Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
First of all, you will need to find out where the local partition(s) are. Toms should have fdisk on there, so type fdisk -l and take a peek. When you know which partitions are which, mount them somewhere like /mnt, so you would:
mkdir /mnt/etc
mount /dev/hdX -t ext2 /mnt/etc. You can then edit the file. At this stage, you might not need to fiddle with chrooting to it - it may be enough just to edit the file, save and reboot.
HTH
Ooops, forgot to mention: hdX is only for ide disks. If it's a scsi disk, then use /dev/sdX.
It sounds very much like poor Cruella inherited a box set up by someone else who 'hardened' it by removing (deleting the passwd entry) root.
If the box is never going to be touched, and the person who set it up actually *tells* someone so they can recover it when she leaves / gets hit by a bus this isn't such a bad idea. It stops allsorts of silly mistakes / script kiddies when they can't get root
I now think it is a very good security measure, I mean, for a server that isn't supposed to change configuration TOO often. Anyway, if you have acces to the box (I mean, not a remote acces) you can do pretty much anything. So remving root is a good hint, I'll keep that in mind.
Anyway, you could create another user and add it to root's group and set the /etc/passwd modes to 770 (rwxrwx---) and so you can always re-add root without haviong to boot from a tom's RB or in Single User mode.
well, you saw him being able to put the root users again...just with a boot disk. How good of a security is that?...
the fact is that there is no such thing as a "secure" computer as long as someone has access to it via internet or has physical access to the computer.
So doing this...is more of an annoying thing to do than a "secure" thing to do..like some of you pointed out.
Ok, then change root's name, that isn't annoying and it helpes. The fact is that there are levels of security, and it is MUCH easyer to change root password havinf phisical acces to the computer than to do it from a remote computer. You know, because you CAN'T boot from a root boot and run passwd. You actually have to know many many things, and there are no much people who do. (comparing to the ones who don't know, obviously)
Ok, If it is a server that does not need backup (or it has a cron job for it)and does not need to be administrated constantley it perhaps would be a good protection. Anyway, I think it's too much, with a good firewall and a good AV you shoul have absolutley no problems with your box.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.