LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 07-02-2013, 08:52 PM   #16
chrisretusn
Member
 
Registered: Dec 2005
Location: Philippines
Distribution: Slackware
Posts: 475

Rep: Reputation: Disabled

Quote:
Originally Posted by jefro View Post
You don't need to log on to root. It is a poor practice to use. Learn proper ways.
Proper ways... love it.

In my home lan, I am currently logged in as root (two consoles) on one laptop; the first, compiling a program; the second, to monitor my free space, this compile takes a lot of space. I am also logged in as root on another laptop also compiling a program. On this desktop that I am typing on I am logged in as me. I do have a terminal session open and I am logged in as root via "su -". I did that just for the heck of it. Oh what the heck, I just Ctrl-Alt-F2'd and logged in as root on another text console.

One need not fear root. One needs to log in as root to do a lot of administrative task, how you get there matters not.*Once you have root, regardless of how you got there your can hose your machine.

Edit: I also use the same password for root and my user login on my home lan. At the office never.

Last edited by chrisretusn; 07-02-2013 at 08:54 PM.
 
1 members found this post helpful.
Old 07-02-2013, 09:02 PM   #17
John VV
Guru
 
Registered: Aug 2005
Posts: 12,840

Rep: Reputation: 1709Reputation: 1709Reputation: 1709Reputation: 1709Reputation: 1709Reputation: 1709Reputation: 1709Reputation: 1709Reputation: 1709Reputation: 1709Reputation: 1709
Lets get BACK to the OP's question
-- to log in as root or not login as root ,that is the question ....
is a DIFFERENT TOPIC
Quote:
know I have been told not to do it.

I want to know if you create two user root and you normal user do you need to give two different password?

Thanks

UPDATE: Could you have a file manager to be able to open it as root (Like Thunar) I think I will make things easier to administrate and anything you move or open it will open it as root.
 
Old 07-02-2013, 09:13 PM   #18
ReaperX7
Senior Member
 
Registered: Jul 2011
Distribution: LFS-SVN, FreeBSD 10.0
Posts: 3,063
Blog Entries: 15

Rep: Reputation: 769Reputation: 769Reputation: 769Reputation: 769Reputation: 769Reputation: 769Reputation: 769
I log in as root to do system maintenance, otherwise I use my power user account that has near admin level privileges.
 
Old 07-02-2013, 11:24 PM   #19
Richard Cranium
Senior Member
 
Registered: Apr 2009
Location: Carrollton, Texas
Distribution: Slackware64 14.1
Posts: 1,482

Rep: Reputation: 421Reputation: 421Reputation: 421Reputation: 421Reputation: 421
I use root to do system maintenance (which may include building packages).

Normal operations are under a non-privileged user.

It is exceedingly rare that I run a gui as root.
 
Old 07-03-2013, 12:53 AM   #20
psionl0
Member
 
Registered: Jan 2011
Distribution: slackware_64 14.0
Posts: 538
Blog Entries: 2

Rep: Reputation: 68
As long as you have a policy of logging into root only when you have things to do that only root can do I don't see a problem.

It helps if root's WM isn't too fancy since that will give you an incentive to log out of root and back in as a user when you do your user stuff.
 
Old 07-03-2013, 04:28 AM   #21
astrogeek
Senior Member
 
Registered: Oct 2008
Distribution: Slackware: 12.1, 13.1, 14.1, 64-14.1, -current, FreeBSD-10
Posts: 1,773

Rep: Reputation: 602Reputation: 602Reputation: 602Reputation: 602Reputation: 602Reputation: 602
My own attempt to return to the OP's question...

Quote:
Originally Posted by PeterUK View Post
I know I have been told not to do it.

I want to know if you create two user root and you normal user do you need to give two different password?
Whoever told you to never login as root simply does not know what the root user account is there for. It is equivalent to someone telling you to never raise the hood on your car (or bonnet for you UK types)! It is just silly, ignorant advice!

The best, and only advice is to learn why the root user account exists, then make use of that as and when it is applicable for your own purposes!

I could not find a really useful online link to point you to, unfortunately, so let me tell you in my own simplest terms why the root user exists, and I quote myself...

Quote:
Originally Posted by Myself right here

The root user can do anything at all on the system, as I am sure you know by now.

But the real reason for having such a user is so that you are then able to restrict other users from doing potentially harmful things, but still have some way to do them when they are necessary!
So the clear rule to follow is...

