FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 09-24-2010, 03:41 AM
rikona
 
Default user(s) question

When I set up Ub, it asked for a user name. It seems that that user
has su privileges. I'd like to use that name as a non-su user for
normal logins. If it was RRR, can I change it to RRRadmin, for
example, keeping the same UserID and privileges, and add another
non-su user named RRR? Or - is it better to just add RRRadmin as
administrator, and set RRR as a normal user?

I assume RRR is not root, but it didn't ask for a root pw. [Also, I
have a rtkit group - I hope it's not what it sounds like... :-) ]

RRR would have a modest, but pretty good password, and RRRadmin would
have a very good pw - but - not one I'd like to have to keep entering
with lots of sudo's. Is there a way, while logged on as RRR, to fire
up a terminal as RRRadmin, become su, do the tasks as needed, and exit
terminal?

I copied about 200+G of files to the new Ub, and added an old 1T data
disk, but they had the old UserID from Mandriva [but the same RRR
name]. In trying to reset them[with sudo], I got a 'can't do it' msg
for some files. Is there a way to ID which files have a 'strange' ID
that I can't change in a mass-change operation, or something that
would force the change anyway?

Thanks,

rikona


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-24-2010, 06:09 AM
sdavmor
 
Default user(s) question

On 09/23/2010 08:41 PM, rikona wrote:
> When I set up Ub, it asked for a user name. It seems that that
> user has su privileges. I'd like to use that name as a non-su user
> for normal logins. If it was RRR, can I change it to RRRadmin, for
> example, keeping the same UserID and privileges, and add another
> non-su user named RRR? Or - is it better to just add RRRadmin as
> administrator, and set RRR as a normal user?
>
> I assume RRR is not root, but it didn't ask for a root pw. [Also,
> I have a rtkit group - I hope it's not what it sounds like... :-)
> ]
>
> RRR would have a modest, but pretty good password, and RRRadmin
> would have a very good pw - but - not one I'd like to have to keep
> entering with lots of sudo's. Is there a way, while logged on as
> RRR, to fire up a terminal as RRRadmin, become su, do the tasks as
> needed, and exit terminal?

Go to System --> Preferences --> Main Menu. Under System Tools
activate (check) the Root Terminal. Close the menu, and you're in
business.

> I copied about 200+G of files to the new Ub, and added an old 1T
> data disk, but they had the old UserID from Mandriva [but the same
> RRR name]. In trying to reset them[with sudo], I got a 'can't do
> it' msg for some files. Is there a way to ID which files have a
> 'strange' ID that I can't change in a mass-change operation, or
> something that would force the change anyway?
>
> Thanks,
>
> rikona
--
Cheers, SDM -- a 21st Century Schizoid Man
Systems Theory project website: http://systemstheory.net
find us on MySpace, GarageBand, Reverb Nation, Last FM, CDBaby
free MP3s of Systems Theory, Mike Dickson & Greg Amov music at
http://mikedickson.org.uk

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-24-2010, 11:48 AM
Nils Kassube
 
Default user(s) question

rikona wrote:
> When I set up Ub, it asked for a user name. It seems that that user
> has su privileges.

More precisely sudo privileges because the root account is locked and
only sudo works. The initial user created during the installation is
member of the admin group and can use sudo to gain root privilege. All
users created later don't have that privilege as default.

> I'd like to use that name as a non-su user for
> normal logins. If it was RRR, can I change it to RRRadmin, for
> example, keeping the same UserID and privileges, and add another
> non-su user named RRR? Or - is it better to just add RRRadmin as
> administrator, and set RRR as a normal user?

I would create a second user and add that user to the admin group. After
that, check if you can use sudo from that new account. If it works,
remove the initial user from the admin group.

> I assume RRR is not root, but it didn't ask for a root pw. [Also, I
> have a rtkit group - I hope it's not what it sounds like... :-) ]

No, the initial user is not root but a normal user who can use the sudo
command to gain root access. See [1] for more information about the use
of sudo / root with Ubuntu. I suppose the rtkit group is used by the
package with the same name …

> RRR would have a modest, but pretty good password, and RRRadmin would
> have a very good pw - but - not one I'd like to have to keep entering
> with lots of sudo's. Is there a way, while logged on as RRR, to fire
> up a terminal as RRRadmin, become su, do the tasks as needed, and
> exit terminal?

You can use the command "sudo su" in a terminal to get a root shell. But
didn't you get the password strength wrong? IMHO my personal files are
much more worth than the system files. A theoretical virus could do
nearly as many bad things if it runs as a normal user - it could wipe my
personal files even without root privilege. It is no big deal to
reinstall the system if is compromised but it is much more work to
restore the personal data. Therefore I think, the password for the
normal user should be as strong as the password for the account with
root access.

