LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Logging in as root. (https://www.linuxquestions.org/questions/linux-newbie-8/logging-in-as-root-90303/)

Khalinsar 09-07-2003 06:27 PM

Logging in as root.
 
Is it ok if I always log in as root and not as a common user?
I'm the only person who uses this computer so I have two accounts, one of them, the root.

Another thing: Do you recommend any good firewall for Linux?

Thanks!

enyawix 09-07-2003 06:35 PM

do not log in as root
 
if i hack u on line i become the user i hacked.

Mathieu 09-07-2003 07:22 PM

Quote:

Is it ok if I always log in as root and not as a common user
You can, but be careful what you do, especially at the command line.


Linux has a firewall sub-system called iptables which is part of Kernel 2.4

You can take a look at the documentation and tutorials on Netfilter / iptables
http://www.netfilter.org/

There are also GUIs which can help you setup iptables.
http://firestarter.sourceforge.net/
http://www.fwbuilder.org/
http://www.ipcop.org/

Pre-made scripts are also available
http://firegate.sourceforge.net/
http://www.shorewall.net/

Demonbane 09-07-2003 08:23 PM

Best not to, just do "su" whenever necessary, a simple command like "rm -rf /" as root then you're screwed.
A normal user can pretty much do anything he needs to, in most cases you only need su when you want to install applications globally or
modify system configuration, which I suppose shouldn't be something you do very often.

enyawix 09-07-2003 08:41 PM

Netfilter / iptables
 
As far ar Netfilter / iptables look into shorewall for webmin.

Netfilter / iptables can be a pain to setup i can do it in 4min with shorewall and webmin.

Khalinsar 09-07-2003 09:22 PM

I think i'd better log in as a common user.
But I have already configured the root (color schemes, mouse speed and all that). How can I make the configurations I have made on root be available for all user on the machine?

Demonbane 09-07-2003 10:46 PM

Depending on the window manager you use, the configuration files resides in different directories. These directories are usually hidden, starts with a period and stored in the home directory of the user(usually /root for root).
For kde you probably need to copy all the .kde* directories to the user's home folder, then do a chown on them, I'm not exactly sure whether kde uses other places to store them.

joseph 09-07-2003 11:33 PM

never tried to login as root, REMEMBER DO NOT LOG IN AS ROOT.
If you want to do something as root just su in the machine when you already login by another user.

I will never allow myself to login as root, i will su to root when i am already logging in.

SiZaint 09-08-2003 12:12 AM

I log in as root and use root every day, like i wana type - su every time i wana do something...... I am that lazy. :)

Porkchop 09-08-2003 02:29 AM

I was logged in as root earlier, and I tried to run an IRC application, and I got a message saying something like "This is very stupid!"...lol. What do I know, I'm a noob :)

blacksoul 09-08-2003 05:54 AM

I've heard alot of people say do not log in as root, and some put it as eloquently as ' if i hack u on line i become the user i hacked.', but I have really yet to hear a sound argument against doing so. I guess what I'm trying to ask is, what IS so wrong with logging in as root? Besides being able to really screw up a system yourself.

Khalinsar 09-08-2003 06:49 AM

Yeah, that's what I wanna know too.

Anyway, I'll try to configure the other user with the same color scheme, mouse speed and all, as root.
I hope I find those hidden files hehe :P

frogman 09-08-2003 07:47 AM

Quote:

Originally posted by blacksoul
what IS so wrong with logging in as root? Besides being able to really screw up a system yourself.
Well, if that's not a problem for you....... ;)

It's a security / time / convenience thing:

(in about that order)

1) Like enyawix said - if he hacks you as root, you need to reformat and reload your box (when / if you detect you're 0wn3d - root has access to all logs, so if he's discreet it may be a while before you notice). If he hacks you on a user account, he can't do much.
If someone needs root access, they have to know two passwords - one to logon as Khanlinsar and then another to su to root. Belt & braces. Root shouldn't be able to log on straightaway.

2) If you screw up as a user, you've just altered a few (user-specific) settings and lost a couple of files. It's easy to fix or simply remove the user / recreate the account.
Root is god, as far as linux is concerned. Especially when starting out, screwing up as root often means a reload of the whole OS, which is a pain. You spend several hours getting so far, tweak the settings to where you want them, and then the screwup sends you back to the start. :(

3) Having to "su" every time you need to change something major makes you think before you act, and possibly check the man pages "just to make sure". It takes 2 seconds to do, so it's not that big a deal.
While you're setting up the box & for occasional maintenance root is handy, but for most day-to-day stuff, you don't need root access.

