I'm embarrased to have to ask this question, for I have been using MAndiva One 2008 for a few months now. Why are root log ins not allowed in Mandriva??

I downloaded and installed Picasa, but it won't work. I uninstalled using thepackage manager, but the menu entry is still there under "graphics-[+]other" I tried to delete both the Picasa launch entry and the "[+]other" folded it resides in, but when I go to save the file, it won't write to the menu because I don't have permission. I tried opening a terminal within the /.config folder, and entered "su", then my root password, but it still wouldn't give me access to the folded (that has worked for me in the past).

Again, whay are root log ins not allowed in Mandriva???... I haven't had this problem with other distros. I prefer Mandriva over PCLOS, but things are easier to configure in PCLOS. Any help would be sincerely appreciated.

Note: I did quicly red through the FAQ's. I wasn't sure where in the forum to post this question. I apologize if I picked the wrong place.

I think this is more of a security question, so I'll move it there...

I think it's a general question about how to configure the OS. We have different definitions of "security," as to how it pertains to computing. As you can see, I have made few posts, yet most seem to get moved. I wish you would put a "General Questions" thread at the top, so one doesn't have to spend more time trying to figure out what thread to list the question, then it does to type the question. I'll post my question over at linuxquestions.org. There, I'm more likely to get an answer to my question before it gets moved. Great OS!....poor forum.

Open /etc/kde/kdm/kdmrc in a text editor and change AllowRootLogin=false to AllowRootLogin=true

It's not recommended to login to any desktop gui as root, this is why it's not a default option. I'm sorry, I don't have the time to go into the security issues now. I would suggest that if you have a problem with your menu that you can't edit as user, that you open a terminal and do

Thank you for the reply. I tried that, opened with KWrite, but again, when I try to save the file after making the change I get a "permission denied" error. How can I edit that menu with root privelidges? Thanks agin for the reply.

Thanks!! That problem is solved!

I would still like the option to log in as root.....is there a way to edit that file to allow this? I don't know the commands to edit in a terminal.

Got it....thanks!!!.... I know it was a stupid question, but those simple codes were all i needed. I also understand now how it works. I understand the security risks asssociated with running as root, and the damage (especially from new users like myself) that can be done. Both PCLOS & openSuSE have root logins as an option. I don't log in as root often, but I have needed to to delete wifi modules so it would look to the ndiswrapper driver by default, and to edit menus. Thank you agin, it is appreciated.

For editing in a terminal try nano. It is easy to use and has all the important commands listed at the bottom of the window. If you are editing files with long lines that should not wrap, start it with the w option:
nano -w file_name

If you have set your software sources with Easy-Urpmi, you can go to "MCC/installing software" and type .
Install it, go to your home en rightclick on a folder or a document. A popup is coming up, click on action and you see by a file, or you see by a folder.
You see there is no need to login as root.

When you've been here a bit longer, you may become a mod or admin, then you can decide where topics belong. I don't see how creating a dustbin forum (General Questions) would solve anything - you would still have to define what went there, and if it was just doubtful topics, they would still have to be moved to the right forum.


Threatening to go to another forum doesn't have much effect, I'm afraid - and whether a topic is answered before or after it's moved, is neither here nor there.

Slagging off the forum when you've recently arrived, is not the best way to make friends, but as you can see, our members are quite tolerant.

Yes we are.

I contemplated making a comment regarding the whiny tone presented by dan in Jersey but decided against it. I sensed he was frustrated. I am not sure he would have been treated so well on a different forum.

Aye, I'm so tolerant I didn't reply

But yes, bad idea to login as root. You do that under MS products such as Windows, and then look at how many probs you have. Best not to unless you don't care about your system being compromised nice and easily though.

to answer the original question however, the NO ROOT decision was a corporate decision made several versions ago (2007?) by MDV.

you here a LOT of negative flak about logging in as root.

however there have been times (see my cooker post) where I've had to login as root.

but once you get down to using KDESU XXXX it really becomes 2nd nature.

j

Hey, speak for yourself

anything you need to do as root can be run on an instance basis via the terminal. This is why you do not need to be able to login into a desktop as root. You do not want to do this because vulnerabilities in programs that are running as root can be exploited to gain immediate root access to the system you are using. When running a full desktop instead of running programs on an instance basis the number of programs with possible vulnerabilities that could be exploited increases dramatically, when running this programs as a user if they are exploited the level of access the hacker gains is very limited - as root, it's not limited at all (rm -rf / would succeed). I'm not saying this to criticize anyone, but because it's simply a fact, and people need to be aware of it to keep their system safe.

