Announcement

Collapse
No announcement yet.

How to allow root logins?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    [SOLVED] How to allow root logins?

    Eons ago, it was a simple matter of editing your kdmrc file, located in /etc/kdeX/kdm/, and making one little change that would allow root logins. I'm totally lost now, and can't find anything resembling a file to edit to make this happen. Is there such a creature?

    If I add the following to my [almost empty] kdmrc file, will that do it?

    Code:
    AllowRootLogin=true
    Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544


    #2
    KDM has long gone byebye, so SDDM is the login manager now.

    I think these are the steps needed

    1) set the root password “sudo passwd root”
    2) in /etc/sddm.conf change MinimumUid=1000 to MinimumUid=0
    3) in /etc/pam.d/sddm comment out “auth required pam_success_if.so user != root quiet_success”

    If you haven't noticed yet, you can edit these files in Kate without running them as sudo/root, you will be prompted for a password when saving the file.

    Comment


      #3
      Thanks for the info, @claydoh. I can't get to that laptop right now, so I'll give it a try later.

      One of the first things I did after installation was give root a password; I've been 'su -'-ing ever since. I grew up on UNIX, with root being something I gave its due respect, but used freely and often. In 34 years, I've only made one mistake as root that I couldn't easily fix...or fix at all...and had to reinstall. That little blunder truly reinforced how much I needed to respect root, and I haven't screwed up since.

      There are times I simply find it quicker and easier to get things done logged in as root, so I'll be happy to have that option back.

      On a somewhat related note: I see that kdesudo is gone, and I don't know its replacement. There are certain system settings that require root...but without kdesudo systemsettings, I'm lost. Help?!
      Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

      Comment


        #4
        Why would you use sudo with System Settings? In the very few places where it touches system level options, it will prompt you for the password when applying.
        Which parts are you seeing that need root/sudo access up front?

        Anyway, kdesudo is long gone, even from Debian.
        kdesu is there, but it is not in the $PATH, and there is sudo -i as well.

        Comment


          #5
          Originally posted by claydoh View Post
          KDM has long gone byebye, so SDDM is the login manager now.
          Learn something new every day!

          I think these are the steps needed

          1) set the root password “sudo passwd root”
          2) in /etc/sddm.conf change MinimumUid=1000 to MinimumUid=0
          3) in /etc/pam.d/sddm comment out “auth required pam_success_if.so user != root quiet_success”
          Excellent! Worked like a charm--with one adjustment. In #3, the line to comment out is actually: auth required pam_succeed_if.so user != root quiet_success

          If you haven't noticed yet, you can edit these files in Kate without running them as sudo/root, you will be prompted for a password when saving the file.
          Thanks...but! One, I don't like Kate, I use KWrite. Two, for anything of this nature you'll find me at a command prompt, 'su -'-ed to root, using vi, after compulsively following my 3-1/2 decade protocol of copying whatever.file.it.is to whatever.file.it.is_orig. Let's just say that's saved my ass a few times.

          You've been so helpful. Would it be okay if I blew you a kiss? Just a friendly one, of course.
          Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

          Comment


            #6
            Originally posted by claydoh View Post
            Why would you use sudo with System Settings? In the very few places where it touches system level options, it will prompt you for the password when applying.
            Which parts are you seeing that need root/sudo access up front?
            Well, shoot, now that you ask, I honestly can't remember WHY I wanted it. I know that I was reviewing my ever-growing file of Linux info--stuff I've learned over the years, tips I've picked up--and I do remember seeing it there, so maybe that's what sparked it...? I don't know. As it is, I haven't come up against anything that I couldn't save, so it's all good.

            Anyway, kdesudo is long gone, even from Debian.
            kdesu is there, but it is not in the $PATH, and there is sudo -i as well.
            Yes, it seems a LOT of things are long gone since the last time I upgraded versions. Luckily, I have my handy-dandy Kubuntu Forums to come to when I'm stumped.
            Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

            Comment


              #7
              Originally posted by DoYouKubuntu View Post
              Learn something new every day!



              Excellent! Worked like a charm--with one adjustment. In #3, the line to comment out is actually: auth required pam_succeed_if.so user != root quiet_success
              Cool that you figured it out!


              Thanks...but! One, I don't like Kate, I use KWrite. Two, for anything of this nature you'll find me at a command prompt, 'su -'-ed to root, using vi, after compulsively following my 3-1/2 decade protocol of copying whatever.file.it.is to whatever.file.it.is_orig. Let's just say that's saved my ass a few times.
              Kwrite will do the same, they are essentially the same editor, with different features.



