Should Root Account Be Enabled?

KrunchTime · 2017-07-12 01:39:26

Due to my recent snafu and not being able to boot into recovery mode because I opted not to provide a root password during the Debian net install process, I'm wondering if it is now advisable to enable the root account when installing BL. What say ye, fellow 'nixers?

Last edited by KrunchTime (2017-07-12 03:05:39)

Sector11 · 2017-07-12 02:57:37

I don't think it is necessary ... in a tty " sudo su - " should still give you root access.
I may be wrong though.

KrunchTime · 2017-07-12 02:59:05

^ No success using that. See this thread. I remember when I played around with Siduction, they recommended setting up a root account during installation. All may not be lost though. I may be able to use a tip from the second link in my post here to setup a root account.

Last edited by KrunchTime (2017-07-12 03:01:39)

Sector11 · 2017-07-12 03:26:47

And I just moved those ... mind you I was concentrating on the post "number" not the contents.

True, hacking your account is an option. Good luck and keep us posted.

Head_on_a_Stick · 2017-07-12 07:10:52

KrunchTime wrote:

if it is now advisable to enable the root account when installing BL

No.

Your experiences with sid have no bearing on our stable-based distribution, I can see no advantages of unlocking the root account as standard.

Any user who wishes to unlock the root account themselves can run:

sudo passwd root

KrunchTime · 2017-07-12 07:56:55

^ You misunderstood me HoaS. I didn't mean to make it enabled out-of-the-box. I assumed that the BL install process (I've never used it) was similar to the Debian net install process. Each time I've used the Debian net install process, you are asked to provide a password for the root account and I've never done that.

cpoakes · 2017-07-12 20:52:18

I have never agreed with any rationale for disabling the root password/login. KrunchTime provides a perfect counter-example: when multi-user mode won't boot, sudo is useless.

KrunchTime · 2017-07-12 21:16:04

^ One good thing about disabling the root account is that it takes away a security vulnerability. Based on the research I did earlier this morning, the root account is the first target that hackers will look for.

Head_on_a_Stick · 2017-07-12 22:03:59

cpoakes wrote:

when multi-user mode won't boot, sudo is useless

Well, `sudo` can be used to chroot into the broken system from our live ISO image — repairs can be effected from there more easily than from a TTY, surely?

Also, both init=/bin/bash & systemd.unit=multi-user.target work as expected on my Helium-dev system.

Anybody who knows why they want to enable root will also know how to do that themselves.

I think that newcomers would be confused by being asked to select two different passwords and there is no reason unlock the root account, as far as I can see.

bigbenaugust · 2017-07-13 13:56:23

Call me the old guy, but I dislike Linux distros that hide the root account.
Give it a great password and use sudo all the time, sure, but the root account should be there.

DeepDayze · 2017-07-13 16:06:53

bigbenaugust wrote:

Call me the old guy, but I dislike Linux distros that hide the root account.
Give it a great password and use sudo all the time, sure, but the root account should be there.

I agree with that and there seems to be a few things that still require a real root account.

ratcheer · 2017-07-13 16:38:27

I won't give any rationale, but I'm an old timer (I've been using UNIX or Linux since the very early 80's), and I prefer to use root when I want to use root. I only use sudo, rarely.

Tim

damo · 2017-07-13 16:42:29

bigbenaugust wrote:

Call me the old guy, but I dislike Linux distros that hide the root account.
Give it a great password and use sudo all the time, sure, but the root account should be there.

It isn't "hidden" IMO. And of course you can always do

sudo passwd root

As @HoaS said, those who know why they want the root account enabled will know how to do it.

bigbenaugust · 2017-07-13 19:55:55

damo wrote:

bigbenaugust wrote:
Call me the old guy, but I dislike Linux distros that hide the root account.
Give it a great password and use sudo all the time, sure, but the root account should be there.
It isn't "hidden" IMO. And of course you can always do
sudo passwd root
As @HoaS said, those who know why they want the root account enabled will know how to do it.

Oh totally, and I have done that in other distros many, many times.

Head_on_a_Stick · 2017-07-13 20:09:44

DeepDayze wrote:

there seems to be a few things that still require a real root account

Which things?

damo · 2017-07-13 21:20:37

Head_on_a_Stick wrote:

DeepDayze wrote:
there seems to be a few things that still require a real root account
Which things?

Post #1?

DeepDayze · 2017-07-13 21:21:20

Head_on_a_Stick wrote:

DeepDayze wrote:
there seems to be a few things that still require a real root account
Which things?

Like getting to emergency root shell?

Head_on_a_Stick · 2017-07-13 21:22:57

^ & ^^ I wasn't sure what was meant by "boot into recovery mode" (or "getting to emergency root shell" for that matter) so I tried init=/bin/bash & systemd.unit=multi-user.target on my box and they both worked as expected so I think this is down to sid breaking some toys (as usual).

Last edited by Head_on_a_Stick (2017-07-13 21:25:18)

MALsPa · 2017-07-13 23:54:18

Head_on_a_Stick wrote:

Well, `sudo` can be used to chroot into the broken system from our live ISO image — repairs can be effected from there more easily than from a TTY, surely?

I don't claim to be an expert on the topic, but I guess I was thinking along the same lines, that a fix could be made via a live session. Are there situations where that would not work?

Head_on_a_Stick · 2017-07-14 05:54:38

MALsPa wrote:

Are there situations where that would not work?

None that I can think of.

A live image is always my preferred rescue medium because it's easier to search for solutions with a graphical desktop running.

#1 2017-07-12 01:39:26

Should Root Account Be Enabled?

#2 2017-07-12 02:57:37

Re: Should Root Account Be Enabled?

#3 2017-07-12 02:59:05

Re: Should Root Account Be Enabled?

#4 2017-07-12 03:26:47

Re: Should Root Account Be Enabled?

#5 2017-07-12 07:10:52

Re: Should Root Account Be Enabled?

#6 2017-07-12 07:56:55

Re: Should Root Account Be Enabled?

#7 2017-07-12 20:52:18

Re: Should Root Account Be Enabled?

#8 2017-07-12 21:16:04

Re: Should Root Account Be Enabled?

#9 2017-07-12 22:03:59

Re: Should Root Account Be Enabled?

#10 2017-07-13 13:56:23

Re: Should Root Account Be Enabled?

#11 2017-07-13 16:06:53

Re: Should Root Account Be Enabled?

#12 2017-07-13 16:38:27

Re: Should Root Account Be Enabled?

#13 2017-07-13 16:42:29

Re: Should Root Account Be Enabled?

#14 2017-07-13 19:55:55

Re: Should Root Account Be Enabled?

#15 2017-07-13 20:09:44

Re: Should Root Account Be Enabled?

#16 2017-07-13 21:20:37

Re: Should Root Account Be Enabled?

#17 2017-07-13 21:21:20

Re: Should Root Account Be Enabled?

#18 2017-07-13 21:22:57

Re: Should Root Account Be Enabled?

#19 2017-07-13 23:54:18

Re: Should Root Account Be Enabled?

#20 2017-07-14 05:54:38

Re: Should Root Account Be Enabled?

Board footer