LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-18-2012, 04:54 PM   #31
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839

Quote:
Originally Posted by frutago View Post
Hi,

I goggled around a bit and probably have found the easiest way to make root login available during Debian startup.
Seems to me that you have copied this from Ubuntu or a derivative. Some comments:
Quote:
Step1: Open terminal and type:

su passwd root <-- This command will allow you to create a new root password.
Not necessary, a standard debian install has already a working root account, changing the password is pointless. Besides that, the correct command would be
Code:
su -c passwd root
which is also pointless, just because you need the root password to launch su in this way. If you have it already you don't need to change it.

Quote:
Step2: Type:

su gedit /etc/gdm3/daemon.conf <-- A file daemon.conf needs editing via gedit.
Again, the correct command would be
Code:
su -c gedit /etc/gdm3/daemon.conf
Quote:
Step3: Open another file:

sudo gedit /etc/pam.d/gdm3
Here you suddenly change from su to sudo (that is why i am thinking you have copied this from Ubuntu, just changing sudo with su). Most people don't have sudo set up for their user on a standard Debian install.

But anyways, I still fail to see why anyone would want to give up the machine security by logging in as root to a GUI. I can do that by default on Slackware, but never have the need to. Any application I want to run as root can be started with su/sux/gksu/kdesu (or the sudo counterparts), so why run the entire system as root?
 
Old 03-19-2012, 02:34 PM   #32
frutago
LQ Newbie
 
Registered: Mar 2012
Posts: 2

Rep: Reputation: Disabled
Yes, Tobi, u r the best!

Well, what can I say, Tobi, your reply to my reply was the most accurate I have ever come across on the web. Kind regards!
 
Old 05-14-2012, 11:35 AM   #33
AthlonJedi
LQ Newbie
 
Registered: May 2012
Posts: 1

Rep: Reputation: Disabled
Telling someone not to login as root is the same as telling someone they shouldnt use the "Run as administrator" option under windows. While linux does not hold your hand or ask you 5000 times if you are sure you want to do something they are many legitamate reasons for logging into a linux machine as root, some of them being initial server configuration, setting up samba for the first time, and many more configuration tasks. Just because someone logs into thier system as a root user , doesnt mean they are instantly gonna start a spam server or a ddos attack, Besideds the best way to learn what you should NOT do as root is to jump right in an start making mistakes you learn from. Seriously, you people need to step back from panic mode and see things as they truly are.
 
Old 05-14-2012, 11:46 AM   #34
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839
Perhaps you should re-read the thread. No one says that you shouldn't log in as root. this thread is about logging in to the GUI as root.
Quote:
Telling someone not to login as root is the same as telling someone they shouldnt use the "Run as administrator" option under windows.
No, it is not. The "Runs as Administrator" function is the same as using su/sux/sudo/gksu(do)/kdesu(do). It does not automatically elevate the whole GUI to run with root privileges.

Quote:
While linux does not hold your hand or ask you 5000 times if you are sure you want to do something they are many legitamate reasons for logging into a linux machine as root,
Agreed, but there is not one legitimate reason to log into the GUI as root.

Quote:
some of them being initial server configuration, setting up samba for the first time, and many more configuration tasks
None of them needs a GUI, so irrelevant to this thread. Even if you run a GUI on your server for what reason ever you can easily use su/sudo for these tasks.

Quote:
Just because someone logs into thier system as a root user , doesnt mean they are instantly gonna start a spam server or a ddos attack
No one has said something like that, again, the topic is logging in as root to a GUI.

Quote:
Besideds the best way to learn what you should NOT do as root is to jump right in an start making mistakes you learn from.
So getting compromised because of surfing the net as root gives you a learning experience?

Quote:
Seriously, you people need to step back from panic mode and see things as they truly are.
We do. We truly don't want our servers DDOSed or brute-forced by compromised machines, we truly don't want our mail accounts to be flooded with spam, just because someone advocates wrong behavior. There is no excuse and no need logging in to a GUI as root on a machine connected to the net.

Last edited by TobiSGD; 05-14-2012 at 11:48 AM.
 
