Ubuntu Root Passwork Gotcha?

Russell Cook bike_oz at yahoo.com.au
Thu Jul 28 09:56:12 UTC 2005

I take a fairly simple approach.
I set a root password so if my account ever gets corrupt (including the
sudoers file) I can get into the system. However, I use sudo for all
maintenance and just keep the root account as backup. This works for me.

On Wed, 2005-07-27 at 22:17 -0700, William Chapman wrote:

> To Rooters & non-Rooters alike:
> Being something of a Linux noob, my position on the much-debated issue
> of root account management in Ubuntu has been to accept the party-line
> and work with the root account disabled.  After a solid couple of
> months of intensive Ubuntu hacking & mangling, I've consistently been
> able to achieve desired results, and have grown comfortable with the
> policy, while actually beginning to understanding why it might be a
> sound idea!
> But after encountering the situation described below, I think I may
> have to reconsider.  Perhaps others would be willing to weigh-in to
> correct my possible flawed analysis & likely lack of understanding.
> As always, your comments will be much appreciated.
> Situation:
> An unpleasant experience involving an ssh session (a test case with
> both client & server hosts lan'ed in my lab) in which the ssh client
> process was manually killed (it became a zombie, but wouldn't die),
> and its host rebooted by me.  Immediately upon commanding the reboot I
> look at the ssh server host and realized that the session had still
> been active.  (I had only imagined exiting the session.)
> (I won't go into why I was doing this, except to say it was related to
> establishing ssh sessions with WinXP-Linux dual-boot PCs set up so
> both OS environments on a given machine share identical host keys.  It
> can be done!)
> The result of this was a situation along the lines of "...can't read
> ~/.ICEauthority...".  and being forced into a recovery session from
> the gnome login screen (trouble starting gdm, I suppose).  That file's
> owner was now root instead of me.  After a quick chown & chmod, I was
> able to reboot, restore the correct permissions and all was well.
> (Not counting my unsolved ssh problems.)
> HOWEVER, during the process, I wanted very much to reboot and select
> the second default Ubuntu configuration offered by Grub, which is
> labeled, "(recovery mode)".  I tried this, and at the opportune time,
> the boot process asked for a root password.  As I suspected, my
> password would not suffice, as the root account was, of course,
> disabled.  Upon rejecting the offered password,  the boot process
> charged into a normal, default session.  (Try it!)
> Issue:
> (1)  The way I recon, the Grub recovery mode option is inconsistent
> with Ubuntu root account policy, and, therefore, cannot serve its
> intended purpose.  Because when you really need it, you won't be able
> to use it!  It could still have utility, but only in controlled
> situations where you add the root account in anticipation of going
> down that path.  If my logic is flawed, please correct me.
> (2)  If (1) is correct, perhaps the setup of the "recovery mode" could
> be changed (for Ubuntu) to allow a superuser id as an alternate to
> root.
> Comments?
> Kindly,
> Bill Chapman

Kind Regards Russell
Linux user #369094

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050728/b283c901/attachment.html>

More information about the ubuntu-users mailing list