permissions are messed up

[vms]

I'm not required to login when I start my laptop. And somehow I have 2 passwords. Many commands that I run at the command line ask me for a password (it'll ask for the password for oem). I also have another password I use occasionally (I think I ran into it when trying to fix the passwords, in the Passwords and Keys settings.)

How can I prevent it from always asking for passwords? Also sometimes on the GUI, I can't even enter the password. I tried to update a configuration file, and it just didn't allow me to do that, it never asked for the password. I assume it was a permission problem.

This is a a very basic laptop, just for playing around with. Security is not an issue. How can I just always get logged in as the superuser, with all privileges, when I start up the laptop, and never need to login again?

[Cosmo.]

At first: Without the least system information we have no idea, about what you talk.
Open in the menu -> system report -> system information -> click the copy button; paste in your next post.

Second: I cannot make a sense out of this:

I'm not required to login when I start my laptop.
...
How can I prevent it from always asking for passwords?

The first sentence means to my understanding, that you get automatically logged in. The second sentence says the straight opposite. What now?

[motoryzen]

How can I prevent it from always asking for passwords?

If this means that anytime you type a terminal command that requires sudo to be included...there are ways around that, but the experts will say it isn't recommended.

One exception I made to say " so what I'll be fine. it's my PC and I know wth I'm doing " is towards using Timeshift. When I launch it I damn surely don't want to have to type my password in to use it.

If that is one of the things you want to launch and never need to enter a password again, I can walk you through how...BUT it may also adversely make the same change on other programs that I have not had a chance to confirm the full list of yet. It's your risk to take

Regardless of whatever you choose to do. Create a time shift snapshot and target a separate drive ( not the same drive Linux Mint lives in)....first. Always back it up first when you're taking a new risk..even if it's to make the experience enjoyable or more enjoyable or to resolve things.

[mikeflan]

How can I prevent it from always asking for passwords?

motoryzen is correct. What you ask for is not recommended.
See if this eases your pain:
Allow for short passwords:
viewtopic.php?p=2116323#p2116323

[vms]

Thank you all for your patience with my poorly worded question. I pasted the system info below.

When I start the machine, I'm not asked for a password. When I do certain things - like I was trying to do some docker commands in the terminal - it asks for a password. Other commands work fine (for instance the du command, it doesn't ask for a password).

I guess my main question now is... there are some things that I seem to just NOT be able to do. There's a config file that I can't edit, a text file ending in .conf. I click on it in the ui, it opens up xed, and the save button is disabled. There's no option to enter a password for appropriate permissions. How would I go about actually editing this config file? Is there a way to open up the xed program with all permissions? When I go to the properties of the file and go to permissions, it says the owner is root.

Code: Select all

System:
  Kernel: 5.15.0-41-generic x86_64 bits: 64 compiler: gcc v: 11.2.0 Desktop: Cinnamon 5.4.8
    tk: GTK 3.24.33 wm: Mutter dm: LightDM Distro: Linux Mint 21 Vanessa base: Ubuntu 22.04 jammy
Machine:
  Type: Laptop System: Dell product: XPS 13 9360 v: N/A serial: <superuser required> Chassis:
    type: 9 serial: <superuser required>
  Mobo: Dell model: 0PF86Y v: A00 serial: <superuser required> UEFI: Dell v: 2.10.0
    date: 09/27/2018
Battery:
  ID-1: BAT0 charge: 41.0 Wh (100.0%) condition: 41.0/60.0 Wh (68.4%) volts: 8.5 min: 7.6
    model: SMP DELL TP1GT61 serial: <filter> status: Full
CPU:
  Info: dual core model: Intel Core i7-7560U bits: 64 type: MT MCP arch: Amber/Kaby Lake
    note: check rev: 9 cache: L1: 128 KiB L2: 512 KiB L3: 4 MiB
  Speed (MHz): avg: 3705 high: 3715 min/max: 400/3800 cores: 1: 3707 2: 3715 3: 3700 4: 3700
    bogomips: 19200
  Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx
Graphics:
  Device-1: Intel Iris Plus Graphics 640 vendor: Dell driver: i915 v: kernel ports: active: eDP-1
    empty: DP-1,DP-2 bus-ID: 00:02.0 chip-ID: 8086:5926
  Device-2: Microdia Integrated Webcam HD type: USB driver: uvcvideo bus-ID: 1-5:4
    chip-ID: 0c45:670c
  Display: x11 server: X.Org v: 1.21.1.3 driver: X: loaded: modesetting unloaded: fbdev,vesa
    gpu: i915 display-ID: :0 screens: 1
  Screen-1: 0 s-res: 3200x1800 s-dpi: 96
  Monitor-1: eDP-1 model: Sharp res: 3200x1800 dpi: 276 diag: 337mm (13.3")
  OpenGL: renderer: Mesa Intel Iris Plus Graphics 640 (Kaby Lake GT3e) (KBL GT3)
    v: 4.6 Mesa 22.0.1 direct render: Yes
Audio:
  Device-1: Intel Sunrise Point-LP HD Audio vendor: Dell driver: snd_hda_intel v: kernel
    bus-ID: 00:1f.3 chip-ID: 8086:9d71
  Sound Server-1: ALSA v: k5.15.0-41-generic running: yes
  Sound Server-2: PulseAudio v: 15.99.1 running: yes
  Sound Server-3: PipeWire v: 0.3.48 running: yes
Network:
  Device-1: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter
    vendor: Rivet Networks Killer Wireless-n/a/ac 1535 driver: ath10k_pci v: kernel pcie:
    speed: 2.5 GT/s lanes: 1 bus-ID: 3a:00.0 chip-ID: 168c:003e
  IF: wlp58s0 state: up mac: <filter>
  IF-ID-1: br-a008f7344227 state: up speed: 10000 Mbps duplex: unknown mac: <filter>
  IF-ID-2: docker0 state: down mac: <filter>
  IF-ID-3: veth146d09a state: up speed: 10000 Mbps duplex: full mac: <filter>
  IF-ID-4: veth6d82c51 state: up speed: 10000 Mbps duplex: full mac: <filter>
  IF-ID-5: veth82297eb state: up speed: 10000 Mbps duplex: full mac: <filter>
  IF-ID-6: veth8ac8641 state: up speed: 10000 Mbps duplex: full mac: <filter>
  IF-ID-7: veth8da65fd state: up speed: 10000 Mbps duplex: full mac: <filter>
  IF-ID-8: veth8dbfa6f state: up speed: 10000 Mbps duplex: full mac: <filter>
  IF-ID-9: vethaa4f060 state: up speed: 10000 Mbps duplex: full mac: <filter>
  IF-ID-10: vethb2b7efd state: up speed: 10000 Mbps duplex: full mac: <filter>
  IF-ID-11: vethcd1e0ad state: up speed: 10000 Mbps duplex: full mac: <filter>
  IF-ID-12: vethed60b1f state: up speed: 10000 Mbps duplex: full mac: <filter>
Bluetooth:
  Device-1: Qualcomm Atheros type: USB driver: btusb v: 0.8 bus-ID: 1-3:2 chip-ID: 0cf3:e301
  Report: hciconfig ID: hci0 rfk-id: 0 state: up address: <filter> bt-v: 2.1 lmp-v: 4.2
    sub-v: 25a
Drives:
  Local Storage: total: 476.94 GiB used: 95.42 GiB (20.0%)
  ID-1: /dev/nvme0n1 vendor: Micron model: PC300 NVMe SK hynix 512GB size: 476.94 GiB
    speed: 31.6 Gb/s lanes: 4 serial: <filter> temp: 49.9 C
Partition:
  ID-1: / size: 467.89 GiB used: 95.41 GiB (20.4%) fs: ext4 dev: /dev/nvme0n1p2
  ID-2: /boot/efi size: 511 MiB used: 5.2 MiB (1.0%) fs: vfat dev: /dev/nvme0n1p1
Swap:
  ID-1: swap-1 type: file size: 2 GiB used: 1.97 GiB (98.5%) priority: -2 file: /swapfile
USB:
  Hub-1: 1-0:1 info: Hi-speed hub with single TT ports: 12 rev: 2.0 speed: 480 Mb/s
    chip-ID: 1d6b:0002
  Device-1: 1-3:2 info: Qualcomm Atheros type: Bluetooth driver: btusb rev: 2.0 speed: 12 Mb/s
    chip-ID: 0cf3:e301
  Device-2: 1-4:3 info: Elan Micro Touchscreen type: HID driver: hid-multitouch,usbhid rev: 2.0
    speed: 12 Mb/s chip-ID: 04f3:20d0
  Device-3: 1-5:4 info: Microdia Integrated Webcam HD type: Video driver: uvcvideo rev: 2.0
    speed: 480 Mb/s chip-ID: 0c45:670c
  Hub-2: 2-0:1 info: Super-speed hub ports: 6 rev: 3.0 speed: 5 Gb/s chip-ID: 1d6b:0003
Sensors:
  System Temperatures: cpu: 91.0 C pch: 68.0 C mobo: 53.0 C sodimm: SODIMM C
  Fan Speeds (RPM): cpu: 4408
Repos:
  Packages: apt: 2122
  No active apt repos in: /etc/apt/sources.list
  Active apt repos in: /etc/apt/sources.list.d/brave-browser-release.list
    1: deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] https: //brave-browser-apt-release.s3.brave.com/ stable main
  Active apt repos in: /etc/apt/sources.list.d/docker.list
    1: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https: //download.docker.com/linux/debian bookworm stable
  Active apt repos in: /etc/apt/sources.list.d/official-package-repositories.list
    1: deb http: //packages.linuxmint.com vanessa main upstream import backport
    2: deb http: //archive.ubuntu.com/ubuntu jammy main restricted universe multiverse
    3: deb http: //archive.ubuntu.com/ubuntu jammy-updates main restricted universe multiverse
    4: deb http: //archive.ubuntu.com/ubuntu jammy-backports main restricted universe multiverse
    5: deb http: //security.ubuntu.com/ubuntu/ jammy-security main restricted universe multiverse
Info:
  Processes: 316 Uptime: 20h 54m Memory: 15.36 GiB used: 7.84 GiB (51.0%) Init: systemd v: 249
  runlevel: 5 Compilers: gcc: 11.3.0 alt: 11 Client: Unknown python3.10 client inxi: 3.3.13