Do not take the fact that your posts get moved personally. I was a mod and later an admin on this forum for several years, and I can assure you that the reason posts are moved is so that they receive more attention from the people who have the knowledge to help. It is to your advantage to let the mods/admins here do their job, as it will ultimately result in better and more accurate responses. It can also help in the future when someone may be searching for an answer to a similar question and they want to narrow their search to a specific topic. Ultimately, moving your topic causes no harm and likely increases your chances of getting your problem resolved.

I have been absolutely enamoured by Mandriva since I started using it and I still am, but isn't it always the case that whenever something really good comes along in life, sooner or later you find something bad to offset it?

It shows you how often I log in as root that since starting to use Mandriva I have never even noticed that you can't log in as root until I read this thread and then tried it. I must say that this type of attitude annoys the living crap out of me. Are we not told that Linux is about choice?? So supposing I want to exercise that choice and log in as root. Who the hell has the right to think they can stop me? This is my life and this is my computer and if I want to use it in a way that you think is foolish then that is my right too - butt out!!

I guess all I can say is that at least you dont stop people from having a root account as per Ubuntu. But really can't the people that make these decisions see that they have no right to do this?

After having got that heartfelt rant off my chest I would now like to advise you how to correct this situation. I will use the example of Ubuntu and Linux Mint in order to do this. Ubuntu just says "no root account" end of story (unless you know how to get round it) Linux Mint on the other hand says "would you like to install a root account?" If you choose 'yes' then they load another window telling you why they think this is a bad idea but part of that window has the option to "continue anyway" or something similar. This is choice, this is what Linux is about, ignore this principle and you are no better than Microsoft - and I can't think of a worse insult than that!

If you want to do it, you can, you simply have to change an option.

So learn how to setup it up the way you want and do it (Linux is also about learning - and this change takes maybe 5 seconds and a text editor). They have to choose a default setting (either you can or you can't), and personally I'm glad that they choose the more secure option. It keeps people who don't understand the importance of not running a desktop environment as root from doing so, which keeps their computer (and the internet in general, as their system could be compromised and used for further attacks) safer.

Actually, they have every right to do this. It's their product. They decide what software to put on it, they decide how the install process goes, they decide every last detail of the distribution they create, as they should - and you are, of course, free to choose to change the default settings, to contact Mandriva directly and suggest changes, or to (gasp) try a distribution that is more inline with your preferences. However, You have a root account. You can access it via su, sudo, kdesu and various other mechanisms. You are only blocked from logging into a desktop as root because it is a security risk. Would you rather them distribute a system with insecure defaults? You know, like Windows?

I didn't think so.

Ubuntu does have a root account also. It does exist, it isn't a case that you don't have one.

Ok.....once again....thank you all for the input and suggestions.....I mean that sincerely.

As for my whiny demeaor....I'll admit, you MIGHT have a point. I was frustrated that something as simple as editing a menu (which I have done with minimum effort in a few other distros) could be so time consuming, and frankly, I was stumped. So....I come to the forum, and I have participated in many forums of various interests over the years. I post my question, and the "moderator" moves it within five minutes of posting it, but didn't bother to take an extra 30 seconds to help me out. I'm assuming the "moderator" of the forum would have experience, and knowledge of Mandriva, so I'm also assuming he/she could have helped.

If my assumptions are incorrect...I apologize.........if not, I stand by what I wrote.

