FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 10-02-2012, 04:40 PM
"Lentes, Bernd"
 
Default can't run gnome as root - addition - SOLVED

Jared wrote:

> >
> > why do i have to adapt the OS ? I think the OS should adapt
> to the needs and wishes of the user as far as possible.
>
> It can, it's only limited by what you tell it to do. You are free to
> change any/all of the default options provided by the distribution.
> They are only that, defaults.
>
> > I KNOW that it is not the recommended way to login to X as
> root, but i did it often and never got any problems.
>
> Their defaults are apparently set up differently.
>
> > It's my box, and if i'm making an error, it's my problem.
>
> Correct, that is the luxury of linux.
>
> > The only error i did happened on a terminal, not in a GUI.
> > I'm not used to sudo and all ist friends, and i don't like
> to use it.
>
> Again, this is the default way Ubuntu is set up, feel free to change
> at your whim.
>
> *Snip*
>
> Now, from the brief research I have conducted it is apparently quite
> easy to achieve what you're trying to achieve. I would suggest trying
> the second hit on google [0] and letting us know if there are any
> issues you encounter.
>
> [0]
> http://www.liberiangeek.net/2012/05/login-as-root-in-ubuntu-12
> -04-precise-pangolin/
>
Hi,

thanks, that's it. I found that before while i was googleing, but didn't used it because i didn't use lightdm.
After some hours of searching in the net i decided to install the package ubuntu-desktop, which included lightdm.
I included that line in /etc/lightdm/lighdm.conf, and now it's working fine.

Thanks.


Bernd

Helmholtz Zentrum München
Deutsches Forschungszentrum für Gesundheit und Umwelt (GmbH)
Ingolstädter Landstr. 1
85764 Neuherberg
www.helmholtz-muenchen.de
Aufsichtsratsvorsitzende: MinDir´in Bärbel Brumme-Bothe
Geschäftsführer: Prof. Dr. Günther Wess und Dr. Nikolaus Blum
Registergericht: Amtsgericht München HRB 6466
USt-IdNr: DE 129521671
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-02-2012, 04:56 PM
"compdoc"
 
Default can't run gnome as root - addition - SOLVED

> > why do i have to adapt the OS ? I think the OS should adapt
> to the needs and wishes of the user as far as possible.

Security needs change. 'root' is a well-known username so if its enabled and
there's direct access from the web, it gives someone half the combination:
they only have to guess at passwords rather than guessing at a username and
password.

All my servers are behind firewalls and there are no ports open to the world
like ssh, which does give some protection. I used to enable the root account
myself, but sudo is second nature now and no trouble at all.




--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-02-2012, 11:14 PM
Phil Dobbin
 
Default can't run gnome as root - addition - SOLVED

compdoc wrote:

>>> why do i have to adapt the OS ? I think the OS should adapt
>> to the needs and wishes of the user as far as possible.
>
> Security needs change. 'root' is a well-known username so if its enabled and
> there's direct access from the web, it gives someone half the combination:
> they only have to guess at passwords rather than guessing at a username and
> password.
>
> All my servers are behind firewalls and there are no ports open to the world
> like ssh, which does give some protection. I used to enable the root account
> myself, but sudo is second nature now and no trouble at all.

The trick is to disable root login & only login as a user (I'm talking
about ssh here). Also, there are simple firewalls rules you can set that
if somebody tries to login with the incorrect password three times in a
specified time limit, ssh automatically drops the connection from that
IP address (you can also send the most repeat offending IP addresses to
a table to be stored for later reference so they only get one chance
before being dropped).

Oh, & a random, 16 character, alpha-numeric, upper/lower case password
helps too :-)

Cheers,

Phil...

--
currently (ab)using
CentOS 6.3, Debian Squeeze, Fedora Beefy, OS X Snow Leopard, Ubuntu Precise


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-03-2012, 09:49 AM
Patrick Asselman
 
Default can't run gnome as root - addition - SOLVED

On 2012-10-02 18:56, compdoc wrote:

> why do i have to adapt the OS ? I think the OS should adapt
to the needs and wishes of the user as far as possible.


Security needs change. 'root' is a well-known username so if its
enabled and
there's direct access from the web, it gives someone half the
combination:
they only have to guess at passwords rather than guessing at a
username and

password.

All my servers are behind firewalls and there are no ports open to
the world
like ssh, which does give some protection. I used to enable the root
account

myself, but sudo is second nature now and no trouble at all.


As far as I'm aware, ssh does (by default) not allow root to login
anyway, so whether or not root is enabled on the box is irrelevant to
the ssh security. (If you have ever checked your ssh logs for an online
box, you will understand why this is disabled. (Of course a closed port
is much more secure)).


I've witnessed an (experienced!) unix user become very pale all of a
sudden. After confirming he didn't have some sort of stroke, it turned
out he had accidentally used an "rm *" and it took much longer than
expected... it turned out he was in a directory he wasn't expecting to
be in (i.e. / ). After that I became a convinced user of sudo :-)


Fortunately in this world most people are free to choose their own
slow-suicide method, be it smoking, drinking, driving a motorcycle
(guilty!) or using root. The question is: how much risk are you willing
to take, and how large are the consequences. The OP stated he is aware
of the risk, and I assume he is aware of the consequences, so that's
fine by me.


Best regards,
Patrick Asselman


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-03-2012, 10:05 AM
Tom H
 
Default can't run gnome as root - addition - SOLVED

On Wed, Oct 3, 2012 at 5:49 AM, Patrick Asselman <iceblink@seti.nl> wrote:
>
> As far as I'm aware, ssh does (by default) not allow root to login anyway,

"PermitRootLogin yes" is set by default on Debian and Ubuntu.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-03-2012, 10:24 AM
Phil Dobbin
 
Default can't run gnome as root - addition - SOLVED

Tom H wrote:

> On Wed, Oct 3, 2012 at 5:49 AM, Patrick Asselman <iceblink@seti.nl> wrote:
>> As far as I'm aware, ssh does (by default) not allow root to login anyway,
>
> "PermitRootLogin yes" is set by default on Debian and Ubuntu.
>

And on CentOS & Fedora...

