LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-29-2004, 10:59 AM   #1
trees
Member
 
Registered: Dec 2003
Location: Earth... I think!?
Distribution: Debian
Posts: 32

Rep: Reputation: 15
knoppix gives root access at diskcheck


Greetings,
I've installed Knoppix from the cd (knx-hdinstall) on the hard drive and when the system wasn't shut down properly, it does a disk check..(ext3fs). But after doing so, it gives root access for maintainance without asking for a password.

help plz
Thanks
 
Old 01-29-2004, 11:39 AM   #2
jailbait
Guru
 
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Debian Wheezy, Debian Jessie
Posts: 7,554

Rep: Reputation: 182Reputation: 182
"I've installed Knoppix from the cd (knx-hdinstall) on the hard drive and when the system wasn't shut down properly, it does a disk check..(ext3fs). But after doing so, it gives root access for maintainance without asking for a password."

This behavior means that Knoppix is not sure that the hard drive partitions are OK. The thing to do when it gives you root access like that (it is called failsafe mode) is to run fsck.ext3 or whichever fsck is appropriate against every hard drive Linux partition. After everything is clean then reboot with the shutdown command (shutdown -r now) and everything should be OK.

___________________________________
Be prepared. Create a LifeBoat CD.
http://users.rcn.com/srstites/LifeBo...home.page.html

Steve Stites

Last edited by jailbait; 01-29-2004 at 11:40 AM.
 
Old 01-29-2004, 12:33 PM   #3
trees
Member
 
Registered: Dec 2003
Location: Earth... I think!?
Distribution: Debian
Posts: 32

Original Poster
Rep: Reputation: 15
I guess my question is how to make it ask for root password for maintainance, the computer is in a semi-public place
Thanks
 
Old 01-29-2004, 04:04 PM   #4
jailbait
Guru
 
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Debian Wheezy, Debian Jessie
Posts: 7,554

Rep: Reputation: 182Reputation: 182
"I guess my question is how to make it ask for root password for maintainance"

I guess that you will have to change the failsafe script to do something else.

There is a table called /etc/initab which describes what script to run for each run level. This varies some from one distribution to another. In my /etc/initab failsafe mode is called single user mode and is defined as run level 1. Here is the appropriate section in my /etc/initab:

# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
#
id:5:initdefault:

# System initialization.
si::sysinit:/etc/rc.d/rc.sysinit

l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6

This says that whenever Linux decides to go into run level 1 (failsafe) to run a script called /etc/rc.d/rc 1. You could change your initab to run your own script when Linux goes into failsafe mode.

So what should your failsafe mode script look like? You want to create a version of failsafe that requires a password to login. That is possible. Another possibility is to create a script that handles the error automatically. This script would run the appropriate fsck command against each Linux partition, I suggest that you run fsck with the -p option so that fsck does not ask the user any questions, just goes ahead and does its thing. After the script has done the fsck commands then it issues: shutdown -r now

___________________________________
Be prepared. Create a LifeBoat CD.
http://users.rcn.com/srstites/LifeBo...home.page.html

Steve Stites
 
Old 02-02-2004, 11:18 AM   #5
trees
Member
 
Registered: Dec 2003
Location: Earth... I think!?
Distribution: Debian
Posts: 32

Original Poster
Rep: Reputation: 15
In my /etc/inittab there is a line - "What to do in Single User Mode"
Is that the one that I should edit?

This is that line on this computer:
# What to do in single-user mode.
~~:S:respawn:/bin/bash -login >/dev/tty1 2>&1 </dev/tty1

This is the line on another one of our machines in /etc/inittab
# What to do in single-user mode.
~~:S:wait:/sbin/sulogin

Here's that part of /etc/inittab:
-------------------------------------------------------------------------------------
# /etc/inittab: init(8) configuration.
# $Id: inittab,v 1.9 2001/05/31 10:37:50 knopper Exp $

# The default runlevel.
id:5:initdefault:

# Boot-time system configuration/initialization script.
# This is run first except when booting in emergency (-b) mode.
si::sysinit:/etc/init.d/rcS

# What to do in single-user mode.
~~:S:respawn:/bin/bash -login >/dev/tty1 2>&1 </dev/tty1

# /etc/init.d executes the S and K scripts upon change
# of runlevel.
#
# Runlevel 0 is halt.
# Runlevel 1 is single-user.
# Runlevels 2-5 are multi-user.
# Runlevel 6 is reboot.

l0:0:wait:/etc/init.d/rc 0
l1:1:wait:/etc/init.d/rc 1
l2:2:wait:/etc/init.d/rc 2
l3:3:wait:/etc/init.d/rc 3
l4:4:wait:/etc/init.d/rc 4
l5:5:wait:/etc/init.d/rc 5
l6:6:wait:/etc/init.d/rc 6
-----------------------------------------------------------------------
 
Old 02-02-2004, 12:58 PM   #6
jailbait
Guru
 
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Debian Wheezy, Debian Jessie
Posts: 7,554

Rep: Reputation: 182Reputation: 182
"In my /etc/inittab there is a line - "What to do in Single User Mode"
Is that the one that I should edit?"

Actually, I am not sure which of two line is the one that you should edit. The two possibilities are:

# What to do in single-user mode.
~~:S:respawn:/bin/bash -login >/dev/tty1 2>&1 </dev/tty1

l1:1:wait:/etc/init.d/rc 1

Looking at the two lines, I think that the first one gives you a login with a password prompt and the second one probably gives you a login without a password prompt. You could experiment on a machine on which you can tolerate the occasional crash.

-----------------------
Steve Stites
 
Old 02-03-2004, 01:29 PM   #7
trees
Member
 
Registered: Dec 2003
Location: Earth... I think!?
Distribution: Debian
Posts: 32

Original Poster
Rep: Reputation: 15
I'll replace the lines and see what happens next time it crashes.
Thanks for your help!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Diskcheck utility nazs Linux - General 1 08-23-2005 02:29 PM
Why can Knoppix access my Windows files!? veeruk101 Linux - Newbie 3 03-17-2005 09:40 AM
diskcheck XPediTioN Mandriva 3 03-17-2004 02:04 PM
root-access on /dev/hda with knoppix 3.3????????? pablovschby Linux - Software 4 02-12-2004 01:02 AM
Knoppix : root heartagram Debian 1 11-13-2003 07:53 AM


All times are GMT -5. The time now is 03:53 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration