MandrivaThis Forum is for the discussion of Mandriva (Mandrake) Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I installed 9.2 on a workstation last night, and added users. It appears to me that all of the users have root capability, that is, testing shows that they are able to install packages, change the clock, and so on, without being prompted for the root password.
The installation hung in one place, and when I re-initiated it, it asked me if I wanted to upgrade to Mandrake 9.2 (which is the only Mandrake I have ever had). I continued and got to a functioning installation.
I used the Users Management Tool 0.92.
Questions:
1) This can't be normal behavior, can it?
2) What conditions led to this dangerous conditions? Can I undo?
3) How can I dumb down the existing accounts-- they are not a member of the root group, so how are they so powerful?
4) Should I just kill it all and reinstall?
First I am not a Mandrake user, but perhaps I can help you find the problem anyway. If not, I hope a real Mandrake user can pick up the thread, but until then I will try my best.
Quote:
1) This can't be normal behavior, can it?
Absolutely not. This behaviour would be very dangerous, and basically means your box is completely insecure from both hacks and accidental changes.
Quote:
2) What conditions led to this dangerous conditions? Can I undo?
Have you been playing around as root? Did you chmod 777 all your files?
Quote:
3) How can I dumb down the existing accounts-- they are not a member of the root group, so how are they so powerful?
First we have to find out what the problem is. Do you know how to open a console? If so try entering these commands as a user (not root):
short version:
Before I received your post, I tried to modify the password for root (it had been blank). The message I received was something to the effect of "The underlying file supporting this operation is not available". So finding the installation to unstable/flawed, I reinstalled, and it went fine, problem resolved. Sorry I missed the chance to pick up the diagnostic info.
long version, starting from the beginning:
The original install froze up writing a file. When I rebooted and tried to resume the installation, the installer asked if I wanted to upgrade to 9.2 (which is what I was installing originally, first time any linux had been on this computer). So thinking this would resume my install, I chose it. It did resume the install, but picked up AFTER the specification of Root password and addition of new users, if desired. That is, several steps in the sequence were skipped. So when the install process was over, I had an installation with no password for root.
I thought that was odd, but I went ahead and added users, intending to modify the root password at some point. What I discovered is described in my original post, that is, that all the users I added were basically root.
My theory: Once you declare no password for root, you have said you have a wide-open system, therefore all users have all capabilities.
Again, on the reinstall, everything went fine; I now have root with password and four duly restricted users.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.