1. Do your normal computing tasks as a non-root, non-all-powerful user, because it keeps you out of trouble.
2. When you need to do things not allowed to non-root, non-all-powerful users, login as root or obtain root permission via sudo, to do them, with the full knowledge that you can do harm if not careful - just like working under the bonnet of your car.

There is nothing more mysterious to it than that.

So, with that perspective - should your root user have a different password? Usually, but it is entirely up to you.

Because you specifically said that you will have two users, root and a normal user I have to think that your computer is for a single user, probably yourself. If that is the case and others will not have physical access to your system, then you are probably safe enough using the same for both (I often do).

On the other hand, if other people will have access to your machine, or if you take it out in public or use it on unsecured networks - why not give root a brain-twister password just for that little extra security? It really is a very tiny inconvenience to type a few extra characters on the odd occasion!

Finally, it is possible that the person who told you to never login as root actually meant to say that you should never login as root from a graphical login (i.e., the top level form of saying to never run X applications as root), which is generally good advice.

Why? Two main reasons:

1. Because X is not secure, so when you run it as root you give it godlike power to run amok!
2. Everything that you click on with your mouse under X will also have root permission. GUI apps, games, browsers, you name it, simply are not designed with much consideration for restraint when given such power!

So when root, stay in a shell environment where you are less likely to do bad things unintentionally!

Last edited by astrogeek; 07-03-2013 at 04:39 AM.
 
Old 07-03-2013, 05:18 AM   #22
chrisretusn
Member
 
Registered: Dec 2005
Location: Philippines
Distribution: Slackware
Posts: 475

Rep: Reputation: Disabled
Quote:
Originally Posted by John VV View Post
Lets get BACK to the OP's question
-- to log in as root or not login as root ,that is the question ....
is a DIFFERENT TOPIC
It has been answered. In the second post (sans the Update to post 1). I will answer it again.

Quote:
Originally Posted by PeterUK View Post
I want to know if you create two user root and you normal user do you need to give two different password?
No you do not, you can use the same password for root and an other user(s).

Quote:
Originally Posted by PeterUK View Post
UPDATE: Could you have a file manager to be able to open it as root (Like Thunar)
Yes it is possible to do that. See here: SlackBuilds.org - rootactions_servicemenu

Last edited by chrisretusn; 07-03-2013 at 05:21 AM.
 
Old 07-03-2013, 07:49 AM   #23
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,037

Rep: Reputation: 756Reputation: 756Reputation: 756Reputation: 756Reputation: 756Reputation: 756Reputation: 756
Quote:
Originally Posted by PeterUK View Post
I know I have been told not to do it.
Sometime you need to; e.g., when a patch is for a daemon or other software that would be executing, I take the system to single user mode (init 1), apply the patch(es), then reboot (init 6), a habit (good or bad) I developed years ago.

Good idea to log in as root? Well, yes and no -- as a general practice, no (use su - from your own account), sometimes necessary but keep it down to a dull roar.
Quote:
Originally Posted by PeterUK View Post
I want to know if you create two user root and you normal user do you need to give two different password?
Really ought to have a root password and a user password that are different -- it's not a big deal, it's easy, and you just ought to do that. Doesn't matter if you're on a LAN that has no connection to the outside world, it's just a good idea.
Quote:
Originally Posted by PeterUK View Post
UPDATE: Could you have a file manager to be able to open it as root (Like Thunar) I think I will make things easier to administrate and anything you move or open it will open it as root.
Well, yeah, but it's just as easy to open a terminal and type something, isn't it? You learn more that way, too -- try to avoid click-'n'-drool, it impresses the unwashed.

Hope this helps some.
 
Old 07-03-2013, 10:33 AM   #24
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Main: Gentoo Others: What fits the task
Posts: 15,580
Blog Entries: 2

Rep: Reputation: 4037Reputation: 4037Reputation: 4037Reputation: 4037Reputation: 4037Reputation: 4037Reputation: 4037Reputation: 4037Reputation: 4037Reputation: 4037Reputation: 4037
Quote:
Originally Posted by PeterUK View Post
UPDATE: Could you have a file manager to be able to open it as root (Like Thunar) I think I will make things easier to administrate and anything you move or open it will open it as root.
Just noticed you work with Thunar. Thunar has a quite nice feature, called Custom Actions, which basically are the ability to create extensions for it. In the examples on the page I linked to you will find the custom actions "Opening a root terminal", "Opening a root Thunar" and "Editing as root". If you extend your Thunar with those (replace the gksu command with kdesu or install gksu from SlackBuilds.org) you can run your Thunar under your normal account, but if necessary use those actions.
 
Old 07-03-2013, 10:47 AM   #25
mrclisdue
Senior Member
 
Registered: Dec 2005
Distribution: Slackware -current, 14.1
Posts: 1,039

Rep: Reputation: 163Reputation: 163
Quote:
Originally Posted by tronayne View Post
Really ought to have a root password and a user password that are different -- it's not a big deal, it's easy...
Indeed, on all my personal systems, and those I set up for others, I re-use the normal user's password, and simply add 2 characters (one in front, one at the end, or two in front, or at the end, ya gettin' the drift...?)

I keep it consistent throughout my installs so I can determine the root pw if the normal user is aware of his/hers.

cheers,
 
Old 07-03-2013, 11:40 AM   #26
YellowApple
Member
 
Registered: Mar 2013
Location: Truckee, California, United States
Distribution: Slackware, openSUSE, Debian,Slackware, openSUSE, OpenBSD
Posts: 91

Rep: Reputation: 33
Quote:
Originally Posted by saulgoode View Post
Except that the attacker has no way of determining the user's password. He could change it, but that would not change the root account's.
Except that users which tend to set their root and non-root passwords as identical are also often the ones who use the same password on all their online accounts; a phishing attack would thus allow an attacker to obtain one password, attempt it for the user's machine account, and - if successful - then attempt it for root access. Not to mention dictionary attacks, keyloggers, and the like. Yes, there are numerous ways of determining the user's password. Hence why password diversification is important.
 
Old 07-03-2013, 01:08 PM   #27
PeterUK
Member
 
Registered: May 2009
Posts: 277

Original Poster
Rep: Reputation: 16
Woow we to start, I guess will be thanking everyone, lots of reply.

I will try to go one by one later and maybe give re-asked if needed.

Where I am now: I still don't like the idea to have to remember more password if I don't needed it.

That was the king of question I was looking for how people could gain my user password and then well try it as root. But I notice that the application give message "Dont run as root" so it could mean that application could hold data from my keyboard and then transmit, well it will get it when I type the root password to do something.. right? Just I dont know that much about linux as kernel level how it works so maybe there could be someone could gain access to my keyboard data, for example...

I have been logging in my X11 as root seen I am on Slackware boot but I haven't being using many programs just getting on with the minimum and trying to get used to and get programs working.

from the normal GUI which should not run as root and I have been doing it as root its only a few programs which I was not intended to do it but I had not the time to trying everything working as user-no admin privilege + plus learn about user administrator.

Also I looked at the root folder and it look like my old used folder so I thought I may have problem when I am as normal user.

I think this is a bad design! This should be the other way a around when you have using you machine as Desktop, I hate when you are at Bank and someone ask you we need to ask you some security questions, I am there what more do you want to ask for? 1000 signs of Identity or more there in front of you! Why to ask you more questions? Its the same with this issue X11 should run all application to minimal security and you give access to what is needed at maintenance time. After logging as root that is the computer should know you are the al mighty not more questions to permissions in my opining. Last months have been much better in that way, like open the terminal and have to look for a command I don't remember or the cd to move in folders. As root is very nice where ever I navigate I right click and there is my terminal to run whatever I told it to run no questions not passwords. Also I find it quite useful to keep space on the desktop what ever terminal I am not using it I am close it down so it I need to again I right click and there is it as root to carry on. Also never was easier to run a VM no need to look for permission groups and all that. I have to say I have enjoy more my slake-ware experience as X11 logging in as root. But after all that dont get me wrong I love the terminal stuff get dont very quickly and I also love shell programming I think its very powerful. I just dont like to keep typing my password several times during the day and I dont like to do everything in only one terminal and I dont want to leave a terminal open just because is the root terminal.

I could go all night here but maybe you have even stop ready, all things nagging, I will move to create my user and try all out and find a systems which will be more secure and I still can find my way around! ;-) Thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
logging in to root soltanloo Linux - General 8 09-22-2009 07:16 AM
logging in as root unklekoolaid Ubuntu 9 09-01-2006 11:10 AM
Logging on as Root Iain Wilson Linux - Newbie 7 09-16-2003 02:23 AM
Logging In as root DiabloDan Linux - Newbie 6 07-22-2003 03:00 PM
using red-carpet without logging out and logging as root. packman Linux - Software 1 12-09-2002 02:55 AM


All times are GMT -5. The time now is 09:24 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration