Enable Root login in Fedora 16 Security Spin
 

Hello all,


I have downloaded and installed the Fedora 16 Security Spin and i am unable to login as root from the gui login.

I followed the procedure that is used to login as root in fedora 16 gnome version. but i am not able to find the similar files for Fedora 16 Security Spin

The method i followed was

configure pam authentication files gdm and gdm-password respectively for ( lxde the files are lxdm and ??).

vi /etc/pam.d/gdm //instead of gdm i configured the file lxdm
find following line

auth required pam_succeed_if.so user != root quiet

comment out by placing # at beginning to disable this check

#auth required pam_succeed_if.so user != root quiet

save and close the file.

vi /etc/pam.d/gdm.password //i was unable to find the similar file for lxde ie lxdm.password file

find following line

auth required pam_succeed_if.so user != root quiet

comment out by placing # at beginning to disable this check

#auth required pam_succeed_if.so user != root quiet

save and close the file. Now logout from terminal or GUI and relogin with root from GUI.


Can Someone Please help me to enable root login in Fedora 16 Security Spin?

Thanks in advance,
Hamerins

You DO NOT log in as root into gnome .

if you MUST login as root login in singleuser mode . ( text only )

login as your normal user and type in " su -" then the root password

I know the risks of logging in as root but most of the tasks that i do need root privilege. So rather than logging in as root or swithch user using su- or sudo, i would like to login as root.

Please let me know the alternate password file of lxde.

Thanks
Hamerins

I'd suggest using sudo if you are trying to be secure. Seems odd to use a high security OS and then use bad practices.

sudo is also not set do to security concerns
su and su - are the default


if you wish to use "sudo" then YOU need to set it up.

Sometimes we have to use su I agree. I just don't feel it should be used as a general admin or power user task.

The basic issue is the OP gets a secure distro and then starts off with what I think is a bad practice. You have pointed out that one should not log on as root in the gui.

Sudo is limited, sudo has timeout usually, sudo doesn't allow malicious code to be run in background or at least is designed to help prevent it. Being turned off by default is a good thing not a sign that the choice is dangerous. You want to decide the level of access and restrict it to the very lowest in every case. You restrict higher level access to the least amount of time in all cases and the least access needed.

Systems get hacked by bad practices as well as bad code and even bad hardware.

My favorite was leaving usb drives in a parking lot to distribute a virus.

Hello all,

I want help in the same area.

I have installed Virtual Box and when I am trying to make virtual disk , it is throughing error. I believe this is due to Less preveliges. So,

I WANT TO LOGIN AS ROOT INTO MY FEDORA 16 , IN GUI..

Please Please Please help me on this..

Regards,
Shivram.

Yuppie.. I got a clue here..

http://www.tejasbarot.com/2011/11/09...-on-fedora-16/

@Hamerins hope this helps you too. :)

Shivaram.mamindlapalli
some WARNINGS
root gui login is a very BAD practice
now besides that
Other thinge will not work right or will NOT WORK AT ALL
if you login as root into the gui the pop up asking for the root password is STILL enabled and entering the root password WILL NOT WORK

to update the system or edit some system files you WILL need to log out and log in AS a normal user
THEN enter the root password in that pop-up

that pam hack has A WHOLE LOT of unintended consequences

i do not give one "bleeping" pile of "BLEEP" about YOUR computer
you can "bleep" it up all you want
BUT
when YOUR actions threaten OTHERS by having your computer turned into a "zombie"
THEN WE CARE ABOUT OUR MACHINES
we do not want to be attacked by YOUR computer !!!!

JohnVV
As Im new to linux, just exploring the things..

Thanks for guiding me with warnings.. :)

What is wrong with these people? I really fail to understand why is it so difficult to type in the root password - the OP should use xp instead. Inspite of so many warning by so many people not to do a perticular thing the OP just goes on with his own story. And why does anyone want to log in as root so many times?

Hello All,

In my work area, we need to check the network secutity once in every month and have to find fixes for security bugs.The scripts and the tools which we run requires full root privilege. we were just testing fedora secutity spin as a host os to run the scripts. we basically use backtrack since it has more penetration testing applications. Thats why we need to run as root.

Since i was out of office for some time i was not able to continue my research with fedora. i am planning to restart my work with fedora some times this week.

@Shivaram this particular pam hack will work only for Fedora with Gnome since all the pam files that we modify are for gnome(if you are using KDE, You will have to find the alternate pam hack files for KDE). As i mentioned in my first post i was not able to find the file gdm.password or any similar kind of file for the fedora security spin since it uses lxde.

I am also having a plan to Start a security spin distro with custom kernel project, but i am confused whether to create a entirely new distro or to derive a distro from a base distro...

Well I can tell you guys that what i need..

A custome kernel like backtrack.
Most of the security applications from backtrack, Fedora security spin, Grml Live Linux, Network Security Toolkit, Pentoo.
Support for the latest hardware.
Also must contain WINE to run some windows applicaitons for cross platform testing.
it must be lightweight, Prefering e17 desktop environment.

If you guys have any distro in suggestion please let me know. i will give that distro a try..

Regards,
Hamerins.

with the problems installing just flash (requires root not su login) I will recommend AGAINST using Fedora in our shop. Gui root vs level 1 login Sounds like the politics on TV with root login = birth control same AGRUMENTS. No one will listen to reason. I just had a popup for signing a package as trusted but w/o root can't do.

Tried the pam/d hack but did NOT work.

What???

Did you see these easy instructions: http://fedoraproject.org/wiki/Flash#...g_Flash_plugin

You know I think it's great that you all warned Hamerins so thoroughly about not logging in as root, however that's not what he asked you for. Once you post the warning you should provide the solution. I don't think he was asking for a lecture on best practices, he was asking for help. Personally I had a quick check I wanted to perform by logging in as root into the gui, and then I was done. I've been administering UNIX/Linux longer than many of you could type. Logging in as root sometimes has a purpose and sometimes you want to do it from a GUI. While I understand the newer security practices, I also know that as a systems engineer sometimes you need to experiment and sometimes the default security is a pain.