Log in as Root

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read how to get help

Log in as Root

Postby leslie on Sat Feb 10, 2007 12:49 am

Hello people. Nice to be with you!

Just trying mint. By some amazing luck I managed to get my ATI card installed ok. Phew, lotta hassle with Ubunto based distros I believe? Anyway, top marks for a nice functioning distro. To my question -

I am trying to login as root/admin but apparently I can't do that from the login screen? What's up?. That's ok if I can get file access with a kinda Super User Mode editor, has mint got one? - Oh rather not use Terminal.

Cheers
Les
User avatar
leslie
Level 1
Level 1
 
Posts: 5
Joined: Fri Feb 09, 2007 1:15 am

Linux Mint is funded by ads and donations.
 

Re: Log in as Root

Postby marcus0263 on Sat Feb 10, 2007 12:55 am

leslie wrote:Hello people. Nice to be with you!

Just trying mint. By some amazing luck I managed to get my ATI card installed ok. Phew, lotta hassle with Ubunto based distros I believe? Anyway, top marks for a nice functioning distro. To my question -

I am trying to login as root/admin but apparently I can't do that from the login screen? What's up?. That's ok if I can get file access with a kinda Super User Mode editor, has mint got one? - Oh rather not use Terminal.

Cheers
Les

Mint is Ubuntu based and you need to use "sudo" and do root functions as needed. There really isn't any need to login as root and it's a security risk.
User avatar
marcus0263
Level 4
Level 4
 
Posts: 362
Joined: Mon Dec 25, 2006 9:40 am
Location: Seattle

Postby leslie on Sun Feb 11, 2007 7:04 pm

Thanks marcus0263. I know the risks but I'm not used to not having this control. If there's a way to do it I would really like to know. If not, then how can I delete unwanted files/folders - like unused pre-installed wi-fi stuff that I don't use.
User avatar
leslie
Level 1
Level 1
 
Posts: 5
Joined: Fri Feb 09, 2007 1:15 am

Postby marcus0263 on Sun Feb 11, 2007 7:28 pm

leslie wrote:Thanks marcus0263. I know the risks but I'm not used to not having this control. If there's a way to do it I would really like to know. If not, then how can I delete unwanted files/folders - like unused pre-installed wi-fi stuff that I don't use.

Open up a terminal and
Code: Select all
sudo su


Then do what you need to do. Get out of the M$ thinking that you have to login as Admin. Any Unix based OS all you need to do is "su" and do what needs to be done. Like I said, there really shouldn't be a reason to actually login as root.

But if you MUST just set a password for root

Code: Select all
sudo passwd
User avatar
marcus0263
Level 4
Level 4
 
Posts: 362
Joined: Mon Dec 25, 2006 9:40 am
Location: Seattle

Postby leslie on Sun Feb 11, 2007 8:24 pm

Thanks again marcus0263 for the advice. It's not M$'s fault but PCLOS, Mepis, et al, non Ubuntu based distros, basically. I got used to (and wary of) operating as root, and I just gotta have it -------

UPDATE: Ahhhhhhh, found the way, very obvious, just gotta be observant. Can now login as root at login screen. I'll not tell here, gotta protect the less wary. Cheers!
User avatar
leslie
Level 1
Level 1
 
Posts: 5
Joined: Fri Feb 09, 2007 1:15 am

Postby mintero on Sat Feb 17, 2007 7:34 am

Hi,
Logging as root is not a good idea (for security reasons). Ubuntu-based distros use the program sudo for administrative tasks.
If you don't like the terminal, you can make an icon on the panel or an entry in the startmenu.

Panel icon:
Right-click on the panel->Add to panel->Custom Application Launcher
Give a name of your choice, for example Nautilus as Root. Give the command: "gksu nautilus /" (without the quotes). You can also use the button "No Icon" to search an icon.

Menu Entry:
System->Preferences->Menu Layout
Choose the section Administration and click on New Item. Do the same as with the panel icon. (Don't check: Run command in a terminal). If the entry doesn't appear in the startmenu, then logout and re-login

There is also a Nautilus extension which gives the context menu entry "Root Here" (or something like this) when right-clicking on a folder, but unfortunately I dont remember its name.
LinuxMint Bea
mintero
Level 2
Level 2
 
Posts: 60
Joined: Fri Feb 16, 2007 2:22 pm

Postby scorp123 on Sat Feb 17, 2007 3:34 pm

mintero wrote:Logging as root is not a good idea (for security reasons)
Only true for newbies who might be tempted to permanently work as root (BAD IDEA!!). But if you know what you do it's perfectly safe. And logging in as root is sometimes even necessary :wink: But again: For long as you know what you do .... :wink:
User avatar
scorp123
Level 8
Level 8
 
Posts: 2287
Joined: Sat Dec 02, 2006 4:19 pm
Location: Switzerland

Postby marcus0263 on Sat Feb 17, 2007 4:35 pm

scorp123 wrote:
mintero wrote:Logging as root is not a good idea (for security reasons)
Only true for newbies who might be tempted to permanently work as root (BAD IDEA!!). But if you know what you do it's perfectly safe. And logging in as root is sometimes even necessary :wink: But again: For long as you know what you do .... :wink:
Disagree

I can't really think of a reason to log in with a GUI as root, I won't ever say never, but I really can't think of a reason other than laziness or n00bness.

What ever needs to be done can be done in a root term and if you must you can run the GUI app as root with tools like gksu and gksudo.
User avatar
marcus0263
Level 4
Level 4
 
Posts: 362
Joined: Mon Dec 25, 2006 9:40 am
Location: Seattle

Postby vonskippy on Sat Feb 17, 2007 5:04 pm

marcus0263 wrote:I can't really think of a reason to log in with a GUI as root, I won't ever say never, but I really can't think of a reason other than laziness or n00bness.

Sorry to disagree, but being neither lazy or a noob, I control what I do to my computers - not the other way around.

If I wanted my computer to babysit my sessions, I'd use Vista with it's oh so useless UAC.

I've avoided trying/using *buntu for a long time because I resent the implication that I'm too stupid to understand and safely use the root account.

Only because MINT is such a nicely packaged distro, with an active support community have I dropped FC6 off of my laptop and installed Mint 2.2beta (mainly because it supported my sound and widescreen display right out of the box without any unnecessary tweaking or mods).

First tweak (after moving the main panel to the top) was to install a real root account. After 20+ years using big iron Unix's, I do almost everything from the cli, and yes, I'm that lazy in not wanting to type sudo everything.

The advantage of Linux and it's numerous flavors and choices is variety, so I find it ironic that some people defend their personal choices by calling other people either lazy or stupid for not agreeing with their OPINION.
vonskippy
Level 1
Level 1
 
Posts: 9
Joined: Fri Dec 29, 2006 11:02 pm
Location: Colorado, USA

Postby marcus0263 on Sat Feb 17, 2007 6:11 pm

vonskippy wrote:<snip>
I do almost everything from the cli, and yes, I'm that lazy in not wanting to type sudo everything.
Code: Select all
sudo su

or if you need a real root environment
Code: Select all
sudo su - root

Why type sudo for everything?
Even easier why not create a root term and have it as an icon on your desktop? Why logout then login as root like the Microsoft world?

vonskippy wrote:The advantage of Linux and it's numerous flavors and choices is variety, so I find it ironic that some people defend their personal choices by calling other people either lazy or stupid for not agreeing with their OPINION.

Yes I'm expressing my opinion as I stated that "I couldn't think of a reason" and "I won't ever say never", take it at that and nothing more.

Lighten up dude ;-)

BTW - I started out with punch cards and cut my teeth on CICS, TSO, JCL, PROFS, etc.. But when I discovered HPUX and Solaris I fell in love, used to think Linux was nothing but a toy till about 3 years ago.
User avatar
marcus0263
Level 4
Level 4
 
Posts: 362
Joined: Mon Dec 25, 2006 9:40 am
Location: Seattle

Postby marcus0263 on Sat Feb 17, 2007 7:05 pm

To make things easy just create an "Application Launcher"

Root Term
Code: Select all
gnome-terminal -e 'sudo su'


Root Shell
Code: Select all
gnome-terminal -e 'sudo su - root'


Now place it on your Desktop, Menu, or where ever you choose.
User avatar
marcus0263
Level 4
Level 4
 
Posts: 362
Joined: Mon Dec 25, 2006 9:40 am
Location: Seattle

Postby mintero on Sat Feb 17, 2007 7:25 pm

marcus0263 wrote:What ever needs to be done can be done in a root term and if you must you can run the GUI app as root with tools like gksu and gksudo.
I agree and for information gksu works in sudo-mode by default in ubuntu. (Everybody can verify it in the Configuration Editor, if they have activated this tool)
Sudo has limited privileges and does the work. Why take more risk? Sudo's 5 min grace period could be a flaw, but one can change it and here's how:

In the terminal: sudo visudo
Add this line: Defaults:ALL timestamp_timeout=0
Exit (Ctrl+X)
It asks if you want to save: so save to /etc/sudoers

In this way, sudo doesnt keep the password for 5 min (the default), but asks for the password every time.
So if you are performing an administrative task and at the same time you open another program which needs admin rights as well, sudo will ask for the password again. That means that a malicious program can't exploit the time during which you are using sudo.
LinuxMint Bea
mintero
Level 2
Level 2
 
Posts: 60
Joined: Fri Feb 16, 2007 2:22 pm

Postby marcus0263 on Sat Feb 17, 2007 9:03 pm

mintero wrote:I agree and for information gksu works in sudo-mode by default in ubuntu. (Everybody can verify it in the Configuration Editor, if they have activated this tool)
Sudo has limited privileges and does the work. Why take more risk? Sudo's 5 min grace period could be a flaw, but one can change it and here's how:

In the terminal: sudo visudo
Add this line: Defaults:ALL timestamp_timeout=0
Exit (Ctrl+X)
It asks if you want to save: so save to /etc/sudoers

In this way, sudo doesnt keep the password for 5 min (the default), but asks for the password every time.
So if you are performing an administrative task and at the same time you open another program which needs admin rights as well, sudo will ask for the password again. That means that a malicious program can't exploit the time during which you are using sudo.
Good post mintero

Further more on the subject of reasons why NOT to run X and a GUI Desktop as root is really rather simple. It just is not a good idea to run X11 and Gnome or KDE as root because they are very complex services using complex protocols. It is well known that complex programs are more prone to errors than simple and short ones. X11 and GUI environments are very complex programs, in size rivaling the Linux kernel or exceeding it. Granted, you may be safe if you run these logged into a full Desktop provided you are very careful and have all the latest patches and keep your software up-to-date. But this all adds up to a large risk factor, so it is just a lot simpler to not to login to a "root" Desktop and have X11 and GUI running.

I can't even remember when the last time I logged into a GUI Desktop (other than corporate servers) as root. There's a very simple solution to the annoying "sudo" everything, create an "Application Launcher" that launches into a root term. Why take unnecessary risks? Not to mention about the biggest annoyance I have with Microsoft windows is having to log out and then log in as "Administrator", the *nix way is so much easier and safer.

But again for those who "have to" just give root a bloody password, but Caveat Emptor!
User avatar
marcus0263
Level 4
Level 4
 
Posts: 362
Joined: Mon Dec 25, 2006 9:40 am
Location: Seattle

Postby scorp123 on Sat Feb 17, 2007 9:25 pm

marcus0263 wrote:Disagree.
Nope, in fact we agree. I wasn't talking about GUI logins but logging into the system as root in general, e.g. via shell, local terminal, whatever.

marcus0263 wrote: I can't really think of a reason to log in with a GUI as root
Dito. I wasn't thinking of this possibility.