Old 09-06-2012, 07:20 AM   #35
CraziestOzzy
LQ Newbie
 
Registered: Sep 2012
Posts: 2

Rep: Reputation: Disabled
Quote:
Originally Posted by AthlonJedi View Post
Telling someone not to login as root is the same as telling someone they shouldnt use the "Run as administrator" option under windows. While linux does not hold your hand or ask you 5000 times if you are sure you want to do something they are many legitamate reasons for logging into a linux machine as root, some of them being initial server configuration, setting up samba for the first time, and many more configuration tasks. Just because someone logs into thier system as a root user , doesnt mean they are instantly gonna start a spam server or a ddos attack, Besideds the best way to learn what you should NOT do as root is to jump right in an start making mistakes you learn from. Seriously, you people need to step back from panic mode and see things as they truly are.
Just joined this forum to have my say and agree with this guy.
This is the 21st Century. The days of DOS, BASIC are long gone and I must say, the current trend of forcing users to use a Linux Terminal window to perform basic tasks (tasks that a WIndows user takes for granted under a GUI) is not going to win over the zillions of Windows users wanting an alternative to a Bill GAtes sponsored OS.
I too remember years ago that using LInux, I had a CHOICE to login as either ROOT or as a general USER.
IT seems that this basic right to freedom has been removed by current distros. I have only in the last few days, returned to using LInux...having heard it is much more stable and operates in a friendly GUI. How wrong was I.
THe Terminal is a relict of the Stone-Age and should remain there.
I grant that WIndows OS has an equilavent in the Command WIndow with a DOS prompt...but I have yet to see a WIndows user resort to using the Command Window to configure registry settings and adjust .inf files to taste. I don't have the time to decipher or figure out what code to use and type correctly in a Terminal window, just so I can change a simple setting.
I also don't see people using a Terminal on their Iphones, Ipads or touch-screen tv's to make changes...it's all GUI people.
MY computer is for my own use, I will use it how I see fit. I also make back-ups of an OS before I make changes...and yes, I am using a LInux distro and have been in the last few days.
I was about to throw in the towel and grovel back to WIndows as I have not the time to stuff around with a Terminal and codes to perform basic tasks in setting up my PC ...because I was not an administrator of my OWN computer. THe amount of times I had to enter a password to do something was totally ridiculous.
So I searched and searched and searched - did I say SEARCHED - for a solution on how to login as administrator on my own LInux system while USING a GUI to perform basic tasks and NOT have to type in a password, type in code, know what code to type etc etc.
You can imagine my joy at having found a solution to retaining the right of logging into a GUI as ROOT, a right removed from Linux users of today, a right that LInux users of yester-year used to enjoy.
...and by the way, if my using a LInux distro as ROOT today and from home will infect your computer with spam and what-not while I am connected to the internet...it's time to change OS people.
AND as a side note...if I was to use the internet, I will not be logging in as ROOT and connecting to the internet. I have the choice to protect my system and login as a general user with restricted privelages. I also have a choice to login as root with my LAN physically disconnected, make changes as root under a GUI and then logout and login as general user to watch porn or what have you.
I have the choice because I had to fight for it.
ANd for anyone using Fedora and respective spins, this is how I gave myself the option of logging in as root or as a restricted user...and yeah, had to use a Terminal...the irony of it all


[xxxxxxx@Home ~]$ su
Password:
[root@Home xxxxxxx]# cd /etc/pam.d/
[root@Home pam.d]# sudo gedit gdm-password
[root@Home pam.d]# exit
exit
[xxxxxxx@Home ~]$

*** when you have the gdm-password file open in your text editor, "save as" a copy within the gedit text editor (goto File tab and select "Save As") before you edit the original, I named mine gdm-password.BAK
A copy is good insurance if you want to revert back to a more LInux controlled desktop.
Now THIS is what you edit...
simply delete the line that has:

auth required pam_succeed_if.so user != root quiet

Then save the file, replacing the original.

Now logout of your desktop and when logging back in, select another user, type in root as the username and then type in the password as normal.
 
Old 09-06-2012, 12:07 PM   #36
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839
Quote:
Originally Posted by CraziestOzzy View Post
The days of DOS, BASIC are long gone and I must say, the current trend of forcing users to use a Linux Terminal window to perform basic tasks (tasks that a WIndows user takes for granted under a GUI) is not going to win over the zillions of Windows users wanting an alternative to a Bill GAtes sponsored OS.
Currently the trend on the beginner-friendly distros is to remove the need for using the terminal. Have a look at Ubuntu, Mint or PCLinuxOS, they have a GUI dialog for everything and you don't need to start a terminal.

Quote:
I too remember years ago that using LInux, I had a CHOICE to login as either ROOT or as a general USER.
IT seems that this basic right to freedom has been removed by current distros.
And as you found out it is easy for the somewhat experienced to activate it again. It is deactivated by default just because more people switch to Linux that still have Windows mindset and think it is actually a good idea to do everything as root (which is not a good idea at all), because they are used to it from their Windows installs with a horrible security concept.

Quote:
THe Terminal is a relict of the Stone-Age and should remain there.
Fire is also a relict of the Stone Age. So would you abandon fire because it is old or would you agree that fire, like the terminal, is a powerful tool that can be very useful in the right hands?

