Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Thanks to all who understood the word "deprecate."
I DID in fact imagine that before long I wouldn't want to be root for every day use. However, I can't remember a single week in the last 20 years that didn't involve working under the hood, and it'd sure suck to have to say "sudo" every time I want to remove a nut or bolt.
Typing su/sudo isn't necessary all the time. For common/regular commands, you can setup sudo to allow no-password usage, and and write a wrapper script/shell function to avoid having to type 'sudo'. For example, I use a 'cpufreq' shell wrapper to switch between different cpufreq scaling governors. I just do 'cpufreq o' (ondemand), 'cpufreq p' (performance), and so on.
Last edited by iamnothere; 03-15-2007 at 11:13 AM.
Perhaps one should keep it to oneself if they can't remember the early experience and moreover, just can't show how a few solutions can work. If you feel impatient, best to go another forum and be helpful there.
Quote:
Originally Posted by 2damncommon
My first few months I used to log in and out of root and my regular user until I learned to do what everyone is suggesting here, use "su" or "sudo". It really is quite simple.
To run something from the command line open a terminal and type either "su" or "su -" ("su -" gives better privilages). To run a GUI program in KDE as root type "kdesu <program name> in a terminal. For instance "kdesu konqueror"
I'm obviously clueless? And the "best practice" is one size fits all, huh? If that's the case you, of course, put *your* home computer in a halon protected, air conditioned security room with an UPS.
Obviously not ... but running as ordinary user
doesn't cost me a dime, and the 5 seconds it
takes me to su to root (or do more menial tasks
as ordinary user with sudo w/o a password) are
well worth the extra effort. I have no doubt that
you're backing up important stuff, and that you
don't rm -rf ... but do you know when you're going
to browse to a website that has a day-zero exploit
for your browser, which, when used as root, may open
a back-door to your machine, and make it a drone in
somebodys botnet? Thought not.
Quote:
Originally Posted by coldbeer
And give me a break, you're comparing a single user on a home machine running as root to seat-belts and car accidents. LOL.
Your response is an example of the hysteria I was talking about.
And your false sense of security is the material
that makes drones and botnets possible.
Quote:
Originally Posted by coldbeer
I really want to know the specifics of what is going to happen to my single user home desktop linux system, so we can debate this point by point. We'll see who's clueless.
I would be more concerned about an asteroid hitting me.
Running a X session with "root" is dangerous. You are running way too many apps as root. These apps are under development most of the time and new bug fixes are being released periodically to address many issues and some regarding security. So a small flaw in any one of the app may lead to exploitation thus compromising the whole system. This is why you shouldn't run X as root and this is exactly why windows has so many virus and exploitation problems. Anybody can do anything. The "su" utility is a handy way to switch over to another user (mostly root) where and when you need it. Linux most powerful feature comes from its command line so don't hesitate to learn it. after you "su" to root, you can do anything you want - edit xorg.conf, move your files to any location or even destroy your system with a single rm -rf or chmod all from the command line. However, there's another very good alternative to su'ing, its called sudo. make yourself listed into the sudoers file using the visudo command. give in yourself access to some regular commands that you would like to run as root. you may or maynot want to use passwd, its your choice. Hey! a little typing won't hurt, especially if it saves you from reinstalling you system every other night.
If you must do it from a GUI, somebody already suggested kdesu is a nice way to do it.
Obviously not ... but running as ordinary user
doesn't cost me a dime, and the 5 seconds it
takes me to su to root (or do more menial tasks
as ordinary user with sudo w/o a password) are
well worth the extra effort. I have no doubt that
you're backing up important stuff, and that you
don't rm -rf ... but do you know when you're going
to browse to a website that has a day-zero exploit
for your browser, which, when used as root, may open
a back-door to your machine, and make it a drone in
somebodys botnet? Thought not.
And your false sense of security is the material
that makes drones and botnets possible.
Yes, I did fail to mention that in my setup. Thanks for bringing that to my attention:
My corrected statement: There is little danger in running as root on a single user home desktop machine using an external firewall.
That actually that brings up a good point about how this root issue is really detracting from things that *should* be done (real risks), like disabling all services that are not essential because even if you are running as a user, you're not *safe* being connected to the internet. If somebody can exploit a bug in one of your services you are toast whether you are running as root or not.
And the big difference risk wise is that on one hand you are trying to protect yourself from yourself (low risk) and on the other hand you are trying to protect yourself from a willful threat (high risk).
My corrected statement: There is little danger in running as root on a single user home desktop machine using an external firewall.
And that firewall won't permit outgoing traffic on
arbitrary ports? You've locked yourself down to use
21,80, 443? The issue is still that any application
you use to traverse the firewall can theoretically
be exploited. And unless you have a highly expensive
firewall (like a cyberguard TSP or a sidewinder) that
checks known traffic for valid content you can't be
sure, ever. And even those babies don't know all possible
exploits for non-standard apps/ports.
Quote:
Originally Posted by coldbeer
That actually that brings up a good point about how this root issue is really detracting from things that *should* be done (real risks), like disabling all services that are not essential because even if you are running as a user, you're not *safe* being connected to the internet. If somebody can exploit a bug in one of your services you are toast whether you are running as root or not.
While those statements are quite correct they don't
negate the dangers I mentioned above. Slackware, which
you're using at the moment is reasonably sane in that
respect; but one still shouldn't do mundane things as
root.
Quote:
Originally Posted by coldbeer
And the big difference risk wise is that on one hand you are trying to protect yourself from yourself (low risk) and on the other hand you are trying to protect yourself from a willful threat (high risk).
Both of which are perfectly valid reasons *not* to
run as root. To me having to assume root temporarily
to do system tasks automatically raises my alertness
to my own activities, and makes me think twice before
I press enter. And by the way: I did "byte myself"
with and rm -rf / once in the "early days", not looking
at the screen and having missed the fact that my capslock
was on and my tab-expansion for the /install directory
hadn't worked. :}
Hopefully, I'm seriously on this. In a distro like Slackware, where every other command is "./configure && make && make install", I can understand why someone would run as root fulltime.
Try another distro flavor. I'm not suggesting one in specific, but just try anything not Slack-based. There are much better package managers out there. By not exploring your options, you only hurt yourself.
Hopefully, I'm seriously on this. In a distro like Slackware, where every other command is "./configure && make && make install", I can understand why someone would run as root fulltime.
Try another distro flavor. I'm not suggesting one in specific, but just try anything not Slack-based. There are much better package managers out there. By not exploring your options, you only hurt yourself.
visudo
tink ALL=ALL NOPASSWD: checkinstall
./configure and make don't require elevated privileges,
and just add /sbin, /usr/sbin to your path, add
checkinstall to sudoers and you're all sweet.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.