Thanks for that link reddazz I like it's lay-out better than the linux command links I have

Thanks for the info guys. I guess everyone involved in this debate was neither right nor wrong as there doesn't seem to be a right or wrong answer as there are fors and againsts from both sides.

I think that Mandriva "forcing" disabled root logins on their users by default is a bad move, especially as they promote themselves as one of the most user-friendly distos, but this can be re-enabled later with the help of an advanced user.

Beautifully said, one of the things that has turned me away from Windows is the "J Edgar Hoover" mentality. And a reason for a GUI root login - one of my alltime favourite games requires root login for installation, if you just su as a user then only that user can play. The game is NetHack, been playing for fifteen years and still never beaten it.

Cheers,

Andrew.

This is not a new thing nor is it limited to Mandriva. Many other distros do it and personally I don't see anything wrong with it. The problem is that if security is lax by default, you end up with many new users working as root all the time. This will be no different to the Windows model and makes you susceptible to attacks or making errors that can leave you with a hosed system. If you really need to enable root logins, you don't even need to be an advanced user, just run the KDE control center, go to the login manager settings and choose whatever options enable it.

If you install this game via the Install, Remove & Update Software GUI the game runs fine with different uses.

Thank You
I could not have said it better. I understand the risk of running as root, But as one who is not a typist I find the GUI better for me to do things and get work done. There are times that I need to run as root in the GUI and not in a terminal as I can't type very well. I am willing to take the risk and as far as I am concerned the information on how to login or setup Mandriva to log in as root, should be freely available.
MH

To those who think it is a big deal that Mandriva has chosen to disable root log in to a GUI session as a default setting:

Lets look at the situation from the distributor's point of view. You want your distribution to be friendly to users new to Linux, so one thing you have to decide is just what being user friendly means. Does it just mean that the distribution is easy to use, or does it mean something more? Since your distribution is targeting users new to Linux, should you try to protect them from the dangers of the WEB as much as you can, or should you give them an OS that must be re-configured before it is secure? To be able to answer these questions, you have to ask yourself just how many people will take the time to secure their system, and how well will they like their Linux experience after they have been hacked a few times and their system has been compromised. Another valid question is how long will it take a user new to Linux to learn enough to set up a decent security configuration?

I think it is refreshing that a user new to Linux gets an OS that is safe enough to use on the WEB so (s)he can have time to learn enough to decide just how secure (s)he needs the system to be. No one is being told how to use their computer, but a distributor must make some decisions when it sets up the distribution, and I think Mandriva has made some good choices. From where I sit it looks as if Mandriva has decided that if a decision they make is in error, at least they will error on the side of caution.

Finally, it is not as if Mandriva has permanently removed the ability to log in to a GUI session as root. They have simply changed a "true" option in a configuration file to "false", and the default configuration of any OS is a starting point rather than a dictation of future behavior. I do not see anything like a big brother syndrome in that.

My

Hi Ernie,

Please don't take this the wrong way, there seems to be some lack of understanding as to how much someone new to Linux has to adapt. For many new users the keyboard has only _ever_ been used for passwords or typing short text emails in dismal attempts at something that almost looks like English, just the thought of having to edit a script is beyond what they are prepared to accept.

Often when someone tries Linux for the first time they are still using Windows as their main system and _playing_ with Linux to see if they want to make the change or not. I've helped a few friends and my father go through this, when it comes to editing a script or using a terminal to install a program either I do it for them or that's the end of their Linux experience.

su and ./configure are completely out of the question, why would they even attempt to learn this when Windows is still running and they don't have to do any such thing in Windows?

Mandriva has done a lot to help these people in it's excellant GUI installation and the ease with which it automatically sets up for dual boot with Windows. Up until 2007 they also shipped it with an extravagantly large amount of alternative software packages that saved poor 56K suckers like me from over-large and often unobtainable downloads.


If enabling root login was an option that someone could click on in what they're used to calling "Control Panel" and Mandriva gave the message "Root login has been disabled." I would agree with you but the only thing Mandriva tells you is "Root login not allowed" and it supplies _no_ documentation on how to alter this or even why it's not allowed.

"Not Allowed" suggests that it _can't_ be done, "Disabled" implies that there is a setting that needs to be changed for it to work.