[Cosmo.]

There's a config file that I can't edit, a text file ending in .conf.... When I go to the properties of the file and go to permissions, it says the owner is root.

"There's" is not a helpful description, we need the complete path name. E.g. /foldername/filename.
But one thing is already clear: If the owner is root, you can normally not edit it. I want to answer the question, how to, after I know, about which file we are talking.

[motoryzen]

Cosmo made a reasonable point, but i'm not trying to tag team against ya though.

There's a config file that I can't edit

Usually if there is a file you can't edit..it requires using " sudo "

Meaning if you're launching the editing program ( in my case I use gedit ) to auto open the file and get to work editing it...within terminal..you'll need to do something like this.

sudo gedit /path/to/nameofconfigfile.cfg for one example.

[Cosmo.]

The example has 2 problems:

1. Gedit does not exist in any supported Mint version. This is the good news, because #2 does in this case not give a problem.

2. Never launch any graphical program via sudo (even if advised so), this will likely create more trouble, than the user has before.
One reason, why I want to know at first the path name is the possibility, that the file resides inside user's home and that the permissions are already defective because of such advises. It is not the sense of elevated rights to preserve possibly damaged systems. Look at the title of the thread.

[rickNS]

Allow for short passwords:
viewtopic.php?p=2116323#p2116323

Just saying none of that is necessary to change to a short password, just use sudo, and you can set a 2 character password if you like, maybe even one character, but never tried.
sudo passwd $USER

[zcot]

It doesn't seem like permissions are messed up to me. That seems normal from what I can tell.

You have autologin turned on, -this way you do not have to type a password initially to log into the system. However, a consequence of that is that the password keyring is not unlocked when you login(it IS unlocked at that time when you are not using autologin), -they have done this on purpose because otherwise all passwords could be in a compromising position while you are using autologin, any random idiot could walk up to your computer and have access to your entire keyring otherwise(which typically does not require a password in an actual authenticated session), -the idea is if you boot the system and authenticate then you are monitoring the session, whereas otherwise at other time someone could just boot your system without you around and instead of being prompted to login they are magically sent directly into your desktop personal space.

