Or would this sacrifice security in some way?
I've been using root only, and am ready to have a seperate account now.
It's the dotfiles for GUI apps that I'm concerned about:

im not acualy sure but i belive it would be a security risk if both root and user had the same home directory. its like lets say your user pass was compromised the hacker would then have acess to the folder thats both root home and user home and all files/directories associated which is a reason why root is seperated.but why do u want them to be the same? root can acessed all directoies on the computer any ways. so if you made a user account and needed acess with root you could acess the user directory. you just couldnt acess root home dir with the user tho.

For an unprivileged user to be able to write to /root or any other user home would require that directory and files to be readable and writable by both users. Now "root" by design is not an account to ever be used for day to day tasks as it holds the keys to the castle (owns user auth, starts daemons, owns files no other users should have write access to) and it is the most "trusted" account on your machine. So as unprivileged user fscking up root (say writing to a file root then reads) could potentially lead to Interesting Things.


Whatever reason you think you had for doing that it's not valid.
That just is not the way to do things.


Copy them to some other directory, replace "root" with the unprivileged users account name in the files, then copy them to the unprivileged users directory and chmod and chown them. If that doesn't work for some files (binary contents) and results in trouble then just remember you caused this yourself.

I was thinking more like adding root and the main user to the same group (users?, NOT wheel or adm).
Then making the /home dot files & subdirectories owned by this group.
Files for root only can stay securely in /root.

How about this?

I overcame a similar problem by keeping root and the newuser directories seperate, but adding a symlink from one of root's directories to the newuser.

Good idea Clachair, but even if root owned the symlink,
can root write to the target directory's files, which are owned by the user?

Why don't you just copy or move all the dot-files and dirs, and chown them to the
normal user?

That's what I said.

Because then every configuration change in one account has to be repeated in the other account.
My text editor (leafpad), file manager (tuxcmd), and firefox only use per-user config files, not system-wide ones.

Why would you bother using GUI apps from roots account once
you transitioned?


Cheers,
Tink

I hadnt thought of that...

Sorry to be so long in getting back . . . damn clients and their deadlines!
>>Good idea Clachair, but even if root owned the symlink,
>>can root write to the target directory's files, which are owned by the user?
Yes, root can write in/to any directory files. In fact, I use a root chron job to read/write into a user's directory via a symlink every night. This stops the user from messing with the chron jobs, since the symlink doesn't show up in his directory list.
John