marcus0263 wrote: What ever needs to be done can be done in a root term
That's what I said ... or meant to say.
User avatar
scorp123
Level 8
Level 8
 
Posts: 2287
Joined: Sat Dec 02, 2006 4:19 pm
Location: Switzerland

Postby scorp123 on Sat Feb 17, 2007 9:31 pm

vonskippy wrote:Sorry to disagree, but being neither lazy or a noob, I control what I do to my computers - not the other way around.
That's precisely why it is dangerous. If you login as root into e.g. GNOME or KDE and then open a file manager, and you drag the mouse around ... what if you by accident perform a drag & drop operation? You are in control, right. The computer will do as you say, it will move a bunch of files without asking you, without babysitting you ...

When I was a beginner back in 1996 did people tell me not to login into a GUI as root? Yes they did. Did I listen? No I didn't. And what happened to me when I clicked the wrong mouse button in the right moment over the right place at the wrong time? Read above. :lol:

Had I been an ordinary user in that moment nothing would have happened. The system would have given me a "access denied" error, and whatever stupid thing I was doing wouldn't have happened. But I was root ... and root's powers are unlimited and not to be questioned by that stupid computer ...

There are other security implications too when logging in as root, e.g. a bunch of stuff normally under non-priviledged ordinary user control all of a sudden enjoys the full powers of the root account ... and that can have bad consequences too, depending on what strange or funny things you (by accident?) set in motion ...

Regards,
scorp123
User avatar
scorp123
Level 8
Level 8
 
Posts: 2287
Joined: Sat Dec 02, 2006 4:19 pm
Location: Switzerland

Postby marcus0263 on Sat Feb 17, 2007 10:00 pm

scorp123 wrote:There are other security implications too when logging in as root, e.g. a bunch of stuff normally under non-priviledged ordinary user control all of a sudden enjoys the full powers of the root account ... and that can have bad consequences too, depending on what strange or funny things you (by accident?) set in motion ...
Agreed -
The largest risk is what is running under the hood and giving unnecessary programs root access. Just look at that bloated desktop KDE for example. You know programs like Amarok that goes out into the cloud hitting different servers. People just need to play it smart and safe and to it the *nix way, the command line is simple and is your friend. All I do is click on my menu "Root" and a Root Term comes up and I do what ever needs to be done. Then servers I administer I just ssh in then su into a root shell and do what needs to be done. The KISS method is the best.

The biggest battle I believe is too many people are used to the sloppy Microsoft way. I always like to bring up the best example of Microsoft's sloppy design by asking "have you defragged today?" ;-)

Cheers
User avatar
marcus0263
Level 4
Level 4
 
Posts: 362
Joined: Mon Dec 25, 2006 9:40 am
Location: Seattle

Postby Ashiro on Wed Oct 24, 2007 8:30 pm

Just to be awkward and drag up the old argument:

I'd say its purely personal working processes that decide which you prefer until you start going into the realms of logging into your KDE/GNOME session as root - in which case its no longer work habit but madness.

I've always used root for the past 9-10 years and although I've tried using sudo I can't love it the same way everyone else does. Having said that I'm very sparse in its use, don't leave sessions open all the time, etc.

I do take issue with one point on the Ubuntu RootSudo articles (https://help.ubuntu.com/community/RootSudo) where it states an attacker can bruteforce a root account as this shows a high level of ignorance that messes up the whole point they put across.

Bruteforcing a root account is most likely going to be attempted via SSH. If you're smart you disable root logins via SSH and so the point is void. As most of the points regarding the pros and cons it all boils down to what you prefer.

So why did I bring this up again? I have no idea - I'm going to bed.
Ashiro
Level 1
Level 1
 
Posts: 6
Joined: Wed Oct 24, 2007 8:13 pm

Postby Lolo Uila on Thu Oct 25, 2007 1:51 am

The issue for me when I see this question posted every week or so isn't the ol' whether or not you should log in as root argument; it's more like should we tell people that ask this question how?