There is a fix for your situation in regards to that, but I will skip that discussion for the moment. (here is a discussion when it is usually related to chrome or chromium browser, although there are various other programs that will have this kind of complaint so the solution will be modified to the particular program in question: viewtopic.php?t=326556 the particular relevant keyring entry for that program, -unless whatever program actually doesn't allow you to go passwordless but that becomes a a full discussion as needed)

As for being required to authenticate when doing any system-changing activities, this is very normal. But there is a "fix"(call it a fix, but it's an off-the-path modification, not common, and frowned upon, but doable). The idea is that you could go to a website that might have some scripting magic and try to make calls against your system, or you have a browser extension then you've given access, or you have an open connection enough for a user to try to connect directly to your box, and in the end when you just leave a system "passwordless" then this is same effect as potentially giving any of those actors full system rights on your stuff. The "fix" here, and I will say that is it in contrast to what you suggested as far as logging on as a full superuser with all privileges, frowned-upon, is to modify the list of required authentication points(most but not all) so then you are just allowed to run those programs using your admin user as is. You will have to take a check with rene's solution: viewtopic.php?p=2054678#p2054678

rene's solution will go a long way, but there are still places when you would have the authentication requirement, such as some terminal commands that would typically require sudo for access anyway, however you just go ahead and type the leading sudo command but then there is no password prompt anyway after that(as there typically would be). Or you can jump into an interactive root context and not need the leading sudo, -let's say you are getting ready to have to type a bunch of commands in a row.

Moving on. For editing a system file, it's very normal to have to authenticate for that. If you just "open up the system" then anybody, not you, at any time, can do whatever they want with your stuff, and I don't mean someone hiding in your closet basement waiting for you to walk into the kitchen for popcorn, I'm talking about the internet. There are various methods to accomplish this, and even though there's a suggestion above, there's also a number of very well accepted methods. I will give a synopsis but you can dig down into the dirty details if you want to understand better by checking that thread: viewtopic.php?t=268140

So the methods are any of these, not all especially equal, terminal commands:
sudoedit /some/file/config (will default to nano, equal as this next command below, but less typing)
sudo nano /some/file/config
xed admin:///some/file/config (typical solution, no configuration required, easy to remember gvfs provides "admin://" interaction)
pkexec xed /some/file/config (this requires you to create a polkit file for xed: https://github.com/linuxmint/xed/issues/238 )
-ps. as you see the first one is the least amount of typing(and you can auto-complete that command anyway, as well as the path/file so pretty easy in the long run. The only caveat to that is that you would want to set the SUDOEDIT system variable so that it will use Xed nicely if you want that GUI experience.

ON THIS IDEA you could instead set a custom action in the File Manager to set up one of these commands instead of having to go to terminal. Follow along here:
The end result, you have to right click a system file you want to edit, then select the xed administrator option.

do it like this, go to a system file, right click and select "open with" and then "other applications".
--><-- see image here

now go the second picture on that page, and you will fill in at the bottom for the command: xed admin://%f then you click the "add to list" button.

Now you will be able to edit a system file by right clicking and select that "xed" entry, it will be as shown in the first picture.

If you couple multiple of these solutions or fixes then you are basically almost set up to be near a no-password-required setup.

[rickNS]

EDIT, misunderstanding on my part.

[Cosmo.]

available is something different to installed by default. And the above advice regarding gedit did nowhere mention, that gedit has to get installed at first. But again: Without the information, that gedit must at first get installed (what a nonsense, as no gedit specific function is anywhere asked) the main mistake in the said advice cannot do much harm. BTW: Do you get the idea to install (or give advice to install) another terminal, if you do only want to do anything, what with the default terminal can be done equally well?

[rickNS]

To answer that, No, I do not install extra terminal, or text editors.

EDIT to add, I apologize, I did not correctly get your meaning, of "exist", (as in a default application.) And I guess all a tad off topic anyway, so apology to the OP as well.