Quote:
I grant that WIndows OS has an equilavent in the Command WIndow with a DOS prompt
Which was replaced in the last Windows versions with a much more powerful version. What does that say about the usefulness of the terminal?
Quote:
..but I have yet to see a WIndows user resort to using the Command Window to configure registry settings and adjust .inf files to taste.
I have to see a Windows user at all (I mean the mythical "average user") editing registry settings and INF-files. I have done that back in my Windows days, but I also used command-line tools and I wouldn't consider me to be an "average user".
Quote:
I don't have the time to decipher or figure out what code to use and type correctly in a Terminal window, just so I can change a simple setting.
As said already above, choose the right distribution and you don't have to. But you can if you want.
Quote:
MY computer is for my own use, I will use it how I see fit. I also make back-ups of an OS before I make changes...and yes, I am using a LInux distro and have been in the last few days.
Of course it is your computer. Do anything what you want with it. As long as you don't endanger other systems or are simply annoying other people.
Quote:
I was about to throw in the towel and grovel back to WIndows as I have not the time to stuff around with a Terminal and codes to perform basic tasks in setting up my PC ...because I was not an administrator of my OWN computer.
Here we have the evidence that you have problems to grasp the security concept of Linux/Unix (and nowadays even Windows). You are the administrator of your own system. That doesn't mean that you have to be logged in always as administrator.
Analogy: Just because your car can speed up to 100mp/h that doesn't mean that you do it all the time, even in the city or near schools or kindergartens. Why? Because you know of the implications for such an action. There are also implications for running the system as root all the time, many of them already laid out in this thread.
Quote:
THe amount of times I had to enter a password to do something was totally ridiculous.
Use something like KWallet or the GNOME keyring and you don't have to, it gets down to a single click, like Windows' UAC.
Quote:
You can imagine my joy at having found a solution to retaining the right of logging into a GUI as ROOT, a right removed from Linux users of today, a right that LInux users of yester-year used to enjoy.
A right that the Linux user only had at all because yester-years the average Linux user was more educated than most of the newer users. Most people that change to Linux (or at least have a look at it) do so because they either have older computers and don't want (or are able to) upgrade to a newer version than XP or because they are annoyed about all the malware. Both user groups mostly come with the mindset that I call "the Windows mindset": run everything as root, refuse to ever type in a password, swap security for convenience.
Why do you think the amount of malware on Windows computers is such high? Is it because Windows is so crappy or because Windows users are uneducated about security?
I can assure you that I had not one virus or other malware on my Vista install since I last re-installed it (about a 10 months ago, due to a new SSD in the machine), because I know how to keep a machine secure.
Quote:
..and by the way, if my using a LInux distro as ROOT today and from home will infect your computer with spam and what-not while I am connected to the internet...it's time to change OS people.
Either you are a troll or you don't know how e-mail works. If your computer sends spam to other mail accounts, why should those users change their OS? If your computer is compromised and tries to break into other computers, the other users should change their OS? Would you also demand that the laws have to be changed if you are arrested because your compromised computer is used for hosting child porn or other illegal material?
Seems to be a strange attitude to me.
Quote:
AND as a side note...if I was to use the internet, I will not be logging in as ROOT and connecting to the internet. I have the choice to protect my system and login as a general user with restricted privelages. I also have a choice to login as root with my LAN physically disconnected, make changes as root under a GUI and then logout and login as general user to watch porn or what have you.
Of course. And if you stumble over a problem when configuring things you will logout from root, connect the network, login as normal user, search for a solution, logout again, disconnect the network, log in as root again and try the solution you have found. If it doesn't work you do the whole cycle again. Weren't it to inconvenient for you to type in a password? How long do you think you will do something like that? Humans are lazy, there will be the point where you think "Come on, I will do it this one time and nothing will happen!", the point at which your system is potentially compromised.

Quote:
I have the choice because I had to fight for it.
Changing an option is hardly a fight.
Quote:
ANd for anyone using Fedora and respective spins, this is how I gave myself the option of logging in as root or as a restricted user...and yeah, had to use a Terminal...the irony of it all
The irony is: You could just have navigated to the file with Nautilus (or whatever file-manager you use, almost any allow this), do a right-click on it and just choose "edit as root".
Again, no need for the terminal.
Quote:
[xxxxxxx@Home ~]$ su
Password:
[root@Home xxxxxxx]# cd /etc/pam.d/
[root@Home pam.d]# sudo gedit gdm-password
[root@Home pam.d]# exit
exit
[xxxxxxx@Home ~]$
There is no point in using sudo when you are already root. Another hint that there may be a lack of understanding of the Linux/Unix security concept.

It remains as it is: It is not in any way necessary or recommended to log into the GUI as root, especially on the more beginner friendly distros (which Fedora by the way is not).

Last edited by TobiSGD; 09-06-2012 at 06:26 PM.
 