> I copied about 200+G of files to the new Ub, and added an old 1T data
> disk, but they had the old UserID from Mandriva [but the same RRR
> name]. In trying to reset them[with sudo], I got a 'can't do it' msg
> for some files. Is there a way to ID which files have a 'strange' ID
> that I can't change in a mass-change operation, or something that
> would force the change anyway?

I suppose you used a command like

sudo chown -R $USER: /path/to/the/data/

and that gave the error? Well, you could search for files not belonging
to any known account with the command

find /path/to/the/data/ -nouser -exec ls -l {} ;


Nils

[1] <https://help.ubuntu.com/community/RootSudo>

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-24-2010, 09:33 PM
rikona
 
Default user(s) question

Thursday, September 23, 2010, 11:09:10 PM, sdavmor wrote:

s> On 09/23/2010 08:41 PM, rikona wrote:
>> When I set up Ub, it asked for a user name. It seems that that
>> user has su privileges. I'd like to use that name as a non-su user
>> for normal logins. If it was RRR, can I change it to RRRadmin, for
>> example, keeping the same UserID and privileges, and add another
>> non-su user named RRR? Or - is it better to just add RRRadmin as
>> administrator, and set RRR as a normal user?
>>
>> I assume RRR is not root, but it didn't ask for a root pw. [Also,
>> I have a rtkit group - I hope it's not what it sounds like... :-)
>> ]
>>
>> RRR would have a modest, but pretty good password, and RRRadmin
>> would have a very good pw - but - not one I'd like to have to keep
>> entering with lots of sudo's. Is there a way, while logged on as
>> RRR, to fire up a terminal as RRRadmin, become su, do the tasks as
>> needed, and exit terminal?

Go to System -->> Preferences --> Main Menu. Under System Tools
s> activate (check) the Root Terminal. Close the menu, and you're in
s> business.

Thanks much! Looks like I'm not the only one who likes that. :-) It's
interesting to get a 'root' terminal, from which I presumably can do
anything, by entering a non-root password. Seems a bit odd...

--

rikona


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-24-2010, 09:33 PM
rikona
 
Default user(s) question

First, thanks for the VERY informative post. I've not used sudo
before, and am getting used to it. I rearranged the order of your
email because of what I did - it answered a few questions for me. I'll
put the info below in case it helps others.

Friday, September 24, 2010, 4:48:10 AM, Nils wrote:

NK> I would create a second user and add that user to the admin group.

Tried that. When I first ran that account, it suggested looking at man
sudo_root for more info. A good man page that answered some questions
I had.

NK> [1] <https://help.ubuntu.com/community/RootSudo>

That was also very good. Thanks. Interestingly, it is not the first
thing that comes up in a search of ub help. They're right about their
comment 'Ubuntu is a big place'. :-)

NK> After that, check if you can use sudo from that new account.

You can, and sudo is still the only way admin can do things, if you
follow their recommendations.

NK> If it works, remove the initial user from the admin group.

Still need to learn more to feel confident...

>> When I set up Ub, it asked for a user name. It seems that that user
>> has su privileges.

NK> More precisely sudo privileges because the root account is locked
NK> and only sudo works.

True for all added accounts, even admin. I learned it is possible to
set a password for root and then log in as root, but it is not
recommended. I'll defer that and see how I like sudo...

NK> The initial user created during the installation is member of the
NK> admin group and can use sudo to gain root privilege.

That seems to be the result of having 'administer the system' checked
for that user, but I wonder if it could also be done by putting that
user in the admin group? He seems to have 'custom' and not full
'admin' privileges.

NK> All users created later don't have that privilege as default.

I'm wondering if user 1000 might have special hard-coded privileges
that any other user can not have. If so, I might not want to remove
it.

>> I'd like to use that name as a non-su user for normal logins. If it
>> was RRR, can I change it to RRRadmin, for example, keeping the same
>> UserID and privileges, and add another non-su user named RRR? Or -
>> is it better to just add RRRadmin as administrator, and set RRR as
>> a normal user?

>> I assume RRR is not root, but it didn't ask for a root pw. [Also, I
>> have a rtkit group - I hope it's not what it sounds like... :-) ]

NK> I suppose the rtkit group is used by the package with the same
NK> name …

It sounded like rootkit - a bit worrisome. :-) Apparently to many
others too - there were LOTS of folks asking about it on the net. It's
a realtimekit, a kernel hack apparently for pulse. Might be good to
find a less worrisome name, though... :-)

>> RRR would have a modest, but pretty good password, and RRRadmin would
>> have a very good pw - but - not one I'd like to have to keep entering
>> with lots of sudo's. Is there a way, while logged on as RRR, to fire
>> up a terminal as RRRadmin, become su, do the tasks as needed, and
>> exit terminal?

NK> You can use the command "sudo su" in a terminal to get a root shell.

True, and there was also a way suggested to get it from the menu,
which I implemented. Neither is recommended.

NK> But didn't you get the password strength wrong? IMHO my personal
NK> files are much more worth than the system files.

Agree totally!

NK> A theoretical virus could do nearly as many bad things if it runs
NK> as a normal user - it could wipe my personal files even without
NK> root privilege. It is no big deal to reinstall the system if is
NK> compromised but it is much more work to restore the personal data.

Agreed. I use frequent backups as an alternate, and the user pw is not
that bad. [and, no, I often don't do it as much as I should... :-) ]

NK> Therefore I think, the password for the normal user should be as
NK> strong as the password for the account with root access.

My worry re root is a rootkit, etc, that requires that privilege,
although with a user able to sudo, it's likely to be just as bad. I'd
probably run as a non-sudo user for security. My root usually has a
long, complex pw. If my regular account can use sudo, I agree it would
also need a very good pw.

>> I copied about 200+G of files to the new Ub, and added an old 1T data
>> disk, but they had the old UserID from Mandriva [but the same RRR
>> name]. In trying to reset them[with sudo], I got a 'can't do it' msg
>> for some files. Is there a way to ID which files have a 'strange' ID
>> that I can't change in a mass-change operation, or something that
>> would force the change anyway?

NK> I suppose you used a command like

Actually, I didn't. I used sudo konq/dolph, and tried to set it from
there.

NK> sudo chown -R $USER: /path/to/the/data/

Tried that instead, and didn't get an error [which, I presume, it
would show if it happened]. Looks like it was something the file
browser didn't like.

NK> Well, you could search for files not belonging to any known
NK> account with the command

NK> find /path/to/the/data/ -nouser -exec ls -l {} ;

Might try this to be sure.

Thanks VERY much!

--

rikona


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-25-2010, 06:18 AM
Nils Kassube
 
Default user(s) question

rikona wrote:
> Friday, September 24, 2010, 4:48:10 AM, Nils wrote:
> NK> The initial user created during the installation is member of the
> NK> admin group and can use sudo to gain root privilege.
>
> That seems to be the result of having 'administer the system' checked
> for that user, but I wonder if it could also be done by putting that
> user in the admin group? He seems to have 'custom' and not full
> 'admin' privileges.

I suppose you mean in systemsettings …
The option 'administer the system' selects the "adm" group but not the
"admin" group on my machine. I'm not sure if that is the designated
function but I would have expected that the "admin" group would be
selected as well. Anyway, the "adm" group is used to give you access to
log files. I have no idea what else it is good for.

> NK> All users created later don't have that privilege as default.
>
> I'm wondering if user 1000 might have special hard-coded privileges
> that any other user can not have. If so, I might not want to remove
> it.

No, nothing is hardcoded for UID 1000 (AFAIK).

> >> I assume RRR is not root, but it didn't ask for a root pw. [Also,
> >> I have a rtkit group - I hope it's not what it sounds like... :-)
> >> ]
>
> NK> I suppose the rtkit group is used by the package with the same
> NK> name …
>
> It sounded like rootkit - a bit worrisome. :-) Apparently to many
> others too - there were LOTS of folks asking about it on the net.
> It's a realtimekit, a kernel hack apparently for pulse. Might be
> good to find a less worrisome name, though... :-)

I don't think a real rootkit would create a group with a worrisome name.
You don't need other groups if you already have root access. And a
rootkit wants to hide itself from the system owner and not wave a big
poster "your machine is infected by a rootkit".

> NK> A theoretical virus could do nearly as many bad things if it runs
> NK> as a normal user - it could wipe my personal files even without
> NK> root privilege. It is no big deal to reinstall the system if is
> NK> compromised but it is much more work to restore the personal
> data.
>
> Agreed. I use frequent backups as an alternate, and the user pw is
> not that bad. [and, no, I often don't do it as much as I should...
> :-) ]

Don't tell me - I'm also guilty of not doing backups as frequently as I
should. And that's why I wrote "it is much more work to restore the
personal data".

> >> I copied about 200+G of files to the new Ub, and added an old 1T
> >> data disk, but they had the old UserID from Mandriva [but the
> >> same RRR name]. In trying to reset them[with sudo], I got a
> >> 'can't do it' msg for some files. Is there a way to ID which
> >> files have a 'strange' ID that I can't change in a mass-change
> >> operation, or something that would force the change anyway?
>
> NK> I suppose you used a command like
>
> Actually, I didn't. I used sudo konq/dolph, and tried to set it from
> there.

