How do I log in as root it dos not give me the option on boot up and if I boot into safeboot it says incorrect login
Not sure about Suse but on Mandrake I would do the following:
On the login screen do ctrl-alt-f2
Type in root
then the password
type startx
Go to start --> system --> configuration --> KDE --> System --> Login Manager
Turn shows users to none.
Logout, and it will bring you back to the console.
Press crtl-alt-f7
Back to the login screen, if it hasn't worked press ctrl-alt-backspace.
As I said this is what I would do in Mandrake, as I have had this
problem before with it, but not sure on suse.
Jo
On Fri, 7 Jan 2005 08:47:52 -0000, David Selby
How do I log in as root it dos not give me the option on boot up and if I boot into safeboot it says incorrect login
-- Spread FireFox: http://www.spreadfirefox.com/?q=user/register&r=32751 Get FireFox: http://www.getfirefox.com OpenOffice: http://www.openoffice.org Mandrake: http://www.mandrakelinux.com Flexihostings: http://www.flexihostings.net/partners/idevaffiliate.php?id=7170
It was the Ctrl-alt-f2 command I needed thanks all sorted now
-----Original Message-----
From: linuxgirlie [mailto:linuxgirlie@gmail.com]
Sent: 07 January 2005 09:11
To: suse-linux-uk-schools@suse.com
Subject: Re: [suse-linux-uk-schools] now a silly question
Not sure about Suse but on Mandrake I would do the following:
On the login screen do ctrl-alt-f2
Type in root
then the password
type startx
Go to start --> system --> configuration --> KDE --> System --> Login
Manager
Turn shows users to none.
Logout, and it will bring you back to the console.
Press crtl-alt-f7
Back to the login screen, if it hasn't worked press ctrl-alt-backspace.
As I said this is what I would do in Mandrake, as I have had this
problem before with it, but not sure on suse.
Jo
On Fri, 7 Jan 2005 08:47:52 -0000, David Selby
How do I log in as root it dos not give me the option on boot up and if I boot into safeboot it says incorrect login
-- Spread FireFox: http://www.spreadfirefox.com/?q=user/register&r=32751 Get FireFox: http://www.getfirefox.com OpenOffice: http://www.openoffice.org Mandrake: http://www.mandrakelinux.com Flexihostings: http://www.flexihostings.net/partners/idevaffiliate.php?id=7170 -- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
How do I log in as root it dos not give me the option on boot up and if I boot into safeboot it says incorrect login
Just type root as the user name and the password that you submitted when installing SuSE. You can make the login manager display "root" from within YAST and, if you have lots of users, you can also stop it showing any usernames in the logon screen. Adrian
Hi, David
--- David Selby
How do I log in as root it dos not give me the option on boot up and if I boot into safeboot it says incorrect login
It's only because you used the phrase "safeboot" that I was able to make a flying inference that you were at some sort of graphical DM (display manager). It's often helpful (particularly when asking technical questions) to supply detail as to what it is that's happening, and indeed what it is you're trying to do [1]. Read the question you asked back to yourself. Would you be able to answer it, based on the information there? I doubt it. I'm no expert on any of this, either -- but I have learnt a lot from being on lots of mailing-lists just how important it is. I'd find it highly unlikely SuSE would have disabled root from being able to login via a DM (there'd only be a limited number of ways to do it -- one of which would break the policy dictated by the files used from 'startx'). Ask yourself though -- is it *absolutely* neccessary that you need to login as root. I'm fully expecting people to reply to this with: "yes, because blah blah -- need to do admin stuff, blah". Heh. I'd only login as root (and stay logged in forever) if: 1. I never made a mistake. 2. I always typed the commands exactly right first time. 3. I trusted explicitly the operation the programs performed. 4. I didn't care about my data. Of course you need to be root sometimes to perform *some* tasks -- but there are much "better" was of doing that. The general rule of thumb is to login as a non-root user, and admin things from there. There's lots of ways to do that. The "su" command is classically what is used: $ su -c 'some_task' When typed in would run "some_task" as user root, just fine if it were a console-app only. Things get a little more complex when you're wanting to run GUI programs as user root (more about that in a moment). If you find yourself having to do that lots of times, it might be more appropriate to use "sudo". Sudo is like su, but it is controlled via an ACL. An "Access Control List" from which you can say whom is able to run things as root. And as an added bonus, unlike su, sudo is able to restrict which applications a user (or group of users) are allowed to run. So, sudo is useful. Install it and have a look. I'll give you a very quick overview. Sudo's configuration is done from the file "/etc/sudoers". This can only be edited by root (ironic, really). It's unwise for you to simply use any old editor to edit this file, though. There's a specific command that you should use. It's called "visudo". This is used for two reasons: 1. It locks the file. 2. It checks to make sure that what you have entered is valid sudo "syntax". I don't know whether you have a favourite *console* text editor or not? If not, I suggest you dig around [2]. The reason I ask is because by default "visudo" will launch the vi text editor -- probably not for the faint-hearted. You can change this though, but before you do, you have to become 'root'. I'm going under the premise that you are not currently root, but rather have logged in as non-root. If that is the case, open up an xterm, and type: $ su - ... and type root's password in. Then from there, do: # EDITOR=MY_EDITOR visudo Where "MY_EDITOR" is the name of an editor, if you don't want to use "vi" [2]. If you do, then you can just type: # visudo There, you'll see it is editing a file, which might look like this: # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL) ALL ... and note the syntax. This says that the root user (via the "sudo" command, remember) has full control over what it can run. Of course, using "sudo" in that manner when one is the root user is superfluous anyway. So let's assume that your normal non-root account is called "david". And let's assume that via sudo, you want to allow that user to run *any* command as user root without specifying a password each time. Into that file, you'd add: david ALL = NOPASSWD: ALL By default -- unless you tell sudo otherwise, it will prompt for a password. Of course, *that* entry assumes that you OK with that. In its effective usage, it's almost as though you were root (I'll leave out the argument about whether or not using this means you should just login as root anyway). Of course, that might not be what you want. You can restrict a user (or any number of users) to only run certain applications: david ALL = NOPASSWD: /usr/sbin/foo, /usr/bin/gvim (yes, the example programs are somewhat stupid, but they convey the meaning). Here, this says that user "dave" (via sudo) can only run the programs "/usr/bin/foo" and "/usr/bin/gvim" withouth specifying a password. But how would you specify that for more than one user? Well, you can also go by which group a particular user is in. "groups" (in the UNIX sense -- read: permissions) are useful where you need to, well, group users together so that they can perform a task. For instance, I have a users on this box that are allowed to run some commands. I'll call them "usera" and "userb". I *could* define them in /etc/sudoers thus: usera ALL = NOPASSWD: /usr/bin/foo, /usr/bin/bar userb ALL = NOPASSWD: /usr/bin/foo, /usr/bin/bar But the list would get quite long if I needed it for, say, "500" users. So they way around this, would be to *create* a group -- say "admins" and add all the users to it. To do that, you would have to run (as root): # groupadd admins # useradd -G admins usera # useradd -G admins userb (I'll leave automation out as another exercise -- but adding bulk users, en masse to a group is quite easy). Then, going back to our /etc/sudoers file, you can replace: usera ALL = NOPASSWD: /usr/bin/foo, /usr/bin/bar userb ALL = NOPASSWD: /usr/bin/foo, /usr/bin/bar ... with: %admins ALL = NOPASSWD: /usr/bin/foo, /usr/bin/bar ... and that's it. Any members then of group "admins" can run the specified programs -- again supplying no password. Then save the file, and test it: sudo -u usera /usr/bin/foo ... it does have its uses. :) I mentioned earlier about running GUI programs as root can be problematic. This is done for a reason. But there is also an underlying reason as well. X is a networking model, with all the inherent permissions you would expect. So if usera logs in to say, KDE, only usera is allowed to run GUI programs on it. But what if you wanted to run a GUI program as user root (say, a package manager?). Well, you might see references to using: $ xhost + $ su - ... # export DISPLAY=:0 # runMyCommand & # exit $ xhost - But let me tell you now: USING XHOST IS THE WORST THING YOU CAN DO. A chocolate fireguard is more secure. "xhost" simply drops the security permissions [3]. Note that even with: $ xhost localhost+ ... that is still a bad thing. If you *must* run a GUI program as root, then: $ su - ... # xauth merge ~user_running_X/.Xauthority # export DISPLAY=:0 && myapp & ... where "~user_running_X" is the username of the user running X. Note that this procedure is using something called a "mit-magic-cookie" -- something saved for another thread, if anyone cares. But -- but. If you have setup sudo then the mit-magic-cookie stuff is done for you. Hence if "myapp" were an actual GUI command, you can as a non-root user (that owns the Xserver connection) type: $ sudo myapp and it would launch instantaneously. As a final note, there are several "wrappers" around su(1). In KDE, this is: kdesu and for others, the commands: gtksu gtksudo can be used. All of them give a graphical prompt for you to enter root's password so that the application in question can be run as root. They're often used in menus. I hope this has given you an insight into why running X11 (or anything) as root is a bad idea. If you can get out of the habit of doing it, and follow some of the guidelines mentioned, it should make your life easier, and minimise the risks undertaken [4]. I realise that non of this was your intention -- you might just have been wanting to login as root to perform a task, and log back out again. That's *fine*, but it can get tedious. If there is anything I can clarify for you, let me know. -- Thomas Adam [1] The point is not about whether I _knew_ what you were talking about -- it's about making sure you relay the information over accurately so that I don't have to make the inference. :) That would only cause ambiguities. [2] http://www.hantslug.org.uk/cgi-bin/wiki.pl?LinuxHints/JustEdit [3] It is slightly more complex than that, but for now it will sufice it to say this is the affect it has. [4] Whether "su" is any better than "sudo" depends. I always look at it as use "su" when you trust the program. Use "sudo" when you trust the users -- and possibly both. :) ___________________________________________________________ ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com
:O
--- linuxgirlie
:O
You may smile now, :), but rest-assured that all of the concerns I raised in my previous e-mail, if not addressed, will bite you square on the arse. It's just common-sense. *Any* sysadmin will tell you as much. But then, any sysadmin that disgrees rarely deserves such a title. -- Thomas Adam ===== "The Linux Weekend Mechanic" -- http://linuxgazette.net "TAG Editor" -- http://linuxgazette.net "<shrug> We'll just save up your sins, Thomas, and punish you for all of them at once when you get better. The experience will probably kill you. :)" -- Benjamin A. Okopnik (Linux Gazette Technical Editor) ___________________________________________________________ ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com
participants (4)
-
adrian.wells
-
David Selby
-
linuxgirlie
-
Thomas Adam