to compromise the root
# account if they are allowed to run commands without authentication.
#Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
# Log all commands run with SUDO to this file
Defaults logfile=/var/log/sudo
# In the default (unconfigured) configuration, sudo asks for the root password.
# This allows use of an ordinary user account for administration of a freshly
# installed system. When configuring sudo, delete the two
# following lines:
Defaults targetpw # ask for the password of the target user i.e. root
ALL ALL=(ALL) NOPASSWD: ALL # WARNING! Only use this together with 'Defaults targetpw'!
# Runas alias specification
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
# Same thing without a password
%wheel ALL=(ALL) NOPASSWD: ALL
# EXAMPLES:
# These commands run without a password. Replace username with comma-separate list of users, or define
# a user alias group above.
# <users> ALL=(ALL) NOPASSWD: /usr/bin/apt-get,/sbin/shutdown
#
# The users can ONLY run these commands, NO OTHERS; useful for help desk folks who only
# need to unlock accounts or reset passwords, not format disks or change the root password
# <users> ALL=/usr/bin/apt-get,/sbin/shutdown
# HELPDESK ALL = (ALL) NOPASSWD: /usr/sbin/usermod, /usr/sbin/useradd, /usr/sbin/passwd, !/usr/bin/passwd root, !SHELLS
#
# This user can run ALL commands...except becoming root, or getting a shell. The ! says you CAN'T
# run it. You've defined both the SU and SHELLS aliases above.
# almostsu ALL = (ALL)ALL, !SU, !SHELLS
We can easily help you with your SUDO problems..just post the sudoers file, and we can assist. If you tell us what version of Debian, and how you want to log in as root (GUI on console? via SSH? Telnet?), we can also assist. I will STRONGLY suggest that you work through whatever issue(s) you're having with sudo, since if you go to another company, you probably will be FORCED to use it.
|