Better don't do that - if you really want to use the file manager as
root, you'd better use kdesudo instead. With sudo you have the problem
that your $HOME is preserved and any config files get owned by root if
you change settings. You will only notice much later that you can't
change some settings which is difficult to understand then. So the rule
is, use kdesudo (or gksu for gnome) for graphical applications and sudo
for the command line. If you unintentionally changed some settings as
root, you'd better run the command

sudo chown -R $USER: $HOME

to make yourself again owner of all files in your $HOME directory tree.



Nils

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-25-2010, 06:49 PM
Tom H
 
Default user(s) question

On Thu, Sep 23, 2010 at 11:41 PM, rikona <rikona@sonic.net> wrote:
>
> When I set up Ub, it asked for a user name. It seems that that user
> has su privileges. I'd like to use that name as a non-su user for
> normal logins. If it was RRR, can I change it to RRRadmin, for
> example, keeping the same UserID and privileges, and add another
> non-su user named RRR? Or - is it better to just add RRRadmin as
> administrator, and set RRR as a normal user?
>
> I assume RRR is not root, but it didn't ask for a root pw. [Also, I
> have a rtkit group - I hope it's not what it sounds like... :-) ]
>
> RRR would have a modest, but pretty good password, and RRRadmin would
> have a very good pw - but - not one I'd like to have to keep entering
> with lots of sudo's. Is there a way, while logged on as RRR, to fire
> up a terminal as RRRadmin, become su, do the tasks as needed, and exit
> terminal?
>
> I copied about 200+G of files to the new Ub, and added an old 1T data
> disk, but they had the old UserID from Mandriva [but the same RRR
> name]. In trying to reset them[with sudo], I got a 'can't do it' msg
> for some files. Is there a way to ID which files have a 'strange' ID
> that I can't change in a mass-change operation, or something that
> would force the change anyway?

There are no usable su-to-root rights on a default Ubuntu install.
root is disabled by default and the first user who is set up (at
install time) has full admin rights by default (or as full as you can
get without being root).

There was a recent thread about renaming a user where, I think, the
conclusion was that you had to enable root temporarily and boot into
runlevel 1 in order to rename a user (or at least the first admin
user).

So you can enable root, boot into runlevel 1, rename RRR to RRRadmin,
reboot, disbale root, and create a non-admin RRR.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-25-2010, 06:51 PM
Tom H
 
Default user(s) question

On Fri, Sep 24, 2010 at 7:48 AM, Nils Kassube <kassube@gmx.net> wrote:
> rikona wrote:
>
> You can use the command "sudo su" in a terminal to get a root shell.

sudo -s == sudo su

sudo -i == sudo su -

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-25-2010, 07:08 PM
C de-Avillez
 
Default user(s) question

On Sat, 25 Sep 2010 14:49:13 -0400
Tom H <tomh0665@gmail.com> wrote:

> So you can enable root, boot into runlevel 1, rename RRR to RRRadmin,
> reboot, disbale root, and create a non-admin RRR.

Why not just boot into recovery mode (from the grub menu)?

* if there is a valid root password, you will be prompted for it, and
put into a shell
* if root is set as the default Ubuntu, you will be put into a shell
(equivalent to run level 1).

Of course, if you have a system with multiple filesystems, they will
not be mounted (you are at run level 1, after all). But / will be
there.

Cheers,

--
C de-Avillez
IRC: hggdh

This email (and any attachments) is digitally signed using GNUpg
(http://gnupg.org). The public key is available at http://pgp.mit.edu.
The key Id is 0xD3133E56.
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 09-25-2010, 10:56 PM
Tom H
 
Default user(s) question

On Sat, Sep 25, 2010 at 3:08 PM, C de-Avillez <hggdh2@ubuntu.com> wrote:
> On Sat, 25 Sep 2010 14:49:13 -0400
> Tom H <tomh0665@gmail.com> wrote:
>
>> So you can enable root, boot into runlevel 1, rename RRR to RRRadmin,
>> reboot, disbale root, and create a non-admin RRR.
>
> Why not just boot into recovery mode (from the grub menu)?
>
> * if there is a valid root password, you will be prompted for it, and
> *put into a shell
> * if root is set as the default Ubuntu, you will be put into a shell
> *(equivalent to run level 1).

I refer you to the earlier thread (of this month, started by NoOp)
where this didn't work without enabling root, AFAIR.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 07:31 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org