Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Root login disabled
fullur
post Aug 3 2006, 10:01 PM
Post #1


./configure
***

Group: Members
Posts: 50
Joined: 24-September 05
Member No.: 5,549



I am aware of the fact that it is considered unadvisable to log in as root. However, my system currently won't let me, which is extremely irritating especially since I have no idea why. I saw it mentioned somewhere that this sometimes happens when you switch from using Gnome to using KDE which I did, but I am relatively certain that I logged in as root several times after I did that. Can anyone help me fix this?

So why is it a bad idea to log in as root? And why is using su any better?


--------------------
Fedora Core 5
AMD Athlon XP 2400+
768 MB PC266 RAM
Go to the top of the page
 
+Quote Post
dishawjp
post Aug 4 2006, 12:03 PM
Post #2


./configure
***

Group: Members
Posts: 56
Joined: 8-April 04
Member No.: 2,734



[quote]
So why is it a bad idea to log in as root? And why is using su any better?
[/quote]
Being logged in as root means that *every* process you run is being run as root. A hijacking of any of those processes could give an attacker or even a faulty process access to system files that could not happen as a "normal" user. Another reason to not log in as root normally is that you have protection from your own possible errors damaging the system.
[quote]
However, my system currently won't let me[log in as root], which is extremely irritating especially since I have no idea why
[/quote]
Maybe your system has been cracked. I've never heard of this happening because of changing your desktop environment, though it might be possible. Crackers will sometimes disable your root password and substitute one of theirs giving them full control of your system and locking you out.
[quote]
Can anyone help me fix this?
[/quote]
You can reset your root password by booting into single user mode and using the passwd command. At the grub splash screen, select the kernel you want to boot into, type the letter "a" and then the word single. After the computer has booted, use the "passwd" command to reset root's password. Then do a system check (tripwire? chkrootkit? whatever you have installed to be certain that the system has not been cracked.

Jim


--------------------
Registered Linux User 294493
Go to the top of the page
 
+Quote Post
fullur
post Aug 4 2006, 12:30 PM
Post #3


./configure
***

Group: Members
Posts: 50
Joined: 24-September 05
Member No.: 5,549



QUOTE
Maybe your system has been cracked. I've never heard of this happening because of changing your desktop environment, though it might be possible. Crackers will sometimes disable your root password and substitute one of theirs giving them full control of your system and locking you out.


Allow me to clarify; I have the correct password. I can even change the password and log in to su mode in a console, but KDE and Gnome tell me "Root Logins are not allowed" when I try to use them to log in to the GUI.

Thanks for the assistance.


--------------------
Fedora Core 5
AMD Athlon XP 2400+
768 MB PC266 RAM
Go to the top of the page
 
+Quote Post
DS2K3
post Aug 4 2006, 02:03 PM
Post #4


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,284
Joined: 14-November 04
From: Southampton, Hampshire
Member No.: 4,165



In that case your login manager is protecting you from yourself by disabling GUI root logins. As root you can do anything. If you want proof (and are marginally less intelligent than I am willing to ive you credit for) run "rm -R /" as a normal user and then as root, You will quickly see how even a simple command as root can destroy your entire system.

GUI tools are easier to make mistakes in than if you have to type everything. A text interface also only lets you do one thing at once making it far more likely that you will notice a mistake and just issue the right command in general.

Sometimes you cant get around being root though, and that is when you use su. With su, only the single process has root permissions so you open your system up to far less potential mistakes. You also only have the root acccess when you specifically need it which is obivosuly less riky than having it all the time. Psychologiclaly, you are also less likely to get complacent when you specifically have to enable the extra permissions.

D


--------------------
Fixed your problem? Let us know!
richard@linuxhelp.net

www.Gathr.co.uk Online Event Management
Go to the top of the page
 
+Quote Post
fullur
post Aug 4 2006, 04:15 PM
Post #5


./configure
***

Group: Members
Posts: 50
Joined: 24-September 05
Member No.: 5,549



[quote]
If you want proof (and are marginally less intelligent than I am willing to give you credit for) run "rm -R /" as a normal user and then as root, You will quickly see how even a simple command as root can destroy your entire system.
[/quote]

Thanks for the backhanded compliment. wink.gif

[quote]
GUI tools are easier to make mistakes in than if you have to type everything. A text interface also only lets you do one thing at once making it far more likely that you will notice a mistake and just issue the right command in general.
[/quote]

Okay, makes sense.

[quote]
Sometimes you cant get around being root though, and that is when you use su. With su, only the single process has root permissions so you open your system up to far less potential mistakes. You also only have the root acccess when you specifically need it which is obivosuly less risky than having it all the time. Psychologiclaly, you are also less likely to get complacent when you specifically have to enable the extra permissions.

D
[/quote]

Okay, I guess with that explanation I get it - but really - I don't want to be protected from myself. tongue.gif Especially without me giving my direct permission for the protection. I suppose it's possible that I inadvertantly did, but I cannot figure out how to remove the unwanted protection. Do you know how I might manage this? I might switch it back later, but right now I really want to find out how to make this choice for myself.

I finally did what should have been obvious to me and went to the KDE website to check on this. I found out that what I needed was in the kdmrc file... I had actually found that before, but was uncertain of the info and unable to locate it anyway. This time thanks to what I found on the KDE website I had somewhere to start looking. I found the file at /etc/kde/kdm/kdmrc. I changed allowRootLogin from false to true. Unfortunately it still won't let me log in as root... sad.gif ideas?

Oh, and thank you very much for the explanation. It really did help me understand.


--------------------
Fedora Core 5
AMD Athlon XP 2400+
768 MB PC266 RAM
Go to the top of the page
 
+Quote Post
DS2K3
post Aug 5 2006, 04:30 AM
Post #6


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,284
Joined: 14-November 04
From: Southampton, Hampshire
Member No.: 4,165



Are you using KDM or GDM? There is a little box in the appropriate config panel that disables root login through them.

(DM = Dsiplay manager and handles graphical logins)

D


--------------------
Fixed your problem? Let us know!
richard@linuxhelp.net

www.Gathr.co.uk Online Event Management
Go to the top of the page
 
+Quote Post
fullur
post Aug 19 2006, 01:34 PM
Post #7


./configure
***

Group: Members
Posts: 50
Joined: 24-September 05
Member No.: 5,549



Okay, I finally managed to get this (I hadn't worked on it in a while). All I had to do was go into the kdmrc file and change AllowRootLogins=false to AllowRootLogins=true. Of course I had done that before and saved it, but it apparently didn't stick. Anyway, I got it fixed and it will let me log in as root now. I feel much better. laugh.gif


--------------------
Fedora Core 5
AMD Athlon XP 2400+
768 MB PC266 RAM
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 23rd October 2017 - 01:23 AM