As leslie discovered it's really quite easy to do in Mint, and when anyone has to ask for help with this I find myself wondering if they really are knowledgeable enough to use root safely. I was a complete noob and it took me less than 5 minutes to figure it out when I looked into it back when I first started using Mint.

As for the argument about "Mepis, Gentoo, Fedora, etc. let me do it", well then you are welcome to keep using any of those distros. No one is forcong you to use Mint. Mint is not a distro for hard core Linux fanatics. If you want maximum control over your computer and the OS I'd suggest Gentoo or Slackware.

Mint is targeted at new users and Windows converts, and as such is designed to be both simpler and safer to use. Nothing in Mint is a deep, dark secret, though. That simple philosophy even extends to things like enabling the root account and root login to the GUI. So instead of spending 10 minutes typing up a rant about why we should tell you how to do this, spend 5 minutes figuring it out for yourself.

Aloha, Tim

PS: Everyone really should take the time to learn how to use the terminal and command shell. GUI login as root is a bad habit to get into, and it's not something you should depend on (it won't help you fix things when your system won't boot).
User avatar
Lolo Uila
Level 5
Level 5
 
Posts: 548
Joined: Thu Mar 15, 2007 3:40 am
Location: Kapolei, Hawaii

Postby Ashiro on Thu Oct 25, 2007 2:16 am

Lolo Uila wrote:The issue for me when I see this question posted every week or so isn't the ol' whether or not you should log in as root argument; it's more like should we tell people that ask this question how?

As leslie discovered it's really quite easy to do in Mint, and when anyone has to ask for help with this I find myself wondering if they really are knowledgeable enough to use root safely. I was a complete noob and it took me less than 5 minutes to figure it out when I looked into it back when I first started using Mint.

As for the argument about "Mepis, Gentoo, Fedora, etc. let me do it", well then you are welcome to keep using any of those distros. No one is forcong you to use Mint. Mint is not a distro for hard core Linux fanatics. If you want maximum control over your computer and the OS I'd suggest Gentoo or Slackware.

Mint is targeted at new users and Windows converts, and as such is designed to be both simpler and safer to use. Nothing in Mint is a deep, dark secret, though. That simple philosophy even extends to things like enabling the root account and root login to the GUI. So instead of spending 10 minutes typing up a rant about why we should tell you how to do this, spend 5 minutes figuring it out for yourself.

Aloha, Tim

PS: Everyone really should take the time to learn how to use the terminal and command shell. GUI login as root is a bad habit to get into, and it's not something you should depend on (it won't help you fix things when your system won't boot).


All very true. Its astoundingly simple for even the most green user to find out by a simple Google search. More often than not its laziness that prompts the question. However, letting them know in the hopes they do some damage and learn from it is better than holding back. The more you hold back something the more they want to know.

With regards to making the system as you want - its normally only the beginners who need to ask how to enable root so using Slackware, Debian, *BSD isn't viable. It's too big a step. At least if they can enable it on a user friendly OS like Mint they can screw themselves over in comfort. IU'm sure there's a lot of veteran users who use Ubuntu and Mint simply because they know how to make it what they want but the basis to work off is great initially.

It only becomes a problem when someone comes on complaining about Mint when in reality its their own decision to enable root and use it carelessly that's caused the problem. I can't see that happening though.
Ashiro
Level 1
Level 1
 
Posts: 6
Joined: Wed Oct 24, 2007 8:13 pm

Postby kenetics on Sun Nov 04, 2007 12:09 pm

I know how to login as root, but without being in root how would one do something like adding XMMS skins to usr/share/xmms/skins? Or easily delete a bunch of unwanted wallpapers in usr/share/backgrounds (can only do 1 at a time in Desktop Background menu)?
User avatar
kenetics
Level 5
Level 5
 
Posts: 616
Joined: Thu Dec 14, 2006 9:57 pm
Location: Somewhere on a Florida beach

Linux Mint is funded by ads and donations.
 
Next

Return to Other topics

Who is online

Users browsing this forum: No registered users and 6 guests