LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-12-2007, 04:52 PM   #31
iamnothere
Member
 
Registered: Feb 2007
Location: UK
Distribution: Slamd 64, Slackware
Posts: 46

Rep: Reputation: 16

Quote:
Originally Posted by lumix
Thanks to all who understood the word "deprecate."

I DID in fact imagine that before long I wouldn't want to be root for every day use. However, I can't remember a single week in the last 20 years that didn't involve working under the hood, and it'd sure suck to have to say "sudo" every time I want to remove a nut or bolt.
Typing su/sudo isn't necessary all the time. For common/regular commands, you can setup sudo to allow no-password usage, and and write a wrapper script/shell function to avoid having to type 'sudo'. For example, I use a 'cpufreq' shell wrapper to switch between different cpufreq scaling governors. I just do 'cpufreq o' (ondemand), 'cpufreq p' (performance), and so on.

Last edited by iamnothere; 03-15-2007 at 11:13 AM.
 
Old 03-12-2007, 09:22 PM   #32
2damncommon
Senior Member
 
Registered: Feb 2003
Location: Calif, USA
Distribution: Debian Wheezy
Posts: 2,872

Rep: Reputation: 88
Quote:
Originally Posted by lumix
Perhaps one should keep it to oneself if they can't remember the early experience and moreover, just can't show how a few solutions can work. If you feel impatient, best to go another forum and be helpful there.

Quote:
Originally Posted by 2damncommon
My first few months I used to log in and out of root and my regular user until I learned to do what everyone is suggesting here, use "su" or "sudo". It really is quite simple.
To run something from the command line open a terminal and type either "su" or "su -" ("su -" gives better privilages). To run a GUI program in KDE as root type "kdesu <program name> in a terminal. For instance "kdesu konqueror"


 
Old 03-13-2007, 03:20 AM   #33
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by coldbeer
I'm obviously clueless? And the "best practice" is one size fits all, huh? If that's the case you, of course, put *your* home computer in a halon protected, air conditioned security room with an UPS.
Obviously not ... but running as ordinary user
doesn't cost me a dime, and the 5 seconds it
takes me to su to root (or do more menial tasks
as ordinary user with sudo w/o a password) are
well worth the extra effort. I have no doubt that
you're backing up important stuff, and that you
don't rm -rf ... but do you know when you're going
to browse to a website that has a day-zero exploit
for your browser, which, when used as root, may open
a back-door to your machine, and make it a drone in
somebodys botnet? Thought not.


Quote:
Originally Posted by coldbeer
And give me a break, you're comparing a single user on a home machine running as root to seat-belts and car accidents. LOL.

Your response is an example of the hysteria I was talking about.
And your false sense of security is the material
that makes drones and botnets possible.


Quote:
Originally Posted by coldbeer
I really want to know the specifics of what is going to happen to my single user home desktop linux system, so we can debate this point by point. We'll see who's clueless.

I would be more concerned about an asteroid hitting me.
Making my point yet again - thanks :}




Cheers,
Tink
 
Old 03-13-2007, 04:06 AM   #34
prozac
Member
 
Registered: Oct 2005
Location: Australia
Distribution: slackware 12.1
Posts: 753

Rep: Reputation: 32
Running a X session with "root" is dangerous. You are running way too many apps as root. These apps are under development most of the time and new bug fixes are being released periodically to address many issues and some regarding security. So a small flaw in any one of the app may lead to exploitation thus compromising the whole system. This is why you shouldn't run X as root and this is exactly why windows has so many virus and exploitation problems. Anybody can do anything. The "su" utility is a handy way to switch over to another user (mostly root) where and when you need it. Linux most powerful feature comes from its command line so don't hesitate to learn it. after you "su" to root, you can do anything you want - edit xorg.conf, move your files to any location or even destroy your system with a single rm -rf or chmod all from the command line. However, there's another very good alternative to su'ing, its called sudo. make yourself listed into the sudoers file using the visudo command. give in yourself access to some regular commands that you would like to run as root. you may or maynot want to use passwd, its your choice. Hey! a little typing won't hurt, especially if it saves you from reinstalling you system every other night.

If you must do it from a GUI, somebody already suggested kdesu is a nice way to do it.
 
Old 03-13-2007, 04:18 AM   #35
jlliagre
Moderator
 
Registered: Feb 2004
Location: Outside Paris
Distribution: Solaris 11.3, Oracle Linux, Mint
Posts: 9,669

Rep: Reputation: 398Reputation: 398Reputation: 398Reputation: 398
Quote:
Originally Posted by custangro
That's right....I had multiple windows open posting on a few differnt things (one of them being a poll on "su"...hehe).

But, you're right. It stands for Switch User.
It doesn't actually, although "switch user" is correctly describing the command purpose.

Have a look back to my answer to your poll.
 
Old 03-13-2007, 09:55 AM   #36
coldbeer
Member
 
Registered: May 2006
Location: Orion–Cygnus Arm, MWG
Distribution: Slackware 14.2
Posts: 203

Rep: Reputation: 112Reputation: 112
Quote:
Originally Posted by Tinkster
Obviously not ... but running as ordinary user
doesn't cost me a dime, and the 5 seconds it
takes me to su to root (or do more menial tasks
as ordinary user with sudo w/o a password) are
well worth the extra effort. I have no doubt that
you're backing up important stuff, and that you
don't rm -rf ... but do you know when you're going
to browse to a website that has a day-zero exploit
for your browser, which, when used as root, may open
a back-door to your machine, and make it a drone in
somebodys botnet? Thought not.


