How can I disable the root account?

Hi shifter,

Why would you want to disable the root account? ie - what are you seeking to accomplish by doing so?

In UNIX/Linux you need the root account to perform various system-related tasks, such as software upgrade, kernel maintenance and user account creation.

While it's a very good idea never to run normal programs as root, and to be very careful with when you use it, I recommend that you chose a very hard-to-guess password for root, disable root login over SSH and other media, and keep your normal user for everyday use. Then, when Slackware 11.0 is released one of these days/weeks/months, you can login as root, perform the system upgrade to the latest and greatest, and afterwards resume your day-to-day tasks as your normal user login..

-Y1

I would consider this a lot before trying it. This is all at your own risk and may or may not work. Hmmm....
You could edit the password file and remove or significantly change the section that stores the password hash.
Seen this done before on redhat I think - edit /etc/passwd file change /bin/bash to /sbin/nologin or I guess you might could change it even to /dev/null???
Something else I have seen done is a empty /etc/securetty file prevents root login

Just some ideas...at your own risk!

Normally, I avoid 'me too' style posts but I'll just say me too with Yalla-One.

Don't do it, stop thinking about it.

me too cause I gotta

I don't know if it works with the root account, but you could use I know it works with other accounts, but havent tried disabling the root account... Go ahead if that's what you want (make sure to read "man passwd" before!)

I think you're right on target. He probably just wants to disable logins. I'm not a sysadmin, but I can see how that might make sense. sudo logs to /var/log/messages, so you could monitor usage.

I found some docs here... http://www.redhat.com/docs/manuals/l...rivileges.html
Some of it is RedHat specific, but there are some good ideas.

Yalla-One writes:
Why would you want to disable the root account? ie - what are you seeking to accomplish by doing so

I want to enable the root privilegies for my usual user and to disable the root account, or to reduce the root to a common system's user.
Is it a way to increase the system security..., I want to change the root directory.

I'm not sure that will increase security. By giving a normal account root's privileges and using that normal account for day to day activities, you're increasing your risk - not decreasing it.

Generally it's better to have a strong password for both accounts (root's and your normal account) and to use su or sudo to perform privileged activities.

Don't do it. You're gonna end up hosing your system. Use sudo to give access to all the system commands.

sudo man page

sudoers config file

Shifter, I think you're getting some good advice. What you're trying to do is basically the same as running everything as root. Not a great idea.

And you're being very friendly.

That's the single most stupid thing a linux user can do.
Just imagine the havoc one could cause by sitting in
Konqueror (nauseous, take your pick) and "accidentally"
moving /etc to some other place in the file-system.
You'll find yourself quite surprised not too long later ;}


Cheers,
Tink

As others have already pointed out, this is equivalent to running everything as root. Certain things can be done only by the superuser. The system cares not what name you chose to assign to the superuser but that the user id is 0. The name `root' is just the traditional, universal name used in all unix systems (redundant?), but it is just a label.

Thus what you propose to do is equivalent to running as root.

I just try to be kind. It's a character flaw.

"Don't put your hand on that element, Kid, it's a bad idea .." :}

Yep, I see how it's a flaw. ;}


Cheers,
Tink