SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Why would you want to disable the root account? ie - what are you seeking to accomplish by doing so?
In UNIX/Linux you need the root account to perform various system-related tasks, such as software upgrade, kernel maintenance and user account creation.
While it's a very good idea never to run normal programs as root, and to be very careful with when you use it, I recommend that you chose a very hard-to-guess password for root, disable root login over SSH and other media, and keep your normal user for everyday use. Then, when Slackware 11.0 is released one of these days/weeks/months, you can login as root, perform the system upgrade to the latest and greatest, and afterwards resume your day-to-day tasks as your normal user login..
I would consider this a lot before trying it. This is all at your own risk and may or may not work. Hmmm....
You could edit the password file and remove or significantly change the section that stores the password hash.
Seen this done before on redhat I think - edit /etc/passwd file change /bin/bash to /sbin/nologin or I guess you might could change it even to /dev/null???
Something else I have seen done is a empty /etc/securetty file prevents root login
I don't know if it works with the root account, but you could use
Code:
passwd -l root
I know it works with other accounts, but havent tried disabling the root account... Go ahead if that's what you want (make sure to read "man passwd" before!)
Something else I have seen done is a empty /etc/securetty file prevents root login
I think you're right on target. He probably just wants to disable logins. I'm not a sysadmin, but I can see how that might make sense. sudo logs to /var/log/messages, so you could monitor usage.
Yalla-One writes:
Why would you want to disable the root account? ie - what are you seeking to accomplish by doing so
I want to enable the root privilegies for my usual user and to disable the root account, or to reduce the root to a common system's user.
Is it a way to increase the system security..., I want to change the root directory.
I'm not sure that will increase security. By giving a normal account root's privileges and using that normal account for day to day activities, you're increasing your risk - not decreasing it.
Generally it's better to have a strong password for both accounts (root's and your normal account) and to use su or sudo to perform privileged activities.
Yalla-One writes:
Why would you want to disable the root account? ie - what are you seeking to accomplish by doing so
I want to enable the root privilegies for my usual user and to disable the root account, or to reduce the root to a common system's user.
Is it a way to increase the system security..., I want to change the root directory.
Don't do it. You're gonna end up hosing your system. Use sudo to give access to all the system commands.
Shifter, I think you're getting some good advice. What you're trying to do is basically the same as running everything as root. Not a great idea.
And you're being very friendly.
That's the single most stupid thing a linux user can do.
Just imagine the havoc one could cause by sitting in
Konqueror (nauseous, take your pick) and "accidentally"
moving /etc to some other place in the file-system.
You'll find yourself quite surprised not too long later ;}
Yalla-One writes:
Why would you want to disable the root account? ie - what are you seeking to accomplish by doing so
I want to enable the root privilegies for my usual user and to disable the root account, or to reduce the root to a common system's user.
Is it a way to increase the system security..., I want to change the root directory.
As others have already pointed out, this is equivalent to running everything as root. Certain things can be done only by the superuser. The system cares not what name you chose to assign to the superuser but that the user id is 0. The name `root' is just the traditional, universal name used in all unix systems (redundant?), but it is just a label.
Thus what you propose to do is equivalent to running as root.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.