And your false sense of security is the material
that makes drones and botnets possible.
Yes, I did fail to mention that in my setup. Thanks for bringing that to my attention:

My corrected statement: There is little danger in running as root on a single user home desktop machine using an external firewall.

That actually that brings up a good point about how this root issue is really detracting from things that *should* be done (real risks), like disabling all services that are not essential because even if you are running as a user, you're not *safe* being connected to the internet. If somebody can exploit a bug in one of your services you are toast whether you are running as root or not.

And the big difference risk wise is that on one hand you are trying to protect yourself from yourself (low risk) and on the other hand you are trying to protect yourself from a willful threat (high risk).

Last edited by coldbeer; 03-13-2007 at 10:24 AM.
 
Old 03-13-2007, 10:12 AM   #37
lumix
Member
 
Registered: Mar 2007
Distribution: Hardy (Gnome on Ubuntu 8.04) on Compaq N600c laptop
Posts: 323

Original Poster
Rep: Reputation: 30
Oo boy...

Quote:
Originally Posted by iamnothere

NEW POLL: "Things that are more frustrating than Linux."

Er (no particular order here): women drivers, women in general, government, Windows, navel fluff, um.. c'mon help me out here...

I "dissociate myself" from these comments. Those who really need to know, will just have to guess which of them I agree with.
 
Old 03-13-2007, 12:19 PM   #38
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by coldbeer
My corrected statement: There is little danger in running as root on a single user home desktop machine using an external firewall.
And that firewall won't permit outgoing traffic on
arbitrary ports? You've locked yourself down to use
21,80, 443? The issue is still that any application
you use to traverse the firewall can theoretically
be exploited. And unless you have a highly expensive
firewall (like a cyberguard TSP or a sidewinder) that
checks known traffic for valid content you can't be
sure, ever. And even those babies don't know all possible
exploits for non-standard apps/ports.

Quote:
Originally Posted by coldbeer
That actually that brings up a good point about how this root issue is really detracting from things that *should* be done (real risks), like disabling all services that are not essential because even if you are running as a user, you're not *safe* being connected to the internet. If somebody can exploit a bug in one of your services you are toast whether you are running as root or not.
While those statements are quite correct they don't
negate the dangers I mentioned above. Slackware, which
you're using at the moment is reasonably sane in that
respect; but one still shouldn't do mundane things as
root.

Quote:
Originally Posted by coldbeer
And the big difference risk wise is that on one hand you are trying to protect yourself from yourself (low risk) and on the other hand you are trying to protect yourself from a willful threat (high risk).
Both of which are perfectly valid reasons *not* to
run as root. To me having to assume root temporarily
to do system tasks automatically raises my alertness
to my own activities, and makes me think twice before
I press enter. And by the way: I did "byte myself"
with and rm -rf / once in the "early days", not looking
at the screen and having missed the fact that my capslock
was on and my tab-expansion for the /install directory
hadn't worked. :}


Cheers,
Tink

Last edited by Tinkster; 03-13-2007 at 12:21 PM.
 
Old 03-13-2007, 04:30 PM   #39
coldbeer
Member
 
Registered: May 2006
Location: Orion–Cygnus Arm, MWG
Distribution: Slackware 14.2
Posts: 203

Rep: Reputation: 112Reputation: 112
Quote:
Originally Posted by Tinkster

Cheers,
Tink
Well, as much as I hate to admit it. Tink, you've convinced me! I'll set up a user account on my machine.

Thanks for excellent exchange.
 
Old 03-13-2007, 07:12 PM   #40
Sepero
Member
 
Registered: Jul 2004
Location: Tampa, Florida, USA
Distribution: Ubuntu
Posts: 734
Blog Entries: 1

Rep: Reputation: 32
Hopefully, I'm seriously on this. In a distro like Slackware, where every other command is "./configure && make && make install", I can understand why someone would run as root fulltime.

Try another distro flavor. I'm not suggesting one in specific, but just try anything not Slack-based. There are much better package managers out there. By not exploring your options, you only hurt yourself.
 
Old 03-14-2007, 01:35 AM   #41
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by Sepero
Hopefully, I'm seriously on this. In a distro like Slackware, where every other command is "./configure && make && make install", I can understand why someone would run as root fulltime.

Try another distro flavor. I'm not suggesting one in specific, but just try anything not Slack-based. There are much better package managers out there. By not exploring your options, you only hurt yourself.
visudo
tink ALL=ALL NOPASSWD: checkinstall

./configure and make don't require elevated privileges,
and just add /sbin, /usr/sbin to your path, add
checkinstall to sudoers and you're all sweet.



Cheers,
Tink
 
Old 03-14-2007, 01:36 AM   #42
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by coldbeer
Well, as much as I hate to admit it. Tink, you've convinced me! I'll set up a user account on my machine.

Thanks for excellent exchange. :D
Thank you very much for this feedback :}

I often feel like preaching to stone here ;}



Cheers,
Tink
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Adding root privaliges to user accounts or auto login as root Val-Ent Linux - General 15 03-02-2010 04:27 PM
LXer: Summary of topics discussed at OSDL Desktop Linux Printing Summit LXer Syndicated Linux News 0 04-15-2006 05:03 PM
RHEL3 Mounting USB after reboot and between reboots: root and non-root users Luis Nunes Linux - Hardware 0 07-20-2005 08:32 AM
IntelliMouse thumb buttons work as root, broken as non-root user, wheel works always digital vortex Linux - Hardware 7 03-02-2004 04:14 PM
root files: create as root:root or root:wheel? pcass Linux - Security 1 02-07-2004 04:14 PM


All times are GMT -5. The time now is 05:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration