LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Ubuntu (http://www.linuxquestions.org/questions/ubuntu-63/)
-   -   Ubuntu? no root? (http://www.linuxquestions.org/questions/ubuntu-63/ubuntu-no-root-557667/)

matesol 05-30-2007 03:07 AM

Ubuntu? no root?
 
Hi all,

I really like the idea of open Source, but I always had hardware issues. Since I'm a newbie I couldn't solve the problem myself. Since I couldn't get the distribution that I wanted to use to work with all my hardware, I couldn't learn how to do it.

Along comes Ubuntu! It's great. I installed my video card and sound card using the desktop. Wonderful! I love Ubuntu. However, Ubuntu has no "root"! I've read the documentation. Whenever you need to do something that you could normally do easily (!) when you are logged in as root, Ubuntu will prompt you for your password. Well, it doesn't work!

E.g. I downloaded some desktop wall paper into the folder /home/myusername/Desktop/. I wanted to save the file into the /usr/share/backgrounds/ folder where all the other desktop wall paper is. I can't drag and drop. Ubuntu simply says I don't have permission to do that. When I tried and view the permissions, It says I can't change them because I don't own the folder! If I could log in as "root" and do this, this would be a snap!

I did it with the command line: sudo mv filename.jpg /usr/share/backgounds and it worked fine. However my question is, should I experience this problem again or if I have to do something more complicated, isn't there a way to force Ubunto to let you drag and drop any file anywhere, like you could if you log in as "root"? Ubuntu won't let you do that. It won't let you change permissons from the desktop. I love Ubuntu and open source software, but the reason I didn't last long with other distributions was because when I tried to resolve driver issues myself, I followed instructions step by step and they never worked they way the instructions said. There was also some error message or something because I didn't have exactly the same version as the person who wrote the instructions. The whole point of having a Desktop is so that people like me, who don't know that much about command lines can use it. What's the point of not having a "root" log in capability if you have to do everything with a command line because there is no "root" log in which you can use from the desktop?

Related question: What other distribution is as (or almost as) easy as Ubuntu but lets you log in as root?


Thanks!

b0uncer 05-30-2007 03:17 AM

There is a reason (and a good one) why Ubuntu has, by default, locked root account. It's called security, and part of the reason is that Ubuntu is easy-to-use desktop distribution for people who don't know command line well. You can survive with Ubuntu without touching the command line, though personally I love using command line (it's just much more powerful for me). Now anyway, root account is locked because otherwise newbies would just "get bored because I can't delete this stupid bzImage or vmlinuz file from /boot", log in as root and be happy for a day, until they "accidentally" trashed the system or welcomed some intruders there, letting them have root privileges. Something like that. sudo, and the graphical gksudo allow you to do stuff with root privileges though you aren't logged in as root, just use your own password. That's the way to go, more secure than logging in as root and leaving the logon open.

However if you do want to open your root account, you can:
#1
Code:

sudo su -
type your password and you're in as root.
#2
Code:

sudo passwd root
type in a new root password, and now root account should be unlocked.

I don't recommend opening the account, though, if you're at all uncertain of what you should and should not do with it. System maintenance can be handled using sudo or gksudo, and the permissions of Ubuntu are already loose (if you changed them so that any user could write and read anywhere on the system, you would have lost most of your security already). And you don't have to copy the background images to the system-wide directory, you can just copy them to some directory you can access, then right-click the desktop, add a wallpaper from that directory and use it. That's not a good reason to use root account :)

If you want to access some directories where you don't have write access (like backgrounds or something), check out which group owns them. Then add your own user to that group and you should be fine. A better way than opening write privileges for everyone..

IsaacKuo 05-30-2007 08:05 AM

No, it's actually perfectly okay to open up the root account as above. Security? Come on--it is STANDARD among practically ALL *nix operating systems except for Ubuntu to have the root account enabled (but not necessarily allowed to login graphically).

Do you really want to claim that *BSD and Debian and RHEL etc aren't secure because they treat the root account in the standard fashion? Nonsense.

The way Ubuntu does things isn't completely bad, but it is nonstandard without any compelling advantages over the standard.

pixellany 05-30-2007 08:19 AM

The ONLY flaw in Ubuntu is the default disabling of root. Easy to fix---as already described---but you still wind up entering USER password for system administration chores. Makes no sense to me.

Mepis, for one, is based on Ubuntu, but without the no-root-user silliness.

Matz 05-30-2007 09:04 AM

Quote:

Originally Posted by IsaacKuo
No, it's actually perfectly okay to open up the root account as above. Security? Come on--it is STANDARD among practically ALL *nix operating systems except for Ubuntu to have the root account enabled (but not necessarily allowed to login graphically).

Do you really want to claim that *BSD and Debian and RHEL etc aren't secure because they treat the root account in the standard fashion? Nonsense.

The way Ubuntu does things isn't completely bad, but it is nonstandard without any compelling advantages over the standard.

Remember that ubuntu users are averagely less expert (and consequently less aware of security issues) than *BSD and Debian and RHEL users. I think this is the reason behind the ubuntu deviation from *nix standard, which may seem a bit paranoid.

note to ubuntu users: don't get offended by my claim, I'm using ubuntu as well, but you can't deny that a new user is highly likely to choose ubuntu as his/her first distro. This doesn't mean that ALL ubuntu users are newbies

IsaacKuo 05-30-2007 09:41 AM

The amount of "expertness" isn't relevant. The Ubuntu default security setup simply isn't more secure regardless of the "expertness" of the user.

I'm comparing to a standard security setup where gdm or kdm is simply configured to not allow root graphical login, of course.

saikee 05-30-2007 12:30 PM

I have to agree with IsaacKuo because I have altered my Kubuntu and Ubuntu to allow root log in to the desktop by editing the system configuration "allow root login" from "false" to "true".

I still login as a non-root user just to respect Ubuntu family tradition and only go for root when I need to do a big task or testing. To say it is more secure is not 100% correct because in its current form we can configure it to behave no different to any other Linux. Ubuntu family likes us to use sudo and we should do so otherwise why stick with it.

The funny thing about Ubuntu's setup is that an ordinary user can specify the root user password! It may be a bug or some sort but if the root account isn't activated then there may be no existing password to do a cross check when a new root password is introduced. This is of course makes many Ubuntu/Kubuntu users not even aware that they can work as root in the terminal mode.

reddazz 05-30-2007 12:53 PM

Moved: This thread is more suitable in the Ubuntu forum and has been moved accordingly to help your thread/question get the exposure it deserves.

Patrick K 05-30-2007 01:58 PM

Just a suggestion to the OP. You can add a "Root Browser" to the administration menu. Use
Quote:

gksu nautilus
for the command. You can call it "Root Browser", if you like. You'll have to provide your password but it will open the browser as root and you can muck around all you like, dragging and dropping, changing permissions, or what ever you want. Use with care.

Maldain 05-30-2007 02:07 PM

Actually, the root user is active in Ubuntu
 
You are just not allowed to log into it. This is kind of a picky but important distinction from a systems admin standpoint as kernal processes run under root which wouldn't happen unless the root user was an active user. You can expire a user and make it inactive and it won't be able to run any processes. In the case of the root user in Ubuntu it's just set to not allow log in but allows sudo. As has been mentioned before you can change this easily but for most people there isn't any need to change it.

Matz 05-31-2007 03:28 AM

Quote:

Originally Posted by IsaacKuo
The amount of "expertness" isn't relevant. The Ubuntu default security setup simply isn't more secure regardless of the "expertness" of the user.

I'm comparing to a standard security setup where gdm or kdm is simply configured to not allow root graphical login, of course.

It's not a matter of "expertness" but a matter of "awareness": for a new user coming from windows setup is natural to login as root, and many of them don't want and don't know how to configure gdm or kdm to not allow root graphical login. "Obliging" them to login as normal user is I know a seemingly paranoid solution, but I'm pretty sure that if it was otherwise (i.e. root graphical login allowed unless gdm or kdm is successively configured differently) there would be thousands of users regularly running their ubuntu as root through the net

IsaacKuo 05-31-2007 06:36 AM

Quote:

Originally Posted by Matz
It's not a matter of "expertness" but a matter of "awareness": for a new user coming from windows setup is natural to login as root, and many of them don't want and don't know how to configure gdm or kdm to not allow root graphical login.

Umm...the new user doesn't need to configure gdm or kdm to not allow root graphical login. That's how gdm or kdm should be configured BY DEFAULT.

For example, Debian 4.0's default install doesn't allow root graphical login, even though older versions of Debian did (which was a mistake).


All times are GMT -5. The time now is 08:55 PM.