Linux Mint Forums

[PaulW]

I added "Root Terminal" to my Main Menu from "System Tools". It worked fine in Mint6, but does not in Mint7. It appears to load, sending an icon to the task bar for a few seconds, but then nothing. The command line is: gksu /usr/bin/x-terminal-emulator
Any ideas on how to get it to work?

[emorrp1]

no, but a root terminal can be very dangerous. You can get a temporary root terminal by running "sudo su" and then typing "exit" after you're done.

[Zwopper]

Code: Select all

gksu xterm

works fine for me.

[rhodry]

I have a little more info that may help?

I think you will find that '/usr/bin/x-terminal-emulator' is a "wrapper" term. That is, it is only a symlink that points to a real application or config file. The application it points to is defined by you (as super user) in the

Menu --> Administration --> Alternatives Configurator menu entry.

When you go to that entry, you can choose which 'Terminal' application is the default for the 'wrapper' to point to. eg, I changed mine to the gnome-terminal simply because I use it for most other cli stuff.

My point here is that your root terminal entry seems to be having trouble loading the underlying application that the wrapper is pointing to. Try going to the Alternatives Configurator and selecting another Terminal app - if that works, fine. You can then perhaps see if you can work out what was wrong with the previous choice by running the app from a command line and see what errors it gives.

Cheers,
Rhodry.

[Hawkeye_52]

Code: Select all

gksu xterm

works fine for me.

Zwopper,

Your are the salvation to my sanity! I have been wrestling with how to get this feature to work, for longer than I care to admit . I have been a KDE person for so long, and root file managers and terminals are built into the menu system of any distro I can remember using. I have been embarrassed to ask the question about how to get this menu option to function in Linux Mint 7. Today I finally reached the tipping point where my desire to activate the feature exceeded my vanity, and up popped your answer on my first search. Thanks, thanks, thanks, etc., etc. (you get the picture)....

Now that my groveling is out of the way:

1> Is this a bug that has been reported? This is a rhetorical/theoretic question; I don't want anyone spending time doing what I can do on my 'curiosity' time. It just seems to me that if it was important enough to put as a menu option (albeit inactive), then it seems to be important enough to have a menu command that actually does 'the deed', so to speak. I know that on the proverbial 1 to 10 scale, this rates way down there because of the obvious workarounds (e. g. emorph1's response), but it is still a curious anomaly.
2> Linux Mint is a super star among distributions in the Linux world. It has taken the foundations of Ubuntu (indirectly) and Debian (remotely), and made something that has a unique and appealing nature for the vast majority of desktop users. It is also taking a much more pragmatic approach to the Ubuntu idea that the end user must be protected from easy access to 'root functions', because of 'inherent dangers' to what a person can do 'unwittingly' to their own system. FWIW, post a big, blinking, red warning (1) at the beginning of the User Guide, (2) the Forums, and (3) the Wiki pages. Maybe even place a one-time only pop-up window warning end users of the dangers the first time they access the 'Root Terminal', or a 'Root File Manager' like I implemented as a convenience carry-over from my KDE days. But after that, put the 'boogey man' away, and let us manage our Linux system the way we do our own lives, independently, accepting all the inherent risks (and pleasures) that life offers, without persistent 'this is dangerous' admonitions. For all those thoughtless souls who actually do 'bork' their system due to the ease and freedom that root access provides, have one canned response that points out all the warnings they were provided, along with a brief summary on how to re-install.

I am sorry for the venting, but as a human being who readily accepts the responsibilities for the errors I make, I greatly respect the matter-of-fact response Zwopper provided, as opposed to any (well-intended) lecture about the dangers of 'root access'. My rant is over, and I have put on my kevlar/asbestos flack jacket, in case anyone actually wants to take this too seriously ....

Hawkeye

[Fred]

Hawkeye_52 wrote:

... as opposed to any (well-intended) lecture about the dangers of 'root access'. My rant is over, and I have put on my kevlar/asbestos flack jacket, in case anyone actually wants to take this too seriously. ....

You knew I would have to respond, didn't you?

There is a reason that might not immediately meet the eye as to why I think it is the duty of Linux users that know better to inform new users about over using root. In Windows it has always been the norm to run as root, or whatever you want to call it. Windows was designed as a single user, non-networked system. The programs written for it had no reason to not be run as root. It allowed for more capabilities to be easily written into the software and less hassles for the operator. This trend has continued over the years and is one of the things that makes Windows so insecure in the multi user, networked world we now live in.

When new users come from Windows to Linux they tend to bring their bad habits with them. This is natural. We all tend to work the way we are most comfortable and familiar with. If people like me don't inform and teach new users a better, safer way, we could one day see Linux in no better shape, securiety wise, than Windows. The increased securiety of Linux is one of the things that attracts new users from the Windows world. It is a matter of trying not to kill the golden goose, to reference an old nursery rhyme.

