LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-06-2011, 10:57 AM   #1
rjs024
LQ Newbie
 
Registered: Jul 2011
Posts: 1

Rep: Reputation: Disabled
Root password privilege


Need root password to install Lexmark S205 AIO on Zorin 5 Ultimate. Can't access. Need a work around the root to install. Other laser AIO printer installed without root password popping up. Tried using Live Install CD for Zorin to no avail. I reinstalled Mint 11 alongside Zorin - everything installed without a hitch-AIO S205 included. I like Zorin's custom ability, but if I can't use all my hardware, it's going. Any suggestions to a work around this "root" authorization?? My password in Mint 11 is the same as in Zorin.

Last edited by rjs024; 12-14-2011 at 11:07 AM.
 
Old 12-06-2011, 11:06 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975
we don't know your root password, you will have set it at install time IF you are using a distribution that requires this. If you are using Ubuntu variants then there is no root password to know, and you would gain root access via "sudo".
 
Old 02-01-2012, 07:40 PM   #3
mreff555
Member
 
Registered: Sep 2011
Location: Philly
Distribution: Gentoo
Posts: 473

Rep: Reputation: Disabled
You can set a root password in ubuntu and other platforms that exclusively use sudo by typing

"sudo su"

then enter your password

That will get you in to root. Then set the root password

"passwd"
 
Old 02-02-2012, 04:11 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975
Quote:
Originally Posted by mreff555 View Post
You can set a root password in ubuntu and other platforms that exclusively use sudo by typing

"sudo su"

then enter your password

That will get you in to root. Then set the root password

"passwd"
Regardless of it being possible, you should NOT set one.
 
Old 02-02-2012, 04:20 AM   #5
cynwulf
Senior Member
 
Registered: Apr 2005
Posts: 1,967
Blog Entries: 5

Rep: Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008
Quote:
Originally Posted by acid_kewpie View Post
Regardless of it being possible, you should NOT set one.
Rather than making such final black and white statements, you actually need to provide some reasoning and justification for the above.

It's not enough for a new user, or anyone else, to simply not set a root password just because someone at some forum, somewhere said they shouldn't - without giving any sound reasons.

Last edited by cynwulf; 02-02-2012 at 04:22 AM.
 
Old 02-02-2012, 06:11 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975
Quote:
Originally Posted by caravel View Post
Rather than making such final black and white statements, you actually need to provide some reasoning and justification for the above.

It's not enough for a new user, or anyone else, to simply not set a root password just because someone at some forum, somewhere said they shouldn't - without giving any sound reasons.
Generally, I don't agree. Too much information can be a dangerous thing. Newbies get tripped up here so often by people going off on a tangent and describing solutions which are too advanced for the OP and leads them down confusing dead ends.

Ubuntu works fine without a root password, and going out of your way to break that convention will not help anyone who does not know that it is possible to do it. It just means that their system doesn't work quite like other peoples any more, so the "normal" advice stops making as much sense and they end up in a much worse place.

The best teacher only knows 5% more than the student.

Right, take this question that was just posted... http://www.linuxquestions.org/questi...r-x-no-927137/ Do you really think that they need to install DBUS? of course not. If you answer their question as asked, you could possibly ruin their system.

Last edited by acid_kewpie; 02-02-2012 at 06:13 AM.
 
Old 02-02-2012, 06:42 AM   #7
cynwulf
Senior Member
 
Registered: Apr 2005
Posts: 1,967
Blog Entries: 5

Rep: Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008Reputation: 1008
Quote:
Originally Posted by acid_kewpie View Post
Too much information can be a dangerous thing.
Open source software is as much about freedom of information as it is about free software. Denying people knowledge based on the pretext that, when armed with said knowledge, they may break their system is quite simply wrong - it's also the proprietary (MS/Apple) way (I'm not talking about password security, permissions or authentication but denying the user knowledge of or access to certain functions/features/methods). It's what I would call "artificial restrictions" and it's often what call centre / tech support people do to make their job easier - i.e: "everyone runs the same and it's easier for us to support".

Quote:
Originally Posted by acid_kewpie View Post
Newbies get tripped up here so often by people going off on a tangent and describing solutions which are too advanced for the OP and leads them down confusing dead ends.
I agree completely with regards to going off on tangents, but the problem there is that you're setting a trend where the level of advice normalises to the level of the least competent user. In doing so, you're driving down overall standards and in the process becoming "volunteer Q&A 1st line support". Yes you want to stop someone doing something foolish as with your example, but I don't see how enabling the root account in 'buntu or 'buntu-like systems is going to cause a serious enough problem to warrant your short black and white "NOT" statement. I can think of several "do NOT do that" scenarios, but this isn't one of them (one of the top ones would be running x as root - but even in that case I would explain why they shouldn't do it rather than expecting them to just say "oh it's caravel he must be right, I won't do that...").

Quote:
Originally Posted by acid_kewpie View Post
Ubuntu works fine without a root password, and going out of your way to break that convention will not help anyone who does not know that it is possible to do it. It just means that their system doesn't work quite like other peoples any more, so the "normal" advice stops making as much sense and they end up in a much worse place.
I don't see how their system would not work like others or why normal advice would make less sense, unless they also remove their user's sudo privileges?

It's a case of posting advice like this:

Quote:
as root:

Code:
aptitude update
or
Code:
# aptitude update
Instead of

Quote:
Code:
sudo aptitude update
or
Code:
su
aptitude update
or
Code:
su -c 'aptitude update'
This way the person chooses how they become root and better learns how to interpret documentation rather than being spoonfed strings of sudo commands. Many Debian users also use sudo, it doesn't cause issues among those not using it when giving advice.

The same argument could be applied to someone who is running 'buntu and wants to install a different DE. Surely they're not running a "normal" system as soon as they install KDE or fluxbox or enlightenment...? Someone could be using a different media player or a different browser to someone else? That's the great thing about GNU/Linux systems - freedom of choice. The user can install whatever they like best without some restriction or someone or something saying "don't do that".
 
Old 02-02-2012, 10:06 AM   #8
Cedrik
Senior Member
 
Registered: Jul 2004
Distribution: Slackware
Posts: 2,140

Rep: Reputation: 242Reputation: 242Reputation: 242
Some valid points, but acid_kewpie follows ubuntu concept though
Quote:
Enabling the Root account is rarely necessary. Almost everything you need to do as administrator of an Ubuntu system can be done via sudo or gksudo. If you really need a persistent Root login, the best alternative is to simulate a Root login shell using the following command...

sudo -i
https://help.ubuntu.com/community/RootSudo

Last edited by Cedrik; 02-02-2012 at 10:09 AM.
 
Old 02-02-2012, 11:54 AM   #9
mreff555
Member
 
Registered: Sep 2011
Location: Philly
Distribution: Gentoo
Posts: 473

Rep: Reputation: Disabled
As someone who was once a newbie long before sudo had been implemented, I don't think my (apparently unfortunate) better understanding of the permission hierarchy of a linux system hampered the rate of which I learned.

I totally agree that some information is too much information. I however, am not a big fan of sudo replacing su entirely. I use sudo all the time when I only have one command which I need to type as root. However there are many times when it is more convenient to be root. Disallowing su entirely not only hinders the new user's understanding of access levels work; it is also analogous to a parent ensuring that their teenager isn't going out and getting in to trouble by only allowing him to leave the house for short supervised periods. Sorry, it's the best analogy I could come up with.

Bottom line, as Voltaire said, and my Crunchbang root shell reminds me of every time I type su, "With great power comes great responsibility." Yes, the possibility of screwing up your system is exponentially increased by being root. However as long as they are ready to accept that responsibility, they might as well be able to use it. Besides, They are never going to get past the newbie stage if they don't learn this kind of stuff anyway.

Sorry about all the dumb quotes

Dan
 
Old 02-02-2012, 12:35 PM   #10
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975
Quote:
Originally Posted by mreff555 View Post
I totally agree that some information is too much information. I however, am not a big fan of sudo replacing su entirely. I use sudo all the time when I only have one command which I need to type as root. However there are many times when it is more convenient to be root. Disallowing su entirely not only hinders the new user's understanding of access levels work; it is also analogous to a parent ensuring that their teenager isn't going out and getting in to trouble by only allowing him to leave the house for short supervised periods. Sorry, it's the best analogy I could come up with.
Sorry, but that's just wrong. I think your knowledge has been hampered through bypassing systems that put in place very good and sophisticated permissions! In fact, I doubt there could be a more apt example of why you shouldn't have ignored sudo!

Doing a "sudo -i" works very closely to "su -", so there is no limitation whatsoever if it's configured to permit this, which most basic setups would be, you just don't need to know the root password, meaning you can make it very secure, print it on a piece of paper and put it in a safe, and still have no impact at all on your daily admin work. Even on RHEL systems, I much prefer getting root access with a sudo -i instead of su.

Last edited by acid_kewpie; 02-02-2012 at 12:37 PM.
 
Old 02-02-2012, 12:53 PM   #11
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,528

Rep: Reputation: 2108Reputation: 2108Reputation: 2108Reputation: 2108Reputation: 2108Reputation: 2108Reputation: 2108Reputation: 2108Reputation: 2108Reputation: 2108Reputation: 2108
Quote:
Originally Posted by acid_kewpie View Post
Doing a "sudo -i" works very closely to "su -", so there is no limitation whatsoever if it's configured to permit this, which most basic setups would be, you just don't need to know the root password, meaning you can make it very secure, print it on a piece of paper and put it in a safe, and still have no impact at all on your daily admin work. Even on RHEL systems, I much prefer getting root access with a sudo -i instead of su.
What's the point in having a super-secure root password that's locked in a safe, if you can gain the same privileges with a simple "sudo -i" command? Why even bother having a secure password when it's so easily bypassed?

I don't like the idea of sudo. I know some people do, I don't. Root privileges are restricted for a reason. The entire act of pulling out your super secret password from the safe and typing it in at the prompt is a HUGE reminder of what you're about to get into. Sudo reminds me too much of Windows' "Are you sure you want to run that?" Admin popups. It's a trivially easy way to gain full admin rights without jumping through the hoops that gaining full admin rights SHOULD require.

