Can one set one's own password for root?
RodMcKay
typing in root so far in the terminal (in the LiveCDs). To have even
better security, can you set a password for root so that nothing is
done by any program, etc., without that one specific password? In
other words, can the generic password of root, or whatever it is (I'm
going by memory here) still be used even if you've set a password -
which I'm assuming can be set when installing Linux?
I just thought that would be a great thing and I'm sure it's possible,
it's just good to check with the experts when trying out something
new. thx.
ray
It is generally set up that way when you install. Some installations do
not have a root password set and that account is not accessible. In such
cases 'sudo' is set up to grant specific privileges to certain users.
Ubuntu is an example.
Stefan Patric
Yes. When you initially install a distro, it will ask you to enter the
root password. If you've already installed and want to change the root
password, you can, but you have to be root to do it. man passwd for more
info.
As far as changing one's own user password, some distros permit this;
others allow only root or a superuser to change passwords.
If you change the root password for a LiveCD distro running as a LiveCD,
that is, it's not installed on the hard drive, the "generic" password is
no longer valid. However, this situation will only last for that
session. When you reboot the LiveCD all the changes you've made
disappear, and the original root password and settings return. However,
there are a couple of Live distros, that permit saving changes on the
hard drive. So, that a new LiveCD session "remembers" what you changed,
added, etc.
If I understand you correctly, you want to be able to password protect an
individual app's access to the system or restrict its use to only certain
users. Yes. This can be done.
Check out SELinux, if you're really security paranoid. Here's a basic
overview:
http://en.wikipedia.org/wiki/Security-Enhanced_Linux
Stef
Whiskers
It's usually considered essential to set a password for 'root' - and to
not use root for doing anything unless you can't do it as a more
restricted user. Each human user should have their own username and
password, with no more than 'normal' privileges. 'LiveCD' systems tend to
be 'everything as root' with no possibility of setting up normal users,
but since the software is only on removable media, and probably 'read
only', the security implications aren't so bad.
--
-- ^^^^^^^^^^
-- Whiskers
-- ~~~~~~~~~~
unruh
> typing in root so far in the terminal (in the LiveCDs). To have even
> better security, can you set a password for root so that nothing is
> done by any program, etc., without that one specific password? In
> other words, can the generic password of root, or whatever it is (I'm
> going by memory here) still be used even if you've set a password -
> which I'm assuming can be set when installing Linux?
Not at all sure what you mean, but:
a) root can only have one password ( although you can set up root
aliases -- ie usernames like altroot which also have uid=0 but different
passwords).
b) You should NOT be running things as root. Log in as a user and run
things that way. Far far safer. doing things as root is dangerous. It is
like repairing live wiring in your house with bare hands.
RodMcKay
wrote:
Thank you, Stef. A very clear explanation. Much appreciated. :)