LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 12-06-2002, 07:30 AM   #31
Thymox
Senior Member
 
Registered: Apr 2001
Location: Plymouth, England.
Distribution: Mostly Debian based systems
Posts: 4,368

Rep: Reputation: 63

First of all, you will need to find out where the local partition(s) are. Toms should have fdisk on there, so type fdisk -l and take a peek. When you know which partitions are which, mount them somewhere like /mnt, so you would:
mkdir /mnt/etc
mount /dev/hdX -t ext2 /mnt/etc
. You can then edit the file. At this stage, you might not need to fiddle with chrooting to it - it may be enough just to edit the file, save and reboot.

HTH

Ooops, forgot to mention: hdX is only for ide disks. If it's a scsi disk, then use /dev/sdX.
 
Old 12-06-2002, 08:30 AM   #32
cruella
LQ Newbie
 
Registered: Jun 2001
Posts: 17

Original Poster
Rep: Reputation: 0
You are truly a GOD!!
Thank you so much, it worked wonderfully!!!

We're back in business.
 
Old 12-06-2002, 02:59 PM   #33
Ciccio
Member
 
Registered: Nov 2002
Location: Paraguay
Distribution: Mandrake 10
Posts: 573

Rep: Reputation: 30
so the root was manually deleted form /etc/passwd, because if it worked without creating a password it means that /etc/shadow still had the root line.
 
Old 12-06-2002, 04:07 PM   #34
SlickWilly
Member
 
Registered: Dec 2002
Posts: 327

Rep: Reputation: 30
I've seen this before.

It sounds very much like poor Cruella inherited a box set up by someone else who 'hardened' it by removing (deleting the passwd entry) root.

If the box is never going to be touched, and the person who set it up actually *tells* someone so they can recover it when she leaves / gets hit by a bus this isn't such a bad idea. It stops allsorts of silly mistakes / script kiddies when they can't get root

Slick.
 
Old 12-06-2002, 04:46 PM   #35
Ciccio
Member
 
Registered: Nov 2002
Location: Paraguay
Distribution: Mandrake 10
Posts: 573

Rep: Reputation: 30
I now think it is a very good security measure, I mean, for a server that isn't supposed to change configuration TOO often. Anyway, if you have acces to the box (I mean, not a remote acces) you can do pretty much anything. So remving root is a good hint, I'll keep that in mind.

Anyway, you could create another user and add it to root's group and set the /etc/passwd modes to 770 (rwxrwx---) and so you can always re-add root without haviong to boot from a tom's RB or in Single User mode.


RuleZ
 
Old 12-07-2002, 07:20 AM   #36
Grim Reaper
Member
 
Registered: Apr 2002
Distribution: Gentoo 2006.0 AMD64
Posts: 399

Rep: Reputation: 30
omg, thats very bloody smart. thats one of the best security measures ive seen i reckon (assuming you don't use the box often, hehe)
 
Old 12-07-2002, 11:26 AM   #37
Ciccio
Member
 
Registered: Nov 2002
Location: Paraguay
Distribution: Mandrake 10
Posts: 573

Rep: Reputation: 30
IF and ONLY IF you have ALL configured and you won't need to change anything in a very long long long time.
 
Old 12-07-2002, 11:39 AM   #38
zLinuxz
Senior Member
 
Registered: Feb 2002
Location: Shanghai, CHINA
Distribution: RH 5.0,5.1 6.0,6.1 7.0,7.1,7.2,7.3.,8.0,9.0, RH Enterprise, Fedora C1, C2
Posts: 1,216

Rep: Reputation: 45
well, you saw him being able to put the root users again...just with a boot disk. How good of a security is that?...

the fact is that there is no such thing as a "secure" computer as long as someone has access to it via internet or has physical access to the computer.

So doing this...is more of an annoying thing to do than a "secure" thing to do..like some of you pointed out.
 
Old 12-07-2002, 12:01 PM   #39
Ciccio
Member
 
Registered: Nov 2002
Location: Paraguay
Distribution: Mandrake 10
Posts: 573

Rep: Reputation: 30
Ok, then change root's name, that isn't annoying and it helpes. The fact is that there are levels of security, and it is MUCH easyer to change root password havinf phisical acces to the computer than to do it from a remote computer. You know, because you CAN'T boot from a root boot and run passwd. You actually have to know many many things, and there are no much people who do. (comparing to the ones who don't know, obviously)
 
Old 12-07-2002, 01:17 PM   #40
zLinuxz
Senior Member
 
Registered: Feb 2002
Location: Shanghai, CHINA
Distribution: RH 5.0,5.1 6.0,6.1 7.0,7.1,7.2,7.3.,8.0,9.0, RH Enterprise, Fedora C1, C2
Posts: 1,216

Rep: Reputation: 45
right, but for practical purposes, not having root, is not practical,
 
Old 12-07-2002, 07:15 PM   #41
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
You should restrict root from logging in from a remote location, but to do away with root, not so sure this is the way to go.


You really need root.
 
Old 12-07-2002, 10:30 PM   #42
Ciccio
Member
 
Registered: Nov 2002
Location: Paraguay
Distribution: Mandrake 10
Posts: 573

Rep: Reputation: 30
Ok, If it is a server that does not need backup (or it has a cron job for it)and does not need to be administrated constantley it perhaps would be a good protection. Anyway, I think it's too much, with a good firewall and a good AV you shoul have absolutley no problems with your box.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Does this exist? oneandoneis2 Linux - General 3 01-26-2005 05:46 PM
/bin/sh doesn't exist??? silv3rhat Linux - Newbie 2 12-31-2003 04:03 PM
Does this exist? WorldBuilder General 3 08-20-2003 09:28 PM
/etc/limits doesn't exist hampel Slackware 2 07-15-2003 11:26 AM
/etc/rc.d/rcX.d does not exist !!!!!!!!!!!!! safrout Linux From Scratch 6 11-10-2002 06:57 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 04:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration