Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Hi, My name is Hal, and I was playing around with my inittab file on dapper. I was trying to make ubuntu start from a text login as a default. So I set the starting runlevel to "1," and ubuntu then had problems booting up it would give the "sending the term signal message" while booting up. I'm not sure why this happened, but it is not why I posted. In order to fix the problem I decided to boot up from my new dsl partition on my new thumbdrive. The thing is that it was very easy for me to mount my main internal partition and edit inittab, and it is unnerving how easy it was to manipulate my filesystem. Is there some security fix so that this is not possible? Thanks, Hal
Hi. I'm not sure if there's anything you could do with linux other than encrypt the whole hard disk,but you could try disabling the option to boot from usb and cd in your bios.After disabling those,you could set a bios password. This is a problem with any computer,regardless of the os. For example,someone can easily go up to a windows box,insert a live cd,and get the password hashes within 30 seconds. The same could go for linux. Some companies even go so far as to epoxy the usb ports or just use thin clients that don't have any cd/usb drives.
JAKK is right. However, no software based security measures can prevent someone from opening the case and just taking out the hard drive unless you have a top of the line case with a locking mechanism. Even then the attacker can just take the entire machine. Likewise BIOS passwords can be reset (usually by disconnecting the motherboard battery, but it takes time to work). This is why companies generally keep servers in locked rooms with security guards.
BTW, 1 is generally the single user mode runlevel. You probably wanted runlevel 2.
Yeah I guess it is ridiculous to try and find ways to secure a computer once someone is given physical access. Still a bios password creates an extra layer for someone to get through. It was set at runlevel 2(multi user) as a default, and I read that if i wanted to begin from a non-graphical login to set the runlevel to 1 or single user. Im not doing this for any particular reason I'm just trying to finally break out of the noob stage of linux and get a feel for the linux universe. Thanks, Hal
Not related to the security question, but run level 1 is a single user mode (as you mentioned) and not a multi user text login.
Single user mode is for maintenance. It will usually not give you a fully functional system. I think what you want is a multi user text login.
I don't have dapper drake at hand at the moment, but noticed after installation of it that multiuser text login is indeed missing (did not look at it further).
You might have to dig into the startup directories (/etc/rc...) and modify one of them so it does not start X to get a 'normal' system.