I will wander off topic for a second and tell you a true story. For several years I lived in a, then, small town called Escondido, CA, USA. It is about 30 miles, (aprox. 50 Km), from San Diego, as I remember. There is a saying in Southern California that housing developments are named for the things they destroy. I bought a house in a budding community called Quiet Hills. It was located in a mostly undeveloped, hilly section and was indeed quiet and serene. Needless to say the development grew and became anything but quiet. In fact I, and the others that bought and built there, did in fact destroy what we originally went there for. We all need to do our part to see that the same thing doesn't happen to Linux with its' ever increasing growth and influx of Windows users.

There are basically two types of securiety issues. Issues that affect you and your data, and issues that affect others on the network. The Internet is a network, by-the-way. Over using the root terminal is more of a risk to your own data and system, mostly due to your own mistakes and those of other users that have access to it. Of course there is some risk to others on the network but it is minimal in most cases. These kinds of risks the user should be warned about and handled the way you suggested in your post. In the end, it is their decision to make and there system that will be most likely impacted.

The other type of securiety mis-practices are ones that affect others on the net as much if not more than they do the individual user. Running X sessions and GUI programs in root fall into this category. These kinds of actions invite intruders to take control of your system, which then becomes part of a bot net or is used for other nefarious purposes against me, your neighbor, and other innocents on the net. For the most part, unless you are skilled in the art, you won't even know your system has been wrestled from your control. These unsavory operators go to great lengths to prevent you, the rightful owner, from becoming aware of their presence.

I wish I could tell you how many Windows users have brought me their computers over the years to have something done to them and assured me that they used the latest and greatest anti-virus, firewalls, etc. and were clean of any bugs. But when I hooked it up on the bench and attached it to the net with a packet sniffer hanging on the output, there was so much activity going on that it looked like Grand Central Station. Though the machine itself didn't appear to be doing anything out of the ordinary.

There is an old saying where I come from that goes like this. "Your rights end where my nose begins." The way I see it, you just don't have the right to knowingly and intentionally take actions that allow your system to be taken away from you and used against others. Because you want to, can, or don't care, does not give you the right to do so.

Unless we all do our part and advise and reeducate new Windows users in proper, socially acceptable practices, we may indeed wake up one day and realize that the golden goose has indeed been killed and can not be brought back to life.

Fred

[Hawkeye_52]

Fred,

I always enjoy hearing from you. You are, without question, a very knowledgeable, computer literate individual. And, although I do not have any professional experience or background, I too have seen what horrendous mistakes Windows users make in both security protocols and software selection. But how do we go from experienced Linux users to inexperienced Windows novices in order to present your points? In the Linux world, since the predictable demise of Linspire, how many Linux OSs are there that encourage their users to continuously operate their system as the 'root' user? I am not sure of the answer, but I would suspect the number would be few.

The kind of actions I discussed earlier are ones that occur every day with users who are operating under various KDE operating systems. Root terminals and root file managers proliferate in the menu options of KDE systems. They are not only allowed, but are recommended in documentation and/or wikis as specific solutions to certain situations. This is done because the solutions are quick, practical, and safe when used as they should be. I have been using Linux as my primary operating system since sometime (how memory fails me ) in 2004 with a boxed copy of SUSE purchased at a CompUSA store in Bakersfield, California. Since that time I have used quite a few Linux distros, on multiple machines simultaneously, and frequented the forums of all those that actually stayed on one of my hard drives for more than a day or two. In that time, I have come across far more posts with dire warnings about unsafe operations than I have posts from those who actually experienced these dire problems and have come to the forum for help due to their misuse of the freedom of access to root, to accomplish something on their own hard drive.

Regarding root access, Linux Mint allows end users access root in multiple ways. My post originated because I was frustrated when one of the utilities Linux Mint provided did not work. It was a utility I was very familiar with in the 'KDE world', a root terminal. The command was in the menu but did not function. Obviously the powers that be at Linux Mint feel it is OK to access root on your own system, or it wouldn't have built those options into application choices, utilities, and menu systems. Since this freedom is provided to us, inherently in the operating system, maybe your comments are better directed at Clem or Husse on this one? I am just the smuck that was frustrated when one of the built-in features didn't work, and elated when someone calmly explained how I could access the freedom that was supposed to be there anyway, in another, simple method. Unique idea, having personal control over something that belongs to you -- it has merits if we could get a few people together to flesh out the idea...