Cheers,

Phil...

--
currently (ab)using
CentOS 6.3, Debian Squeeze, Fedora Beefy, OS X Snow Leopard, Ubuntu Precise


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-03-2012, 10:41 AM
Avi Greenbury
 
Default can't run gnome as root - addition - SOLVED

Patrick Asselman wrote:
> As far as I'm aware, ssh does (by default) not allow root to login
> anyway, so whether or not root is enabled on the box is irrelevant
> to the ssh security. (If you have ever checked your ssh logs for an
> online box, you will understand why this is disabled. (Of course a
> closed port is much more secure)).

Root is only disabled as a side-effect of the user not having a
password set; if you set a root password on a Ubuntu machine, root may
log in.

> I've witnessed an (experienced!) unix user become very pale all of a
> sudden. After confirming he didn't have some sort of stroke, it
> turned out he had accidentally used an "rm *" and it took much
> longer than expected... it turned out he was in a directory he
> wasn't expecting to be in (i.e. / ). After that I became a convinced
> user of sudo :-)

After a while, `sudo rm *` becomes just as likely to happen as `rm *`.

If you're routinely doing the sorts of things that if done wrong can
break stuff, you're fairly likely to get them wrong and break things
from time to time, even if you prepend every command with the same
five characters. Sudo is, IMO, _much_ more about auditing and
restricting who can do what as root than it is about somehow
preventing rooty mistakes from users with the privilege to make them.

--
Avi

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-03-2012, 10:48 AM
Tony Arnold
 
Default can't run gnome as root - addition - SOLVED

On 03/10/12 11:41, Avi Greenbury wrote:
> Patrick Asselman wrote:
>> As far as I'm aware, ssh does (by default) not allow root to login
>> anyway, so whether or not root is enabled on the box is irrelevant
>> to the ssh security. (If you have ever checked your ssh logs for an
>> online box, you will understand why this is disabled. (Of course a
>> closed port is much more secure)).
>
> Root is only disabled as a side-effect of the user not having a
> password set; if you set a root password on a Ubuntu machine, root may
> log in.

You can also disable root login over ssh via the sshd_config file.

>> I've witnessed an (experienced!) unix user become very pale all of a
>> sudden. After confirming he didn't have some sort of stroke, it
>> turned out he had accidentally used an "rm *" and it took much
>> longer than expected... it turned out he was in a directory he
>> wasn't expecting to be in (i.e. / ). After that I became a convinced
>> user of sudo :-)
>
> After a while, `sudo rm *` becomes just as likely to happen as `rm *`.

It is likely to prompt you for a password that may give some thiniing time.

You might also be able to prevent the rm command from being executed via
sudo!

> If you're routinely doing the sorts of things that if done wrong can
> break stuff, you're fairly likely to get them wrong and break things
> from time to time, even if you prepend every command with the same
> five characters. Sudo is, IMO, _much_ more about auditing and
> restricting who can do what as root than it is about somehow
> preventing rooty mistakes from users with the privilege to make them.

Nothing is fool proof.

Regards,
Tony.
--
Tony Arnold, Tel: +44 (0) 161 275 6093
Head of IT Security, Fax: +44 (0) 705 344 3082
University of Manchester, Mob: +44 (0) 773 330 0039
Manchester M13 9PL. Email: tony.arnold@manchester.ac.uk

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-03-2012, 04:22 PM
Patrick Asselman
 
Default can't run gnome as root - addition - SOLVED

On 2012-10-03 12:24, Phil Dobbin wrote:

Tom H wrote:

On Wed, Oct 3, 2012 at 5:49 AM, Patrick Asselman <iceblink@seti.nl>
wrote:
As far as I'm aware, ssh does (by default) not allow root to login
anyway,


"PermitRootLogin yes" is set by default on Debian and Ubuntu.



And on CentOS & Fedora...

Cheers,

Phil...


I have to say, this amazes me.

In my opinion this should be changed, to protect the innocent unknowing
Linux users. The expert users who know what they get themselves into,
can figure out how to re-enable. Default should be to not permit it. Can
anyone tell me why it is enabled by default?


Just my opinion....

Patrick Asselman

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 10-03-2012, 04:45 PM
Colin Law
 
Default can't run gnome as root - addition - SOLVED

On 3 October 2012 17:22, Patrick Asselman <iceblink@seti.nl> wrote:
> On 2012-10-03 12:24, Phil Dobbin wrote:
>>
>> Tom H wrote:
>>
>>> On Wed, Oct 3, 2012 at 5:49 AM, Patrick Asselman <iceblink@seti.nl>
>>> wrote:
>>>>
>>>> As far as I'm aware, ssh does (by default) not allow root to login
>>>> anyway,
>>>
>>>
>>> "PermitRootLogin yes" is set by default on Debian and Ubuntu.
>>>
>>
>> And on CentOS & Fedora...
>>
>> Cheers,
>>
>> Phil...
>
>
> I have to say, this amazes me.
>
> In my opinion this should be changed, to protect the innocent unknowing
> Linux users. The expert users who know what they get themselves into, can
> figure out how to re-enable. Default should be to not permit it. Can anyone
> tell me why it is enabled by default?

Since the root login is disabled (and it is recommended not to enable
it) then it is immaterial whether this is enabled or not. An innocent
unknowing Linux user will not know how to enable the root login.

Colin

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 10:54 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org