Being told you can't do something without being told why and being misled through lack of information that there is no alternative is very Big Brother.

To have to search the web for ages for an answer and when you do finally find something that looks like it might be relevant suffer demeaning scorn followed by vague and obscure hints from fully literate terminal purists doesn't help the learning curve very much and makes people wonder "Why is it so bloody secret?".

As for why anyone would want to login as root, for most people new to Linux it is because they are _playing_ with it. It is _not_ their main operating system and will not become their main operating sytem until they feel comfortable using it.

This process can take years, for me it's taken five years and I'm still just as happy to use Windows on the 'net as I am Linux. But Linux rules when it comes to Office apps, music, and DVD burning.

It's a shame about Kaffeine though, another big download I'll have to tunnel through 56K 'cause LinDVD really sucks.

Cheers,

Andrew.

I can't believe this topic is still going, all over one simple function that has a GUI interface to turn off and on... Really!!!

Also how can you call Linux/KDE 'Big Brother' you guys have used Microsoft Windows right??

I mean how can an open source operating system, that you can see and change exactly what it does be big brother?

Linux is not Windows. You can legally get it at the cost of a download and the learning curve. Admittedly the curve seems high, but is it any higher than it was to learn to use Windows? If you are truly happy with Windows, why bother with Linux in the first place? I suppose I do not understand, and for that I am sorry, but I do not think any distributor has any obligation to any user other than to those who pay for support. After all, that is what the commercial Linux distributors do - sell support services to their customers. I am of the opinion that if the only complaint any one has with their Linux distribution is that it has informed them that a root login to a GUI has been disallowed when it actually has simply been disabled, then I think the distributor has done an excellent job. Hundreds of thousands if not millions of people use Mandriva Linux. If the majority of paying users complained about this configuration choice I suspect Mandriva would change it. Since they have not, it appears to me that the majority of Mandriva users are happy with their default configuration, and it is my sincere hope that this never changes.

For what it is worth, I understand that you feel you are correct in the position you have chosen, and I do not think I will be able to change your mind. I am simply trying to help you understand why things are as they are. There is no evil intent involved, and certainly no big brother attitude. It is not your friendly neighborhood Linux distributor who includes phone home software in their OS (WGA) now is it? If any one is trying to look over your shoulder, it certainly is not your Linux distributor. As a final note, you should also remember that Mandriva is a French company. Few if any of their developers speak English as their native language. I do not speak French, but I'll bet there is not a very big difference between the definitions of "disabled" and "not allowed" in the French language. Is it impossible that something got lost in the translation?

My

its quite simple actually. at the login screen, choose the session type and choose "console login." then at the console login, login as root and type startx. that's how i've done it. i had the same issue at first but this is the easiest way i found to use x as root.

Very well said.

A linux system has always had a root user. I disagree with the philosophy here.

You cannot get linux experience without compiling.

The root screen is there in 2007.1 only the distro hid it.

If you use apache and create websites you have to have the root screen.

Naturally, protecting the inexperienced user is helpfull but Mandriva and Ubuntu are not helping those who want to exercise the
real power of Linux.

I am tired of this. If you want to work in a GUI screen as the root user, be my guest. Others have already posted the steps to allow it. When you start getting hacked by every script kiddie that comes across your computer, please do not blame your distribution for being insecure, because you are breaching your systems security. I have seen no one posting some religious mantra or adopting some mystical philosophy when they try to help you understand the security risks to which you will be exposing yourself. If you are unable to understand this or do not want to believe it, that is your choice. If you think the Mandriva team is adopting a big brother attitude, then believe what you want. Every distribution I have experimented with adopts the same configuration policy. A root log in to a GUI session is disabled.

I am so sick of your unrelenting attitude over this minute issue that I am placing you on my ignored user list because I no longer want to see any posts originating from you. This will be my final response in this thread because there is nothing left to be said. Users who want to run a GUI session as root will do so, and those of us who understand the magnitude of the security breach which results from such behavior will not.

Oh, please give me a break. Since when has web creation/development needed a user to be logged into a GUI as root? I also use apache, php and related applications and not once have I needed to login as root to do web development work. What is surprising is that you have used Linux for a few years now, but you still fail to understand its features and security model (judging from your previous posts and threads).