If you still want to use root, at least alias "rm" to "rm -i"

nuhn123 09-08-2003 07:50 AM

Quote:

Originally posted by joseph
never tried to login as root, REMEMBER DO NOT LOG IN AS ROOT.
If you want to do something as root just su in the machine when you already login by another user.

I will never allow myself to login as root, i will su to root when i am already logging in.

what is this about sueing and logging in as root how do you log in as root im getting linux in a few days and I was wondering.

frogman 09-08-2003 08:11 AM

Quote:

Originally posted by nuhn123
what is this about sueing and logging in as root how do you log in as root im getting linux in a few days and I was wondering.
"su" -switch user. Enter it at a terminal prompt to switch from one user to the other: i.e

frogman@mybox$: su
Password: *********
root@mybox#:

su defaults to root.

if I wanted to switch to Joe's account I'd enter:

frogman@mybox$: su joe
Password: *********
joe@mybox$:

"root" is the linux superuser, same as "administrator" in Windows. If you're root you can do anything. Generally you logon as root to do system maintenance, but do everyday stuff in a normal user account (frogman).

While you're waiting for Linux, you might want to have a look here - www.tldp.org - lots of useful stuff.

ash4stuff 09-08-2003 09:26 AM

Lets say you want to use emacs to edit a file, like the /etc/fstab, where you need root permissions to edit. in a terminal:

$ su root
$ password: verysecurepassword :D
$ emacs /etc/fstab

*after editing
$ exit

your back to your user.

lets say your in gnome and want to open nautilus, do some stuff but need root permissions.

commandline:
su root
password
nautilus & (the & is to make the new window "independent" it will not close when you close the console window)

and voila! you have a nautilus window with root permissions. want to run mozilla with root permissions, the same, (i dont see any reason to do so... just an example) In these examples only the new window i opened as root have root permissions, all the others stay the same. (at least in my debian woody, gnome -t unstable :D ) This is not windows where to do admin stuff you have to logout a user and login as admin. A single window in gnome can have different rights as others. And this is not like windows that will not allow you when you are about to do something stupid. As stated before, root = god in linux. I am also new to linux and this is one of the reasons why linux is so powerful.

There are several reasons why you dont want to work as root, if an exploit or virus (yes, there are also viruses, worms and trojans that can work under linux), gets into your sistem, you are very safe as long as you DONT work as root. And it is easier to mess something up as you might think, specially if your used to having a "MS babysitter".

for more info on viruses: http://www.securityfocus.com/infocus/1695

Tenover 09-08-2003 10:47 AM

Are there any keystroke logging-type viruses that work under Linux that can get the root password from logging your keystrokes when you "su"?

joseph 09-08-2003 08:27 PM

Quote:

Originally posted by nuhn123
what is this about sueing and logging in as root how do you log in as root im getting linux in a few days and I was wondering.
Do you know, when you log in as root in usually work is like you are loging in with time bomb in your hand, when you do something careless, the bomb in your hand will explode anytime, and it can damege all of your stuff. So like when you login as root, you are the king of the king, you have all time bomb in your hand.

Root is the SUPERUSER like an administrator in WINDOWS.
Log in as root when you want to do system maintenance but ofcourse you SU in the machine or never log in as root.

if you already login as another user just type in the prompt

su
xxxxxxxxxxx(your Password)

ash4stuff 09-09-2003 02:54 AM

As far as i know there are very little viruses for linux, no keystrokeloggin that i am aware of. But I think it would be very hard, a virus like that would only work if it had root priveleges to alter sistem files for the keystroke logging. So if there were such a virus, it would only work if you execute it if you as root!

Never work as root, and very important, root should NEVER get external emails, and never read emails as root!

Root as said only for administrative work... Its not that much work just to type in su root and a password when you need something special, you dont have to logout and in again... linux is a multiuser system!

blacksoul 09-09-2003 10:10 PM

Okay, so I'm going to quit using root as my main account, one question though. Is there a way to switch all my settings/preferences? I tried copying all my .kde directories and .qt and .mplayer, etc, chown'd them to the correct user/group and tried restarting kde as the other user and it wouldn't get past the first part of the kde startup. :( Are there any .directories that I _shouldn't_ move over to the other user?

Thanks for all the information anyhow. :D

Khalinsar 09-10-2003 06:37 AM

That's the same thing I wanna know.
I tryed copying too and it didn't work.

nuhn123 09-10-2003 07:06 AM

how do know
 
how do I know IM logged in as root in gnome

ash4stuff 09-15-2003 03:13 AM

to know how whats the userid of the person who is currently logged on, you can open a console window and type:

whoami

and it responds with the user in question.

and i think with the command "who" you can see all the users that are logged on.

But in gnome there is normally a link to your home, and if you are root its says: roots home. At least on my gnome.

ashley


All times are GMT -5. The time now is 11:37 AM.