Fedora Core 4: How to make a user "root"

[nt7272]

Sorry it's just this noob again.

Is there a way to make a user "root" ? I tried to put him in "root" and "admin" group using the User Management console but that doesn't seem to solve the problem. Everytime I logged on as that user, the system asks me for root password if I want to change some system settings.

Thanks a lot.

[Mat]

the user root is created by default. During the install, you was asked to specify its password.

If you can't remember, you need to reset the password. (use search for answer to that question)


Mat

[nt7272]

OK, I guess I didn't make my question clear:

- I already have a "root" user and I know its password.

- I have another user, say "bush" and want to make "bush" the same as root because that's the login name I often use.

So, how can I make "bush" equivalent to "root" ?

[markkuk]

You can't. There's exactly one root user in a Linux system, the one with UID 0 and username "root".

[Mat]

that is not possible.

it's part of the security context. the user root can do *anything* on your system and as such any program run by root can. So in order to minimize threats by bugs or malicious programs, only log in as root if you have to..

Don't even think about using root as a "normal user" account and surf the web or anything..



Mat

[nt7272]

So if I assigned Bush to "admin" group (in the User Management console), what's the difference it makes ?

I am familiar with Windows concept where you can just assign "bush" to the Administrator group and he will be as powerful as the admin.

Quote:

Originally Posted by Mat

that is not possible.

it's part of the security context. the user root can do *anything* on your system and as such any program run by root can. So in order to minimize threats by bugs or malicious programs, only log in as root if you have to..

Don't even think about using root as a "normal user" account and surf the web or anything..



Mat

[odyssey]

Sudo is probably what your looking for.
Thomas Chungs sudo setup guide
"man sudo" in a terminal will give your more info on sudo.

[Mat]

Quote:

Originally Posted by nt7272

I am familiar with Windows concept where you can just assign "bush" to the Administrator group and he will be as powerful as the admin.

that's a major security threat under win and not possible under Linux


have a look at the concept of permissions to understand what difference placing users into certain groups will make.

but even than, many system files (e.g. /etc/passwd) will only be writable by the user root.



Mat

[dhav]

on the other hand...

While the advice in this thread is sound, I believe in answering the question you asked, not the question people think you SHOULD be asking. So, if you REALLY wanted to make a user the same as root, you need two things, the UID and the GID

In /etc:

look in passwd, there are two lines there you're interested in (assuming your example user bush):
bush:x:500:500::/home/test2:/bin/bash
this says: username:x:UID:GID::/path/to/home/dir:/path/to/shell

since you want your user to be root, you want to be UID and GID 0, so change it to this:
bush:x:0:0::/home/test:/bin/bash

Now look in group:
By default, fedora creates a group with the same name as the user, it will look like this:
bush:x:500:
You want to get rid of that and instead add the user bush to the root group, find this line:
root:x:0:root
and change it to look like this:
root:x:0:root,test

There ya go, now your user bush is just like root. Why you'd do this I don't know, you might as well work as the user root if you're going to do this. Now that you have a little knowledge of the way users and groups work, read up on it a bit and you'll get the hang of it. Probably what you really want to do is add the user bush to the group wheel.

good luck, be careful and make backups if you're going to screw around on stuff you care about!

[nt7272]

Thanks a lot for the detailed guidance of everyone.

dhav:

The last line:
root:x:0:root,test

should be
root:x:0:root,bush

right ?

And doing like this will make "bush" an alias of "root", right ? What I want to have is 2 separate users, and user Bush has all the permissions that user "root" has. Its just like Sam and Steve can both have administrative rights on the same machine with their accounts.

Quote:

Originally Posted by dhav

on the other hand...

While the advice in this thread is sound, I believe in answering the question you asked, not the question people think you SHOULD be asking. So, if you REALLY wanted to make a user the same as root, you need two things, the UID and the GID

In /etc:

look in passwd, there are two lines there you're interested in (assuming your example user bush):
bush:x:500:500::/home/test2:/bin/bash
this says: username:x:UID:GID::/path/to/home/dir:/path/to/shell

since you want your user to be root, you want to be UID and GID 0, so change it to this:
bush:x:0:0::/home/test:/bin/bash

Now look in group:
By default, fedora creates a group with the same name as the user, it will look like this:
bush:x:500:
You want to get rid of that and instead add the user bush to the root group, find this line:
root:x:0:root
and change it to look like this:
root:x:0:root,test

There ya go, now your user bush is just like root. Why you'd do this I don't know, you might as well work as the user root if you're going to do this. Now that you have a little knowledge of the way users and groups work, read up on it a bit and you'll get the hang of it. Probably what you really want to do is add the user bush to the group wheel.

good luck, be careful and make backups if you're going to screw around on stuff you care about!

[dhav]

yes, that should be root:x:0:root,bush

fyi, I still think you shouldn't do this I think you should look into using the wheel group, it's concept is making users 'administrators' without making them root. The problem with running as root isn't so much that you might delete the wrong things or screw up a file as much as it is a problem with software and commands that attackers can trick you into running that runs with the permissions of root. For instance if you use a web browser and run malicious code unknowingly, you could allow the system to run commands that will open a root shell to the attacker. bad juju.

but hey, knock yourself out

[djbeenie]

I just hate typing in the root password for everything. If I want to modify anything and log on as root. I think that is quite anoying lol. But I guess that is what makes linux so secure. I have only been using Linux for 3 weeks now.

Sorry my 2 cents.

Regards,
Beenie

[Mat]

Quote:

Originally Posted by djbeenie

I just hate typing in the root password for everything. If I want to modify anything and log on as root. I think that is quite anoying lol. But I guess that is what makes linux so secure.

indeed it is... because that makes you think twice before running potentially dangerous commands like "dd of=file of=/dev/hda".. and may save you from a lot of trouble


Mat

[VStrider]

nt7272: as root, type visudo and add this line
bush ALL=(ALL)NOPASSWD: ALL
Save and exit with :wq

Now your user bush, can do anything as root without typing any password. You just type sudo followed by whatever you want to execute as root. Extremely dangerous. My guess is that you're comming from windows and you don't quite understand the security implications of this. If your bush account is compromised, your whole system is going down with it. If you still insist, by all means go ahead.

[djbeenie]

Quote:

Originally Posted by VStrider

nt7272: as root, type visudo and add this line
bush ALL=(ALL)NOPASSWD: ALL
Save and exit with :wq

Now your user bush, can do anything as root without typing any password. You just type sudo followed by whatever you want to execute as root. Extremely dangerous. My guess is that you're comming from windows and you don't quite understand the security implications of this. If your bush account is compromised, your whole system is going down with it. If you still insist, by all means go ahead.

Makes good sense! I will not be changing my system.