1 members found this post helpful.
Old 09-06-2012, 06:08 PM   #37
CraziestOzzy
LQ Newbie
 
Registered: Sep 2012
Posts: 2

Rep: Reputation: Disabled


...I won't go there...lol
THanks for your alternative view.
Be good

 
Old 04-06-2013, 04:00 AM   #38
godoten
Member
 
Registered: Dec 2010
Posts: 36

Rep: Reputation: 0
Wink [I have found by far easier way to login as root by accident.]

Dear Friends,
[I have found by far easier way to login as root by accident.]

As the way I could login as root does not work with late Debian6 installation so I had given up. But what I do not like is the graphic-login, so I just deleted "S20gdm3" from /etc/rc2.d/* leaving /etc/inittab "#fefault runlevel" as "id:2:initdefault" as it was. My guess was right, it stopped for the console login:. I just tried login as root at there instead of loging in as user. To my surprise, I could login as root. 'startx' got me to root desktop. This is the by far easier way. I am reporting this to fellow novice friends who wanted play as root user on Debian6. What we did not want was the "gdm". That was all!

So what you have to do was only to delete(keep in somewhere to backup) a link-file "@S20gdm3" from /etc/rc2.d/ directory. And at the console mode login: just login as root with your root password. Then with the command startx get to the root desktop.

Happy messing about
,---godoten
 
Old 04-06-2013, 09:24 AM   #39
bloody
Member
 
Registered: Feb 2013
Location: Berlin
Distribution: Gentoo, Debian
Posts: 172

Rep: Reputation: 25
The point most others are usually making when they say "don't" is not just that it basically does away with all security, but also that it is usually 100% unnecessary to login as root to the desktop. Of course it's possible, but you need to know which login manager is used so that thing can be configured properly to allow root logins.

Logging in as non-root user still allows you to do anything you want, using commands like sudo/gksudo etc., without giving any other program full root access, but only to those programs you explicitly grant that kind of access.

Synaptic: if not already installed, you can easily do that by opening a root terminal, or by opening a regular terminal and then running "su" or "sudo bash -login" and then:

apt-get install synaptic

Voila, Synaptic installed. Also works that way on *buntu by the way, as it's derived from Debian.
 
Old 04-06-2013, 10:12 AM   #40
Randicus Draco Albus
Senior Member
 
Registered: May 2011
Location: Hiding somewhere on planet Earth.
Distribution: OpenBSD
Posts: 1,651
Blog Entries: 8

Rep: Reputation: 580Reputation: 580Reputation: 580Reputation: 580Reputation: 580Reputation: 580
Quote:
Originally Posted by godoten View Post
I am reporting this to fellow novice friends who wanted play as root user on Debian6.
Great idea. Help idiots who want to screw up their computers and possibly others' as well.
We would not want to help novices learn how to use their systems and stop being novices, would we? No. That would make too much sense. Using a powerful tool requires knowledge of how to use it. Giving people a weapon they do not know how to use is such a good idea. Thank you for sharing.
 
Old 04-06-2013, 10:55 AM   #41
bloody
Member
 
Registered: Feb 2013
Location: Berlin
Distribution: Gentoo, Debian
Posts: 172

Rep: Reputation: 25
Quote:
Originally Posted by Randicus Draco Albus View Post
Great idea. Help idiots who want to screw up their computers and possibly others' as well.
If that's what they want, let them. Warn them that it's unneeded, breaches security and that over time they will eventually come to agree with all the others, but if they won't listen for now, then let them screw up their systems. There is no better way to learn than from one's own mistakes..
 
Old 06-07-2013, 03:21 AM   #42
gryphonB
LQ Newbie
 
Registered: Jun 2013
Posts: 1

Rep: Reputation: Disabled
I am new to Linux (So new!) and here's what I got:
Debian doesn't ship firmware for my WiFi because it's not free (speech) so no web access
To get it I need to install a package, but the only installed user is not in the sudoers list & can't install.
I can't log in a terminal as root (not in sudoers)
I can't log in to graphics as root because it's not allowed.
I'm not even sure I'll be able to use the installation. So I may have to install again (again). And read page after page til my eyes drop out. Days are going by & I still don't know if I will have something I can use.
 
Old 06-07-2013, 05:26 AM   #43
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839Reputation: 4839
Press Ctrl+Alt+F1. This will drop you to a virtual terminal, where you can log in as root and install the packages you need.
Alternatively, log in as normal user and open a root shell, you should find something like that in the menu.
Or open a normal shell and change to root using
Code:
su -
There is no need at all for logging into the GUI as root.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
I need to log in as root in GUI (Debian) hashbangbinbash Linux - Newbie 53 10-31-2013 06:26 PM
[SOLVED] debian, root & GUI logins cabron9 Linux - Newbie 13 02-20-2011 07:51 PM
Help with using GUI as root Nei125 Linux - Newbie 6 02-25-2005 03:39 PM
SSH Lonin jperensky Linux - General 0 06-17-2003 09:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration