Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Since the intro of the sudoers file my debian box has become unusable. I can not install or really do anything root(admin) related. I tried editing that stupid file and it still doesn't work. I figured I would give it one more chance before I installed windows, at least if I install windows I won't be locked out of my own system!!!!!!!!
My question is, how do I log in as root? I am done with that stupid sudoers file. I want to just log in as root and get the job done. before this fiasco the whole company was going to move to linux desktop, but now our desktop support says sudo apt-get install doesn't work anymore, and they cannot visudo because they're users aren't in the file they want to edit. I didn't think it was possible to break linux. I stand corrected!
I type root as the user name then type in the password and it tells me to pound sand "Authentication failure". I have reinstalled the OS and paid great attentions to root's user name and password, and no luck. Please don't bother with anymore suggestions concerning that stupid sudoer file. I am done with it, we just want to login as root now, we don't care about the risks, at least it will be usable.
Start from a live-CD, mount the /-partition and chroot into it. Then use the passwd command to set a new password for root.
If you need additional help with that please post back.
Since the intro of the sudoers file my debian box has become unusable. I can not install or really do anything root(admin) related. I tried editing that stupid file and it still doesn't work. I figured I would give it one more chance before I installed windows, at least if I install windows I won't be locked out of my own system!!!!!!!!
My question is, how do I log in as root? I am done with that stupid sudoers file. I want to just log in as root and get the job done. before this fiasco the whole company was going to move to linux desktop, but now our desktop support says sudo apt-get install doesn't work anymore, and they cannot visudo because they're users aren't in the file they want to edit. I didn't think it was possible to break linux. I stand corrected!
I type root as the user name then type in the password and it tells me to pound sand "Authentication failure". I have reinstalled the OS and paid great attentions to root's user name and password, and no luck. Please don't bother with anymore suggestions concerning that stupid sudoer file. I am done with it, we just want to login as root now, we don't care about the risks, at least it will be usable.
Hate to say it, but sudo is VERY widely used, and is the de-facto standard for any company who is using Linux. The only way I've seen sudo not work, is either it's not set up correctly, or it's not used correctly.
To set it up:
Log in as normal user
Enter "su - root" (essentially, 'logging in as root')
Enter 'visudo'
Put user ID's into the file to run whatever command(s)/shell(s) you see fit.
Save and exit
That's it. If a user is listed, they can run whatever commands with root-access that they're allowed to, by prefacing them with "sudo". The password they're prompted for is THEIR password, not root's. That's to prevent someone from sitting down at a terminal and banging in a command without permission. Easy to fix too, you can make sudo not prompt for a password. A simple SUDOER's file from one of my workstations:
Code:
# Host alias specifications
# User alias specifications For example, help-desk folks
User_Alias HELPDESK = chris,bob,sally
# Cmnd alias specifications
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, /usr/local/bin/tcsh, /usr/bin/rsh, /usr/local/bin/zsh
Cmnd_Alias SU = /usr/bin/su
# Defaults specification
# Prevent environment variables from influencing programs in an
# unexpected or harmful way (CVE-2005-2959, CVE-2005-4158, CVE-2006-0151)
Defaults always_set_home
Defaults env_reset
# Change env_reset to !env_reset in previous line to keep all environment variables
# Following list will no longer be necessary after this change
Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE"
# Comment out the preceding line and uncomment the following one if you need
# to use special input methods. This may allow users to compromise the root
# account if they are allowed to run commands without authentication.
#Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
# Log all commands run with SUDO to this file
Defaults logfile=/var/log/sudo
# In the default (unconfigured) configuration, sudo asks for the root password.
# This allows use of an ordinary user account for administration of a freshly
# installed system. When configuring sudo, delete the two
# following lines:
Defaults targetpw # ask for the password of the target user i.e. root
ALL ALL=(ALL) NOPASSWD: ALL # WARNING! Only use this together with 'Defaults targetpw'!
# Runas alias specification
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
# Same thing without a password
%wheel ALL=(ALL) NOPASSWD: ALL
# EXAMPLES:
# These commands run without a password. Replace username with comma-separate list of users, or define
# a user alias group above.
# <users> ALL=(ALL) NOPASSWD: /usr/bin/apt-get,/sbin/shutdown
#
# The users can ONLY run these commands, NO OTHERS; useful for help desk folks who only
# need to unlock accounts or reset passwords, not format disks or change the root password
# <users> ALL=/usr/bin/apt-get,/sbin/shutdown
# HELPDESK ALL = (ALL) NOPASSWD: /usr/sbin/usermod, /usr/sbin/useradd, /usr/sbin/passwd, !/usr/bin/passwd root, !SHELLS
#
# This user can run ALL commands...except becoming root, or getting a shell. The ! says you CAN'T
# run it. You've defined both the SU and SHELLS aliases above.
# almostsu ALL = (ALL)ALL, !SU, !SHELLS
We can easily help you with your SUDO problems..just post the sudoers file, and we can assist. If you tell us what version of Debian, and how you want to log in as root (GUI on console? via SSH? Telnet?), we can also assist. I will STRONGLY suggest that you work through whatever issue(s) you're having with sudo, since if you go to another company, you probably will be FORCED to use it.
You rock, not only did you answer the question I asked, but you also provided me the correct info on editing the sudoers file. We are up and running. We are building some graphic reports in c++ to work with flow-tools, and it was my suggestion we just go Linux for all our network monitoring boxes, and everyone started beating me over the head when they could do nothing from the GUI. We are using "sudo" and not root, as we now know how.
Once I was in as root and could run visudo, I noticed in my release of debian, as long as I made a user a member of the "sudo" group they could sudo with a password prompt for their user.
Thank again!
Scott
Last edited by scottyg123; 04-09-2013 at 08:58 AM.
You rock, not only did you answer the question I asked, but you also provided me the correct info on editing the sudoers file. We are up and running. We are building some graphic reports in c++ to work with flow-tools, and it was my suggestion we just go Linux for all our network monitoring boxes, and everyone started beating me over the head when they could do nothing from the GUI. We are using "sudo" and not root, as we now know how.
Once I was in as root and could run visudo, I noticed in my release of debian, as long as I made a user a member of the "sudo" group they could sudo with a password prompt for their user.
Thank again!
Scott
No worries, glad it helped. SUDO is the preferred way of getting root access to users, and it can be VERY granular. As such, anything outside of a basic setup can get complex, but it is one of the best tools out there. On a plus note...you'll have a log of who ran what commands, so if someone borks the system, you can let THEM fix it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
