Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
yep I left Ubuntututu for more than that reason, admitting I never looked into that part of it, as I left Ubuntututu long before, for reasons other than root issues, I only read in here all of the issues users where having with Ubuntututu after I left it to backdoor into Ubunutututu to fix something when a normal Linux distro all that user had to do was type su : passwd. instead the user had to go through a complicated list of commands. maybe they fixed that part of it, but I still stand that it should not even be hidden. this is Linux/GNU so yes if you are going to be using it then learn about that end of it too, and not have it hidden from the users, it keeps them dumb down. an attempt to burn books, yes it is.
I bet if it were possible to remove root all together then the *untutututu would do that.
You can place that bet with me if you want. Very generous terms will be given.
I honestly believe that this is all a mountain out of a molehill territory, over a distro's decision to implement an easily-over-rideable security measure aimed at the default protection of users from logging in as root and inadvertently causing damage to their systems or allowing malware/viruses to do the same.
You could argue that it's actually "dumber" to simply be root for everything, rather than have a nuanced knowledge of what requires root privileges in a Linux system brought about by having to put on the administrator hat when the activity genuinely requires it.
I always keep a root terminal window handy for administrative things. That window has a light red background as a reminder to be careful when using it.
I've done exactly that with terminal windows to the production server...even when not root ('tho it is more often than not)
You can place that bet with me if you want. Very generous terms will be given.
I honestly believe that this is all a mountain out of a molehill territory, over a distro's decision to implement an easily-over-rideable security measure aimed at the default protection of users from logging in as root and inadvertently causing damage to their systems or allowing malware/viruses to do the same.
You could argue that it's actually "dumber" to simply be root for everything, rather than have a nuanced knowledge of what requires root privileges in a Linux system brought about by having to put on the administrator hat when the activity genuinely requires it.
if they log in as root and screw up their system then no one is to blame but the one that logged in as root and screwed up the system. then one can only hope that one can learn from their mistakes. to put on the admin hat when needed is why su and su- existed. even though sudo was still around then, pertaining to Linux. removing the root account then caused what that needed to take place?
sudo su and all of the other variation, because the root user cannot be destroyed only hidden. therefore Ubuntutu and other linux/GNU cannot remove it. the only one that should have the root account access is the one that installed it, of course I speak of the home user more than the corporations which have a sudoers file too that can have adjustments added to it to limit someone rights to do this or that.
I still see no reason whatsoever to remove it in the first place. as you stated one line and its back again, so why bother in the first place?
I do remember seeing a youtube vid where the CEO of Red Hat destroyed his system running as root, so it can happen to the best of anyone.
sudo was designed to give users limited access to specific commands that they might need in the course of their duties. The *buntus' use of it is not (you will pardon the expression) canonical. It is not a use, but a misuse of sudo.
As soon as I boot up, I bring up a shell and su, then just minimize it until I need to do something in shell. If I'm going to be doing a few things, and don't need to be root, I'll exit from root and run as user, but otherwise I like to have root shell always ready for me.
I learned the hard way how to be careful in root shell. I got my first server back in 2000. A few months later I was doing some temporary stuff...
in / I did something like this:
mkdir temp
did stuff, then when done, still in root dir
rm -Rf temp *
It was supposed to be temp/* but somehow I goofed. lol
Good thing I didn't have much on it yet and was still practising.
Whenever I am doing a particularly long operation (such as repartition to LV creation, or troubleshooting an issue), I use root account. I hate putting sudo on every line I type, when the behavior/result is expected and known.
Other than that, sudo for quick one time operations (such as connecting to a VPN, move something to/from, custom scripts etc) and when setting up something new from scratch (either try-fail-review-repeat or following a HOWTO).
I use sudo without a password for shutting down or rebooting, because you can't do any harm with those commands on a single-user system. I don't like no-password sudo for potentially dangerous commands. Having to give a password slows you down just that little bit and gives you time to consider what you have just typed. I consider this a security feature.
In CentOS/Suse, I can shutdown/reboot without sudo.
Code:
systemctl reboot/shutdown -i
I know Crux and AntiX are SysV init based (do correct me if I am wrong). But you have any systemd based OS, it would be interesting to know if it works.
systemd/systemctl use polkit2 to set particular internal operations as permitted or not permitted to certain classes of users. This is quite independent of the traditional unix su/sudo system, which works on complete processes only. Sysvinit uses the shutdown program, which is not polkit-aware, so can't use this technique.
If you try to use systemctl to start or stop a daemon as an unprivileged user, you'll probably find that it doesn't work.
su(1) dates back to AT&T UNIX. Traditionally only members of the wheel group could su, but RMS removed that restriction from the GNU version.
Neither one is the "correct" method. It's a matter of best use case / personal preference. However the average home desktop user probably doesn't need it's features, but still might prefer it.
Ubuntu's implementation wasn't "wrong" per se, it was just the attitude from the distribution/canonical/it's website and forums where users trying to set a password for the root account were actually censored.
This gave rise to some people responding to questions on forums, etc with commands preceded by sudo, rather than using traditional $/# notation and leaving it to the user to decide. In many cases commands which did not need root privileges were still being preceded with sudo, as well as many "howto" and blog articles containing similar commands.
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824
Rep:
i use root acc at my openbsd bridge, not surfing the net with it tho - just "pkg_add -u && syspatch".
i use "sudo su" at my desktop computer (fedora 28).
I only used Ubuntu once for a short while. It was Dapper Drake, so you can see how long ago that was! I quite liked the universal sudo thing in practice, so I have used it since on all of my distros. But of course I have a root account too on all of them.
By default AntiX gives the first registered user full sudo rights like the *buntus, but has a root account too. Best of both worlds.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.