EDIT: NEWSFLASH!!....I just noticed under the Admin's avatar: "not a Mandriva guru"........ If that isn't sarcasm, then I guess I do owe an apology. You can all feel free to call me a jacka$$. I can take it.( I would have deleted this post, but I don't believe in deleting things once they've been posted)

I would not have thought to post my question on the security thread, for my question was about how to edit my Kmenu. I am fairly new to Linux, and people like me are the ones who rely on these forums. My suggestion for a General Questions thread, was just a thought to help those like myself, that still have ALOT to learn.

I will not deabte this any further, I am what I am (Edit: see EDIT: NEWSFLASH!!). I do however want to ,again, sincerely thank those who offered help.

If you want to run the program with GUI "foo" as root, then simply (speaking about KDE) "kdesu foo".
Or, "gksu foo" if using Gnome.
Or, you can run "visudo" in a root console (requires basic vi knowledge), and grant permissions for running some apps as root by "sudo foo".
Or, if you are fool enough, you can (using visudo) uncomment the line
%wheel ALL=(ALL) NOPASSWD: ALL
so that ANY user belonging to the "wheel" group can run ANY command as root, by a simple "sudo foo".
Of course this is absolutely stupid, but anyway MUCH more clever than running your desktop as root!

The above apply for Linux in general- not just Mandriva...

OK, you're a jackass

Just kidding . Sometimes people will read a post and may at that time not be able to help, and they may even try to see if they can help you by testing what you are trying to do on their system. Sometimes they'll even google for you to help find the answer. Sometimes it just takes a little time to get the answer to your question.

Ok I apologise, I wasn't aware that you could enable it, so long as you can I am cool with that even though I don't know how to do it and don't really feel the need to do so. Although I don't quite agree with the argument that a machine without a root login is any more secure than one that has one, and there are times when a root login is very useful. I rescued a system once using a root login when it was impossible to login any other way (user accounts inoperative) now maybe I could have done the same thing with a 'live cd' or something similar but it was a hell of a lot easier to use the root account which was the only one operating.

Also there is the fact that it is pretty basic psychology that the more you tell someone not to do something "for their own good" the more they are likely to want to do it.

Where is bvc when you need him.

Yes, rescue is a time when you'd have to login as root, else you'd not be able to rescue the system.

What we meant was it's a bad idea to login as root every day like you do in every version of Windows. All Linux systems have a root account, including Ubuntu! I don't know of any that don't have one, in fact, I doubt it's possible considering that's how Linux/Unix is set up in general. And there is definitely no need to login to root under Gnome/KDE/X or whatever desktop environment.

I'm not saying there should be no root (in fact, there can't be no root, simply disabled root), just that you shouldn't log into a Desktop Environment (KDE, GNOME, etc.) as root. You should only access root via mechanisms like su, kdesu and sudo. Root is most certainly a necessary account, and I don't personally like when distributions (like Ubuntu) try to completely disable it (on these systems the first thing I do is re-enable it - I did the same thing on my OS X box).

Couldn't this also be accomplished by chroot from a live cd or another linux distro? I have broken things several times in Gentoo to the point where my system was unbootable and it was nothing I couldn't fix from within a chroot environment. Just a thought. I profess to being a command line geek.

Yes, but when you chroot you are essentially logging in as root on the install you are chrooting to.

I realize that but in order to make the repairs you need, you have to be root. You simply do what you do and then logout. I don't see the difference between that and doing su because in both cases you are working in a terminal with no gui interface. Not trying to argue, just make a point that there are alternatives.

I was simply clarifying that chroot makes you root, not saying there's anything wrong with using it.

Hmmm, just to add to tghe general fray....


Since when have root logins not been allowed? It's not an option in the graphical login but if you use a text/commeand prompt login it still works.

I used to like it on Mandrake when you did log in as root and ran X that the default theme was RED, just to remind you, this seems to have gone.

If I am doing any kind of troubleshooting/admin work I have a terminal open where the first thing I did was run su - I can easily run anything with root priveledges from there, why bother logging in as root?

You can log in as root - if you know what you're doing - if you don't know what you're doing, you shouldn't be logginig in as root. I thinkit a very sensible decision.