              You've been so helpful. Would it be okay if I blew you a kiss? Just a friendly one, of course.
              Sure thing! I'll probably blush a little, but there isn't a smilie for that here lol
              Last edited by Snowhog; Nov 20, 2019, 07:49 PM.

              Comment


                #8
                Alright, @claydoh, your kiss is on its way!
                Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

                Comment


                  #9
                  You may also be able to run Dolphin as root. At least I can on Neon 5.17 (which has a K18.04 base).
                  Try
                  pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY KDE_SESSION_VERSION=5 KDE_FULL_SESSION=true dolphin /

                  If it works, you can make a launcher entry for it.
                  If it doesn't, Krusader has root-mode built-in.

                  Now, of course, running complex applications as root should be done sparingly.
                  The theory being - from what I gather - that, being complex, they "haven't been audited properly to run under elevated privileges", they may "touch files inside your $HOME and change their ownership on the file system; connect, via IPC, to even more running code, etc.".

                  Of course, it's the old "security vs. usability" tradeoff. But it's good to know the theory... ;·)

                  Comment


                    #10
                    Originally posted by Don B. Cilly View Post
                    You may also be able to run Dolphin as root. At least I can on Neon 5.17 (which has a K18.04 base).
                    Try
                    pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY KDE_SESSION_VERSION=5 KDE_FULL_SESSION=true dolphin /

                    If it works, you can make a launcher entry for it.
                    If it doesn't, Krusader has root-mode built-in.
                    Thanks! I'll give that a try.

                    Now, of course, running complex applications as root should be done sparingly.
                    The theory being - from what I gather - that, being complex, they "haven't been audited properly to run under elevated privileges", they may "touch files inside your $HOME and change their ownership on the file system; connect, via IPC, to even more running code, etc.".

                    Of course, it's the old "security vs. usability" tradeoff. But it's good to know the theory... ;·)
                    Yes, but I really think most of those warnings are aimed at windows transitioners, people who not only have no idea how *nix works, but wouldn't have a clue how to fix a problem they created as root. I don't mean to sound full of myself, so please don't take it that way, but with 34 years of *nix under my belt, I know more than a thing or two about how it works, AND I can fix anything I may screw up. As noted, I've only screwed up--I mean majorly screwed up, resulting in having to reinstall the OS--once, and that was in 1987, right at the beginning of my learning UNIX. (I'd used UNIX since 1985, but just as a regular user. In 1987, I started my job as programmer -and- sysadmin.)

                    I've had a private joke (with myself!) for years: wouldn't it be hilarious if I borked a system?! I mean, considering how confident I feel and talk about being, I think I'd burst into hysterical laughter if I thoroughly *(#@!^& up a computer! Like, it would serve me right!
                    Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

                    Comment


                      #11
                      Well, I've made quite a few big messes of my systems, but all of them were from the CLI, none from GUIs

                      Comment


                        #12
                        Originally posted by Don B. Cilly View Post
                        You may also be able to run Dolphin as root. At least I can on Neon 5.17 (which has a K18.04 base).
                        Try
                        pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY KDE_SESSION_VERSION=5 KDE_FULL_SESSION=true dolphin /

                        ...
                        Does not work on my Kubuntu 18.04 installation. Would have been nice if it had worked.

                        ~$ pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY KDE_SESSION_VERSION=5 KDE_FULL_SESSION=true dolphin /
                        Executing Dolphin as root is not possible.

                        "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                        – John F. Kennedy, February 26, 1962.

                        Comment


                          #13
                          I am running Kubuntu 19.04, Kernel 5.3.12 and this Does appear to start a root session of Dolphin. I've not completed testing yet.
                          Crossing my fingers.

                          I created a launch icon on my desktop, using the above pkexec command. I was asked for my password and Dolphin opened nicely, no error messages about executing as root.

                          The command also works when run from command line (Konsole).
                          Last edited by TWPonKubuntu; Nov 21, 2019, 06:09 PM.
                          Kubuntu 23.11 64bit under Kernel 6.8.1, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.

