LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   How do i login to debian as root? (https://www.linuxquestions.org/questions/linux-newbie-8/how-do-i-login-to-debian-as-root-4175457399/)

scottyg123 04-08-2013 02:28 PM
How do i login to debian as root?
 
Since the intro of the sudoers file my debian box has become unusable. I can not install or really do anything root(admin) related. I tried editing that stupid file and it still doesn't work. I figured I would give it one more chance before I installed windows, at least if I install windows I won't be locked out of my own system!!!!!!!!

My question is, how do I log in as root? I am done with that stupid sudoers file. I want to just log in as root and get the job done. before this fiasco the whole company was going to move to linux desktop, but now our desktop support says sudo apt-get install doesn't work anymore, and they cannot visudo because they're users aren't in the file they want to edit. I didn't think it was possible to break linux. I stand corrected!

I type root as the user name then type in the password and it tells me to pound sand "Authentication failure". I have reinstalled the OS and paid great attentions to root's user name and password, and no luck. Please don't bother with anymore suggestions concerning that stupid sudoer file. I am done with it, we just want to login as root now, we don't care about the risks, at least it will be usable.

spiky0011 04-08-2013 02:41 PM
Without root passwd you got a problem

TobiSGD 04-08-2013 02:57 PM
Start from a live-CD, mount the /-partition and chroot into it. Then use the passwd command to set a new password for root.
If you need additional help with that please post back.

TB0ne 04-08-2013 03:01 PM
Quote:
Originally Posted by scottyg123 (Post 4927752)
Since the intro of the sudoers file my debian box has become unusable. I can not install or really do anything root(admin) related. I tried editing that stupid file and it still doesn't work. I figured I would give it one more chance before I installed windows, at least if I install windows I won't be locked out of my own system!!!!!!!!

My question is, how do I log in as root? I am done with that stupid sudoers file. I want to just log in as root and get the job done. before this fiasco the whole company was going to move to linux desktop, but now our desktop support says sudo apt-get install doesn't work anymore, and they cannot visudo because they're users aren't in the file they want to edit. I didn't think it was possible to break linux. I stand corrected!

I type root as the user name then type in the password and it tells me to pound sand "Authentication failure". I have reinstalled the OS and paid great attentions to root's user name and password, and no luck. Please don't bother with anymore suggestions concerning that stupid sudoer file. I am done with it, we just want to login as root now, we don't care about the risks, at least it will be usable.
Hate to say it, but sudo is VERY widely used, and is the de-facto standard for any company who is using Linux. The only way I've seen sudo not work, is either it's not set up correctly, or it's not used correctly.

To set it up:
  • Log in as normal user
  • Enter "su - root" (essentially, 'logging in as root')
  • Enter 'visudo'
  • Put user ID's into the file to run whatever command(s)/shell(s) you see fit.
  • Save and exit
That's it. If a user is listed, they can run whatever commands with root-access that they're allowed to, by prefacing them with "sudo". The password they're prompted for is THEIR password, not root's. That's to prevent someone from sitting down at a terminal and banging in a command without permission. Easy to fix too, you can make sudo not prompt for a password. A simple SUDOER's file from one of my workstations:
Code:
# Host alias specifications
# User alias specifications For example, help-desk folks
User_Alias  HELPDESK = chris,bob,sally

# Cmnd alias specifications
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, /usr/local/bin/tcsh, /usr/bin/rsh, /usr/local/bin/zsh
Cmnd_Alias SU = /usr/bin/su
 
# Defaults specification
# Prevent environment variables from influencing programs in an
# unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151)
Defaults always_set_home
Defaults env_reset
# Change env_reset to !env_reset in previous line to keep all environment variables
# Following list will no longer be necessary after this change

Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE"
# Comment out the preceding line and uncomment the following one if you need
# to use special input methods. This may allow users to compromise  the root
# account if they are allowed to run commands without authentication.
#Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"

# Log all commands run with SUDO to this file
Defaults logfile=/var/log/sudo

# In the default (unconfigured) configuration, sudo asks for the root password.
# This allows use of an ordinary user account for administration of a freshly
# installed system. When configuring sudo, delete the two
# following lines:
Defaults targetpw  # ask for the password of the target user i.e. root
ALL    ALL=(ALL) NOPASSWD: ALL  # WARNING! Only use this together with 'Defaults targetpw'!

# Runas alias specification

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL) ALL

# Same thing without a password
%wheel  ALL=(ALL) NOPASSWD: ALL

# EXAMPLES:
# These commands run without a password. Replace username with comma-separate list of users, or define
# a user alias group above.
# <users> ALL=(ALL) NOPASSWD: /usr/bin/apt-get,/sbin/shutdown
#
# The users can ONLY run these commands, NO OTHERS; useful for help desk folks who only
# need to unlock accounts or reset passwords, not format disks or change the root password
# <users> ALL=/usr/bin/apt-get,/sbin/shutdown
# HELPDESK ALL = (ALL) NOPASSWD: /usr/sbin/usermod, /usr/sbin/useradd, /usr/sbin/passwd, !/usr/bin/passwd root, !SHELLS
#
# This user can run ALL commands...except becoming root, or getting a shell.  The ! says you CAN'T
# run it.  You've defined both the SU and SHELLS aliases above.
# almostsu ALL = (ALL)ALL, !SU, !SHELLS
We can easily help you with your SUDO problems..just post the sudoers file, and we can assist. If you tell us what version of Debian, and how you want to log in as root (GUI on console? via SSH? Telnet?), we can also assist. I will STRONGLY suggest that you work through whatever issue(s) you're having with sudo, since if you go to another company, you probably will be FORCED to use it.

scottyg123 04-09-2013 08:16 AM
THANK YOU TB0ne!
 
THANK YOU TB0ne!

You rock, not only did you answer the question I asked, but you also provided me the correct info on editing the sudoers file. We are up and running. We are building some graphic reports in c++ to work with flow-tools, and it was my suggestion we just go Linux for all our network monitoring boxes, and everyone started beating me over the head when they could do nothing from the GUI. We are using "sudo" and not root, as we now know how.

Once I was in as root and could run visudo, I noticed in my release of debian, as long as I made a user a member of the "sudo" group they could sudo with a password prompt for their user.

Thank again!
Scott

TB0ne 04-09-2013 09:45 AM
Quote:
Originally Posted by scottyg123 (Post 4928189)
THANK YOU TB0ne!

You rock, not only did you answer the question I asked, but you also provided me the correct info on editing the sudoers file. We are up and running. We are building some graphic reports in c++ to work with flow-tools, and it was my suggestion we just go Linux for all our network monitoring boxes, and everyone started beating me over the head when they could do nothing from the GUI. We are using "sudo" and not root, as we now know how.

Once I was in as root and could run visudo, I noticed in my release of debian, as long as I made a user a member of the "sudo" group they could sudo with a password prompt for their user.

Thank again!
Scott
No worries, glad it helped. SUDO is the preferred way of getting root access to users, and it can be VERY granular. As such, anything outside of a basic setup can get complex, but it is one of the best tools out there. On a plus note...you'll have a log of who ran what commands, so if someone borks the system, you can let THEM fix it. :)


All times are GMT -5. The time now is 09:31 PM.