I am aware of the fact that it is considered unadvisable to log in as root. However, my system currently won't let me, which is extremely irritating especially since I have no idea why. I saw it mentioned somewhere that this sometimes happens when you switch from using Gnome to using KDE which I did, but I am relatively certain that I logged in as root several times after I did that. Can anyone help me fix this?
So why is it a bad idea to log in as root? And why is using su any better?
Full Version: Root login disabled
[quote]
So why is it a bad idea to log in as root? And why is using su any better?
[/quote]
Being logged in as root means that *every* process you run is being run as root. A hijacking of any of those processes could give an attacker or even a faulty process access to system files that could not happen as a "normal" user. Another reason to not log in as root normally is that you have protection from your own possible errors damaging the system.
[quote]
However, my system currently won't let me[log in as root], which is extremely irritating especially since I have no idea why
[/quote]
Maybe your system has been cracked. I've never heard of this happening because of changing your desktop environment, though it might be possible. Crackers will sometimes disable your root password and substitute one of theirs giving them full control of your system and locking you out.
[quote]
Can anyone help me fix this?
[/quote]
You can reset your root password by booting into single user mode and using the passwd command. At the grub splash screen, select the kernel you want to boot into, type the letter "a" and then the word single. After the computer has booted, use the "passwd" command to reset root's password. Then do a system check (tripwire? chkrootkit? whatever you have installed to be certain that the system has not been cracked.
Jim
So why is it a bad idea to log in as root? And why is using su any better?
[/quote]
Being logged in as root means that *every* process you run is being run as root. A hijacking of any of those processes could give an attacker or even a faulty process access to system files that could not happen as a "normal" user. Another reason to not log in as root normally is that you have protection from your own possible errors damaging the system.
[quote]
However, my system currently won't let me[log in as root], which is extremely irritating especially since I have no idea why
[/quote]
Maybe your system has been cracked. I've never heard of this happening because of changing your desktop environment, though it might be possible. Crackers will sometimes disable your root password and substitute one of theirs giving them full control of your system and locking you out.
[quote]
Can anyone help me fix this?
[/quote]
You can reset your root password by booting into single user mode and using the passwd command. At the grub splash screen, select the kernel you want to boot into, type the letter "a" and then the word single. After the computer has booted, use the "passwd" command to reset root's password. Then do a system check (tripwire? chkrootkit? whatever you have installed to be certain that the system has not been cracked.
Jim
QUOTE
Maybe your system has been cracked. I've never heard of this happening because of changing your desktop environment, though it might be possible. Crackers will sometimes disable your root password and substitute one of theirs giving them full control of your system and locking you out.
Allow me to clarify; I have the correct password. I can even change the password and log in to su mode in a console, but KDE and Gnome tell me "Root Logins are not allowed" when I try to use them to log in to the GUI.
Thanks for the assistance.
In that case your login manager is protecting you from yourself by disabling GUI root logins. As root you can do anything. If you want proof (and are marginally less intelligent than I am willing to ive you credit for) run "rm -R /" as a normal user and then as root, You will quickly see how even a simple command as root can destroy your entire system.
GUI tools are easier to make mistakes in than if you have to type everything. A text interface also only lets you do one thing at once making it far more likely that you will notice a mistake and just issue the right command in general.
Sometimes you cant get around being root though, and that is when you use su. With su, only the single process has root permissions so you open your system up to far less potential mistakes. You also only have the root acccess when you specifically need it which is obivosuly less riky than having it all the time. Psychologiclaly, you are also less likely to get complacent when you specifically have to enable the extra permissions.
D
GUI tools are easier to make mistakes in than if you have to type everything. A text interface also only lets you do one thing at once making it far more likely that you will notice a mistake and just issue the right command in general.
Sometimes you cant get around being root though, and that is when you use su. With su, only the single process has root permissions so you open your system up to far less potential mistakes. You also only have the root acccess when you specifically need it which is obivosuly less riky than having it all the time. Psychologiclaly, you are also less likely to get complacent when you specifically have to enable the extra permissions.
D
[quote]
If you want proof (and are marginally less intelligent than I am willing to give you credit for) run "rm -R /" as a normal user and then as root, You will quickly see how even a simple command as root can destroy your entire system.
[/quote]
Thanks for the backhanded compliment.
[quote]
GUI tools are easier to make mistakes in than if you have to type everything. A text interface also only lets you do one thing at once making it far more likely that you will notice a mistake and just issue the right command in general.
[/quote]
Okay, makes sense.
[quote]
Sometimes you cant get around being root though, and that is when you use su. With su, only the single process has root permissions so you open your system up to far less potential mistakes. You also only have the root acccess when you specifically need it which is obivosuly less risky than having it all the time. Psychologiclaly, you are also less likely to get complacent when you specifically have to enable the extra permissions.
D
[/quote]
Okay, I guess with that explanation I get it - but really - I don't want to be protected from myself.
Especially without me giving my direct permission for the protection. I suppose it's possible that I inadvertantly did, but I cannot figure out how to remove the unwanted protection. Do you know how I might manage this? I might switch it back later, but right now I really want to find out how to make this choice for myself.
I finally did what should have been obvious to me and went to the KDE website to check on this. I found out that what I needed was in the kdmrc file... I had actually found that before, but was uncertain of the info and unable to locate it anyway. This time thanks to what I found on the KDE website I had somewhere to start looking. I found the file at /etc/kde/kdm/kdmrc. I changed allowRootLogin from false to true. Unfortunately it still won't let me log in as root...
ideas?
Oh, and thank you very much for the explanation. It really did help me understand.
If you want proof (and are marginally less intelligent than I am willing to give you credit for) run "rm -R /" as a normal user and then as root, You will quickly see how even a simple command as root can destroy your entire system.
[/quote]
Thanks for the backhanded compliment.
[quote]
GUI tools are easier to make mistakes in than if you have to type everything. A text interface also only lets you do one thing at once making it far more likely that you will notice a mistake and just issue the right command in general.
[/quote]
Okay, makes sense.
[quote]
Sometimes you cant get around being root though, and that is when you use su. With su, only the single process has root permissions so you open your system up to far less potential mistakes. You also only have the root acccess when you specifically need it which is obivosuly less risky than having it all the time. Psychologiclaly, you are also less likely to get complacent when you specifically have to enable the extra permissions.
D
[/quote]
Okay, I guess with that explanation I get it - but really - I don't want to be protected from myself.
Especially without me giving my direct permission for the protection. I suppose it's possible that I inadvertantly did, but I cannot figure out how to remove the unwanted protection. Do you know how I might manage this? I might switch it back later, but right now I really want to find out how to make this choice for myself. I finally did what should have been obvious to me and went to the KDE website to check on this. I found out that what I needed was in the kdmrc file... I had actually found that before, but was uncertain of the info and unable to locate it anyway. This time thanks to what I found on the KDE website I had somewhere to start looking. I found the file at /etc/kde/kdm/kdmrc. I changed allowRootLogin from false to true. Unfortunately it still won't let me log in as root...
ideas?Oh, and thank you very much for the explanation. It really did help me understand.
Are you using KDM or GDM? There is a little box in the appropriate config panel that disables root login through them.
(DM = Dsiplay manager and handles graphical logins)
D
(DM = Dsiplay manager and handles graphical logins)
D
Okay, I finally managed to get this (I hadn't worked on it in a while). All I had to do was go into the kdmrc file and change AllowRootLogins=false to AllowRootLogins=true. Of course I had done that before and saved it, but it apparently didn't stick. Anyway, I got it fixed and it will let me log in as root now. I feel much better. 
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.