This could go on forever, but the little I know of you, you are a clever, tenacious person. You will definitely outlast me on this one. I 'ran this up the flag pole' hoping it might lead to a good natured bantering on a time worn subject. I was wrong -- I haven't had any fun with this at all. I was completely confused on the part of your post where you inferred my using a root account, on my personal data would somehow disrupt the security of the entire worldwide web and all those who use it. Do I really have that much power when I use 'gksu chown root *.* /home/hawkeye/dumptruck?

All this was really set off by emorrf1's comment:

"no, but a root terminal can be very dangerous. You can get a temporary root terminal by running "sudo su" and then typing "exit" after you're done."

OK, aside from the increased number of keystrokes, how is using 'sudo su' more secure than using a menu option to bring up a root terminal (that also requires a password) and then typing 'exit', the same termination of activity either way? OK, I vaguely understand the persistence issue, but is a person who types 'sudo su' smart enough to type 'exit', but one who accesses a root terminal through a menu option inherently incapable of remembering to type 'exit'?

Warm up Fred, et al, and take your best shot. I am definitely done with this one, and besides, the paranoids are after me.

Hawkeye

[Fred]

Hawkeye_52,

Good morning. I was not responding to you on a personal level but to the possible implications of your post. ie.

... But after that, put the 'boogey man' away, and let us manage our Linux system the way we do our own lives, independently, accepting all the inherent risks (and pleasures) that life offers, without persistent 'this is dangerous' admonitions.

Using a root terminal in and of itself is no more of a securiety risk than many other normal and necessary admin. functions. I use KDE and a root terminal is handy to use. I do so all the time and would expect others to also. The first part of my post was pointed at the over use of root, which could arguably be encouraged by having a root terminal too handy. But as I said in my post a warning to new users, as you yourself suggested, should be sufficient. I took your position on that matter. My greater concern was for the second form of root abuse, and gave examples, which does have implications for other users. Actually, I was trying to show that some uses/abuses of root can have a negative impact on others and we should all make a distinction between taking risks with our own systems and subjecting others to risks.

But how do we go from experienced Linux users to inexperienced Windows novices in order to present your points?

No individual does. Keep in mind I was not attacking you or any particular user, but using your post to address the community in general, which is made up of the entire span of Linux users. From complete beginners to experienced and highly knowledgeable members. Most of us fall somewhere between the two extremes. Some are in the position to inform others of the rewards/hazards of using or over using root, in some cases minor consequences, in others major. Others in the community have the burden of learning safer ways of working than they have been accustomed. But if those of us that know the pitfalls with using and over using root in various ways don't articulate them when we have the opportunity, how can we expect new users to ever understand and learn?

My posts in this area are almost never aimed at a specific individual, I just use them as a vehicle to get out a message, or inform users in general on some point or points that I think are important.

I hope you understand my post better now and what my intentions were.

Enjoy life, it is too short to do otherwise.

Fred

[emorrp1]

no, but a root terminal can be very dangerous. You can get a temporary root terminal by running "sudo su" and then typing "exit" after you're done.

OK, aside from the increased number of keystrokes, how is using 'sudo su' more secure than using a menu option to bring up a root terminal (that also requires a password) and then typing 'exit', the same termination of activity either way? OK, I vaguely understand the persistence issue, but is a person who types 'sudo su' smart enough to type 'exit', but one who accesses a root terminal through a menu option inherently incapable of remembering to type 'exit'?

It's all to do with limiting root powers. With sudo su, all you're doing is running another bash shell with root privileges. With gksudo xterm, you're running a full GUI in addition to the root shell. It's basically the same reason not to login to a desktop as root, just scaled down a little in scope.

As for all the warnings about root access, that's why I prefer the simple, "you shouldn't do this because..., but if you really know what you're doing then ... "-type answers, which is what I provided.

[Fred]

emorrp1 wrote:

With gksudo xterm, you're running a full GUI in addition to the root shell...

Humm... Are you sure of that? You know, I never really thought about it. See, old dogs can learn new tricks... occasionally.

I never really realized or considered that the entire x session had elevated privileges.

Fred

[emorrp1]

nonono, I meant GUI literally, taken as an acronym, not referring to the whole X-session or anything like that. By running an executable that provides a GUI as root, you're giving that GUI the opportunity for root privileges, even if they are not actually used.

[emorrp1]

Just as an update on this point, I ran across this in the gnome security considerations: http://developer.gnome.org/doc/guides/p ... urity.html

Under no circumstance create a GTK+ program that is setuid root. The GTK+ and GNOME libraries are big and complex, and they have not been audited for security. In any case, you would not want to have such a big piece of code be setuid root anyways. It you must absolutely use root privileges for something, write your program so that the user interface is in a normal, non-privileged process and create a helper program that is setuid and performs the 'dangerous' operations. Also, please notify the GNOME development mailing lists about this and request that someone perform a security audit on your helper program.

I believe this is also the major difference between sudo and gksu.