                          Comment


                            #14
                            Originally posted by DoYouKubuntu View Post
                            Thanks! I'll give that a try.
                            Yes, but I really think most of those warnings are aimed at windows transitioners, people who not only have no idea how *nix works, but wouldn't have a clue how to fix a problem they created as root. I don't mean to sound full of myself, so please don't take it that way, but with 34 years of *nix under my belt, I know more than a thing or two about how it works, AND I can fix anything I may screw up. As noted, I've only screwed up--I mean majorly screwed up, resulting in having to reinstall the OS--once, and that was in 1987, right at the beginning of my learning UNIX. (I'd used UNIX since 1985, but just as a regular user. In 1987, I started my job as programmer -and- sysadmin.)

                            I've had a private joke (with myself!) for years: wouldn't it be hilarious if I borked a system?! I mean, considering how confident I feel and talk about being, I think I'd burst into hysterical laughter if I thoroughly *(#@!^& up a computer! Like, it would serve me right!
                            The root restrictions (or recommendations) are not really there to prevent users (old or new) from shooting themselves in the foot. Basically all users are perfectly capable of (and maybe even more likely to) shooting themselves in the foot even without starting GUI apps as root (by using cryptic sudo commands) and you can do a lot of damage even without root (like losing all your precious data). Even the most ignorant windows user is quite capable of googling and running commands (with or without sudo) without really understanding what it does.

                            The main reason for all the recommendations/restrictions is that software tends to grow more complex by the minute, and in todays networked environments the threats caused by either critical software bugs or undiscovered vulnerabilities are potentially much more severe that in the golden UNIX days (been there, done that )...and running them as root just widens the attack surface. I tend to trust open source software not to do anything malicious by intent, but open source is not invulnerable to coding mistakes (bugs or vulnerabilities), in fact they are very coomon due to the "release early, release often" slogan, although really serious problems are much rarer.

                            I'm not strictly against running as root when a situation calls for it (if you really know what you're doing and the real risks involved), I myself routinely use "forensic" live-media that use a root environment as a general rule, but I don't really believe in "running as root for convenience", especially running complex network enabled apps as root (like browsers, which is just asking for trouble)...and this has nothing to do with the fear of shooting myself in the foot ("I don't make mistakes"™ ).

                            Of course capable people, like yourself, are the best judges of what risk levels they find acceptable, as long as they are aware of them.

                            Originally posted by GreyGeek View Post
                            Does not work on my Kubuntu 18.04 installation. Would have been nice if it had worked.
                            You need dolphin version 18.08 for that to work (from kde apps 18.08), might be available through kubuntu update ppas, if it's not backported to Kubuntu 18.04.
                            Last edited by kubicle; Nov 22, 2019, 12:56 AM.

                            Comment


                              #15
                              Originally posted by kubicle View Post
                              The root restrictions (or recommendations) are not really there to prevent users (old or new) from shooting themselves in the foot. Basically all users are perfectly capable of (and maybe even more likely to) shooting themselves in the foot even without starting GUI apps as root (by using cryptic sudo commands) and you can do a lot of damage even without root (like losing all your precious data). Even the most ignorant windows user is quite capable of googling and running commands (with or without sudo) without really understanding what it does.

                              The main reason for all the recommendations/restrictions is that software tends to grow more complex by the minute, and in todays networked environments the threats caused by either critical software bugs or undiscovered vulnerabilities are potentially much more severe that in the golden UNIX days (been there, done that )...and running them as root just widens the attack surface. I tend to trust open source software not to do anything malicious by intent, but open source is not invulnerable to coding mistakes (bugs or vulnerabilities), in fact they are very coomon due to the "release early, release often" slogan, although really serious problems are much rarer.
                              You're making some excellent points.

                              If you've followed my [many recent] posts, you'll notice that I'm not a subscriber to the 'release early, release often' philosophy. I only use stable, tried and true version upgrades.

                              I'm not strictly against running as root when a situation calls for it (if you really know what you're doing and the real risks involved), I myself routinely use "forensic" live-media that use a root environment as a general rule, but I don't really believe in "running as root for convenience", especially running complex network enabled apps as root (like browsers, which is just asking for trouble)...and this has nothing to do with the fear of shooting myself in the foot ("I don't make mistakes"™ ).

                              Of course capable people, like yourself, are the best judges of what risk levels they find acceptable, as long as they are aware of them.
                              I rarely--if ever--use GUIs as root. When I su - or log in as root, I do everything CLI.

                              I don't want to diminish the importance and validity of anything you've said. I just want to make two points clear: 1) I know what I'm doing and haven't made a serious mistake in 32 years, and 2) if #1 fails, I can fix it.
                              Xenix/UNIX user since 1985 | Linux user since 1991 | Was registered Linux user #163544

                              Comment

                              Working...
                              X