Just my 2 cents.
 
Old 02-02-2012, 03:07 PM   #12
mreff555
Member
 
Registered: Sep 2011
Location: Philly
Distribution: Gentoo
Posts: 473

Rep: Reputation: Disabled
Chris.

You have once again stated a claim without even giving a real counter arguement. That is, other then remarks remarks which now make this personal.

What exactly is so much more secure about sudo? Most hoome systems only have one or two users. Chances are that they are all in the sudoers file. Which means a hacker in a remote location only needs one password as opposed to two.

If you are concerned about safety I can you that
sudo rm -rf /
Is almost as easy to type as
rm -rf /

As long as remote root is login is disabled and you don't try to start X
I don't really see the problem.

New security does not necessarily mean good security. If you disagree feel free to comment but remember to include an explanation of your opinion, and leave out personal remarks.
 
Old 02-02-2012, 06:04 PM   #13
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,406

Rep: Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396Reputation: 2396
The original idea of sudo was to enable just a few (or even one) privileged cmd that a non-Admin needed eg allow operator to do backups.

IE fine-grain ctrl on a per person/cmd basis.

Since then, some(!) have generalised it to just mean another way of getting root or in Ubuntu's case effectively replace root/su completely.

Personally I prefer the original concept.
YMMV

Re Ubuntu; it means that 'normal' for them is not 'normal' for most other *nix systems....
 
Old 02-03-2012, 03:42 AM   #14
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975
Quote:
Originally Posted by mreff555 View Post
Chris.

You have once again stated a claim without even giving a real counter arguement. That is, other then remarks remarks which now make this personal.
It just didn't seem particuarly relevant going off on a tangent.
Quote:
What exactly is so much more secure about sudo? Most hoome systems only have one or two users. Chances are that they are all in the sudoers file. Which means a hacker in a remote location only needs one password as opposed to two.
any system is only as strong as its weakest link, so of course that can be abused. but personally as Sudo provides shell variables within a login session, it's very simple to provide a level of auditing about who the user is doing stuff within a sudo shell, which is much harder with su.

Quote:
If you are concerned about safety I can you that
sudo rm -rf /
Is almost as easy to type as
rm -rf /
Oh totally, I very rarely run individual commands through sudo though, I was purely comparing ways to obtain a root shell.
Quote:
As long as remote root is login is disabled and you don't try to start X
I don't really see the problem.

New security does not necessarily mean good security. If you disagree feel free to comment but remember to include an explanation of your opinion, and leave out personal remarks.
don't be so patronising. It doesn't make you look good.
 
Old 02-03-2012, 03:47 AM   #15
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975Reputation: 1975
Quote:
Originally Posted by suicidaleggroll View Post
What's the point in having a super-secure root password that's locked in a safe, if you can gain the same privileges with a simple "sudo -i" command? Why even bother having a secure password when it's so easily bypassed?
it's not "the same" at all. I speak from implementing a number of enterprise solutions where anyone who can log in to a machine over ssh will generally have to be a user who exists in AD / LDAP etc. Root is not an LDAP user. If that machien is turned on and the root password is known, anyone can walk up to it, and even more so these days gain virtual local access through vmware clients etc, without having any permission outside of a local machine to access that box. a password of "passw0rd" is rubbish, a password that is deliberately obscure prevents memorization by sysadmins or anyone else, so you can never really have a situation where you can gain access to a box without there being a centralized audit of a human user account connected to that login session. Root logged on and changed /etc/shadow? how do you ever know who that was? Well for one IF that password only exists in an offline system with alternative security arrangements, e.g. signing the password out from the security office, then that human angle is restored again.

Obviously these things are nearly as relevant with noddy home machines etc.
Quote:
I don't like the idea of sudo. I know some people do, I don't. Root privileges are restricted for a reason. The entire act of pulling out your super secret password from the safe and typing it in at the prompt is a HUGE reminder of what you're about to get into. Sudo reminds me too much of Windows' "Are you sure you want to run that?" Admin popups. It's a trivially easy way to gain full admin rights without jumping through the hoops that gaining full admin rights SHOULD require.

Just my 2 cents.
Your reasons there sound like reasons FOR sudo, not against it. There are so many things that root does need to do that are trivial daily things, where a visit to security would just make your job totally impractical to carry out in any timely way. and you'd end up with a pretty poor and neglected system in most scenarios I can imagine. The security of a system / process needs to be proportional to the severity of the action.

Last edited by acid_kewpie; 02-03-2012 at 03:51 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Privilege Escalation - Getting 'root' privilege Rahil Parikh Linux - Security 2 12-02-2010 01:04 AM
root privilege nagavinodh Linux - Newbie 14 11-16-2009 12:02 PM
Identifying non-administrators w/ root privilege/ Multiple root account in use wjeanpaul Linux - Security 4 05-19-2006 08:55 PM
Insufficient Privilege instead of Root Password Request buckberger Linux - Security 3 12-25-2004 08:00 PM
How to get root privilege in program using c? whepin Programming 1 04-06-2002 05:27 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:15 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration