FC11 logging in as root - FC10 change not enough?
At times I find I need to login as root. For example, as a regular user su to root, then start gedit from that terminal session. Look at all the errors generated. And at least in FC10, I could still change preferences, but in FC11, they all come up grey. There are other things in gnome that don't launch right from an SUed terminal session. So when I want to 'fix' things, I find it better to just log in as root. So in FC10, I learned to edit (with VI cause at least THAT works in the SU terminal session) /etc/pam.d/gdm and trim off the end of the 2nd line that has pam_succeed_if.so Well I did that, and logged out as me and could not log in as root. So I rebooted (perhaps needed to restart some service) and still could not log in as root. So what is the magic incantation this time around? And why is it getting harder to enable this? Sigh. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
On Friday 30 October 2009 10:31:49 Robert Moskowitz wrote: At times I find I need to login as root. For example, as a regular user su to root, then start gedit from that terminal session. Look at all the errors generated. And at least in FC10, I could still change preferences, but in FC11, they all come up grey. There are other things in gnome that don't launch right from an SUed terminal session. So when I want to 'fix' things, I find it better to just log in as root. So in FC10, I learned to edit (with VI cause at least THAT works in the SU terminal session) /etc/pam.d/gdm and trim off the end of the 2nd line that has pam_succeed_if.so Well I did that, and logged out as me and could not log in as root. So I rebooted (perhaps needed to restart some service) and still could not log in as root. So what is the magic incantation this time around? And why is it getting harder to enable this? To make things more user-friendly ;-) Sigh. Do the same edit on /etc/pam.d/gdm-password Tony -- Dept. of Comp. Sci. University of Limerick. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
Robert Moskowitz wrote: At times I find I need to login as root. For example, as a regular user su to root, then start gedit from that terminal session. Look at all the errors generated. And at least in FC10, I could still change preferences, but in FC11, they all come up grey. There are other things in gnome that don't launch right from an SUed terminal session. So when I want to 'fix' things, I find it better to just log in as root. I am logged in as a regular user I su - and run gedit. I got no errors and I can edit the preference just fine I think you are making the mistake of doing only su and not su -. So in FC10, I learned to edit (with VI cause at least THAT works in the SU terminal session) /etc/pam.d/gdm and trim off the end of the 2nd line that has pam_succeed_if.so Well I did that, and logged out as me and could not log in as root. So I rebooted (perhaps needed to restart some service) and still could not log in as root. So what is the magic incantation this time around? And why is it getting harder to enable this? Sigh. -- If the path be beautiful, let us not ask where it leads. -- Anatole France Guess Who! http://tinyurl.com/mc4xe7 signature.asc Description: OpenPGP digital signature -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
2009/10/30 Robert Moskowitz r...@htt-consult.com: At times I find I need to login as root. You really don't. For example, as a regular user su to root, then start gedit from that terminal session. Look at all the errors generated. And at least in FC10, I could still change preferences, but in FC11, they all come up grey. There are other things in gnome that don't launch right from an SUed terminal session. So when I want to 'fix' things, I find it better to just log in as root. I think you need to understand the difference between su and su -. But really you need to get to grips with sudo as a better replacement for su. Steps I always take on a new Fedora box to make my life easier. 1/ su - to become root. 2/ visudo to edit the sudoers file. 3/ Uncomment the first line referencing the wheel group. 4/ Save the file. 5/ Edit /etc/groups to add myself to the wheel group. 6/ Exit from su -. From that stage on, I never need su again. I can do anything I want (without the errors that you're seeing) using sudo some_command. hth, Dave... -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
Dave Cross wrote: 2009/10/30 Robert Moskowitz r...@htt-consult.com: At times I find I need to login as root. You really don't. For example, as a regular user su to root, then start gedit from that terminal session. Look at all the errors generated. And at least in FC10, I could still change preferences, but in FC11, they all come up grey. There are other things in gnome that don't launch right from an SUed terminal session. So when I want to 'fix' things, I find it better to just log in as root. I think you need to understand the difference between su and su -. But really you need to get to grips with sudo as a better replacement for su. Steps I always take on a new Fedora box to make my life easier. 1/ su - to become root. 2/ visudo to edit the sudoers file. 3/ Uncomment the first line referencing the wheel group. 4/ Save the file. 5/ Edit /etc/groups to add myself to the wheel group. 6/ Exit from su -. Is this better than just adding your userid to the sudoers file? And I will have to learn a bit about the difference between 'su' and 'su -'. From that stage on, I never need su again. I can do anything I want (without the errors that you're seeing) using sudo some_command. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
2009/10/30 Robert Moskowitz r...@htt-consult.com: Dave Cross wrote: 2009/10/30 Robert Moskowitz r...@htt-consult.com: At times I find I need to login as root. You really don't. For example, as a regular user su to root, then start gedit from that terminal session. Look at all the errors generated. And at least in FC10, I could still change preferences, but in FC11, they all come up grey. There are other things in gnome that don't launch right from an SUed terminal session. So when I want to 'fix' things, I find it better to just log in as root. I think you need to understand the difference between su and su -. But really you need to get to grips with sudo as a better replacement for su. Steps I always take on a new Fedora box to make my life easier. 1/ su - to become root. 2/ visudo to edit the sudoers file. 3/ Uncomment the first line referencing the wheel group. 4/ Save the file. 5/ Edit /etc/groups to add myself to the wheel group. 6/ Exit from su -. Is this better than just adding your userid to the sudoers file? There's almost certainly a good reason for doing it this way that I've forgotten in the mists of time. Some ideas that spring to mind: * This has been a standard Unix approach for as long as I can remember. I was doing this on HP-UX systems almost twenty years ago. * I can use the same method on my own desktop as I use on a larger system where I want to give rights to multiple people. * I only need to edit sudoers once. From then on I can control permissions simply by editing membership of the group (which can be done with a GUI tool as well as by editing the text file). And I will have to learn a bit about the difference between 'su' and 'su -'. su - gives you a login shell. So it's as though you actually logged on as root. su just changes the user. It doesn't, for example, give you root's PATH. Let us know if you have any more questions. Dave... -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
Dave Cross wrote: 2009/10/30 Robert Moskowitz r...@htt-consult.com: Dave Cross wrote: 2009/10/30 Robert Moskowitz r...@htt-consult.com: At times I find I need to login as root. You really don't. For example, as a regular user su to root, then start gedit from that terminal session. Look at all the errors generated. And at least in FC10, I could still change preferences, but in FC11, they all come up grey. There are other things in gnome that don't launch right from an SUed terminal session. So when I want to 'fix' things, I find it better to just log in as root. I think you need to understand the difference between su and su -. But really you need to get to grips with sudo as a better replacement for su. Steps I always take on a new Fedora box to make my life easier. 1/ su - to become root. 2/ visudo to edit the sudoers file. 3/ Uncomment the first line referencing the wheel group. 4/ Save the file. 5/ Edit /etc/groups to add myself to the wheel group. 6/ Exit from su -. Is this better than just adding your userid to the sudoers file? There's almost certainly a good reason for doing it this way that I've forgotten in the mists of time. Some ideas that spring to mind: * This has been a standard Unix approach for as long as I can remember. I was doing this on HP-UX systems almost twenty years ago. * I can use the same method on my own desktop as I use on a larger system where I want to give rights to multiple people. * I only need to edit sudoers once. From then on I can control permissions simply by editing membership of the group (which can be done with a GUI tool as well as by editing the text file). OK. So I enable group wheel with visudo. Then I look into adding me to the group. I see the following files in /etc that have group wheel: group, group-, gshadow, and gshadow- You only said to add to group. With just an editor like VI? I went to SystemAdminister'Users and Groups' and went to the Groups tab. Wheel is NOT listed there. And I will have to learn a bit about the difference between 'su' and 'su -'. su - gives you a login shell. So it's as though you actually logged on as root. su just changes the user. It doesn't, for example, give you root's PATH. Let us know if you have any more questions. Dave... -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
On Fri, Oct 30, 2009 at 9:21 AM, Robert Moskowitz r...@htt-consult.comwrote: With just an editor like VI? I went to SystemAdminister'Users and Groups' and went to the Groups tab. Wheel is NOT listed there. When you have User Manager open, go to Edit - Preferences and uncheck the box that says Hide System Users and Groups. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
2009/10/30 Robert Moskowitz r...@htt-consult.com: OK. So I enable group wheel with visudo. Then I look into adding me to the group. I see the following files in /etc that have group wheel: group, group-, gshadow, and gshadow- You only said to add to group. Yep. That's what I do. Just /etc/group. With just an editor like VI? I went to SystemAdminister'Users and Groups' and went to the Groups tab. Wheel is NOT listed there. No, that's right. I had never checked before. I just assumed it would be there. Sorry about that. I just use vi. Cheers, Dave... -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
On Fri, 2009-10-30 at 10:53 +, Dave Cross wrote: Steps I always take on a new Fedora box to make my life easier. 1/ su - to become root. In fact a simple su will do here. You're just editing a couple of files. 2/ visudo to edit the sudoers file. 3/ Uncomment the first line referencing the wheel group. 4/ Save the file. 5/ Edit /etc/groups to add myself to the wheel group. 6/ Exit from su -. poc -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: FC11 logging in as root - FC10 change not enough?
Mark Perew wrote: On Fri, Oct 30, 2009 at 9:21 AM, Robert Moskowitz r...@htt-consult.com mailto:r...@htt-consult.com wrote: With just an editor like VI? I went to SystemAdminister'Users and Groups' and went to the Groups tab. Wheel is NOT listed there. When you have User Manager open, go to Edit - Preferences and uncheck the box that says Hide System Users and Groups. hmm. Did that. No additional groups. Pressed refresh and the whirlybird has been going for over 5 min, and nothing in /var/log/messages to say what is wrong. I am logged in as root. What I did was init to 3, then did a startx. So I killed the program and tried to restart it. It starts then terminates. And no messages. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines