Участник:MP2144/new1

Черновик перевода https://en.opensuse.org/SDB:Login_as_root

База поддержки openSUSE

Portal - Категории SDB - Как писать статьи для SDB - Что выбрать: SDB, HOWTO или FAQ

Содержание

1 Situation
2 Процедура
3 Bibliography
4 Links

Situation

В системах типа Unix/Linux имеется специальный пользователь для администрирования системы. Этот пользователь имеет id 0 и имя root. Это так называемый 'суперюзер'. В повседневной жизни его обычно называют: root. Root может вносить любые изменения в любые настройки, соответственно ошибки, допущенные им, могут привести к серьёзным неполадкам системы. Also, when an unauthorized person becomes root, you are finished.

Оригинальный пример от человека:

... со мной случилось, когда я работал под root'ом. Настраивая звук, я ввёл "ls > /dev/hdb2" вместо
"/dev/dsp" - по ошибке - к сожалению, /dev/hdb2 - это мой корневой раздел????.

Запомните: /dev/hdb2 был его корневыv разделом. Мы можем лишь выразить сочувствие пользователю ;-)

Опыт многолетней работы в Unix- и Linux-подобных системах показывает, что не следует:

выполнять 'нормальную' работу в системе как root (слишком велик риск случайно сделать какую-то глупость или засорить системные файлы, путая данные пользовательские и системными), кроме случаев когда это действительно нужно;
прямо входить в систему в качестве root, особенно при пользовании сетью (понизит безопасность), исключения из этого правила будут оговорены ниже.

Процедура

We will look into how to observe these rules in openSUSE.

Не используйте root в обычной работе

openSUSE помогает вам не нарушать эти правила

Во время установки вам предлагается добавить обычного пользователя в базу данных. Это позволит вам входить в систему через GUI, работать с почтой, слушать музыку, работать в Интернете и т. д.

При входе через GUI вам не предоставят имя root в списке пользователей, что также делается для вашей безопасности.

Что ещё может быть сделано

Если компьютером пользуется несколько человек, выделите каждому своего пользователя. Каждый из них будет иметь своё место на диске, свой менеджер рабочего стола и т. п.

While this recommendation is only remotely related to our root user problem, it shows the difference of 'normal' users and root to advantage. There may be many normal users, but there is only one root. And the knowledge of the password of root must be restricted! The case that there is but one 'normal' user (happy) is a special case of multi-user Linux. And it leads to the following recommendation.

Consider installing a user for the tasks and data of the systems administrator. Let us call this user: admin (as an example). Now you can do and store things in your role as systems administrator, which do not need do be done as root, separate from the things you do and store as happy.

By the way, you can introduce users using YaST > Security and Users > Users Management.

Over the network

Before we go on, first a word about the network. As protocols as Telnet, Rsh, and Rlogin are considered very dangerous to use in today's networks even for normal usage, never use such protocols when you by any means send the root password over it. Always use secure protocols like ssh.

Do not login directly as root

All the actions to become root will ask you for the root password. This is not only to prevent other people to become root, but it also tells you to be especially careful in what you are going to do.

We already talked about login in as root in the GUI. This is not easily done in openSUSE, and rightly so. This does not imply that we cannot use GUI oriented programs to manage our systems even if they require root privileges.

Programs that handle this problem themselves

An example is YaST. When YaST is started it sees that it is not running as root, asks for the root password, and will continue as root. When all of YaST finishes there are no more root processes left behind.

Some programs have special options that generate this sort of action like:

konsole --type su will start the terminal emulation program Konsole asking for the root password in the terminal window, it will also use a different colored background to remind you of the root status;
konqueror --profile filemanagement will ask for the root pasword and open a file management window.

There is no need to learn these examples by heart, because when you go to the KDE Menu > System > Terminal > Terminal Program (in systen management mode) this will let loose the first example, and likewise KDE Menu > File Management > File Manager (in system management mode) for the second example.

Start any GUI program by using kdesu/gnomesu

You probably know you can execute a command by either KDE Menu > Execute a Command, or by the key-combination Alt-F2. Start your command with kdesu followed by the command (name of the program) you want to execute as root e.g.: kdesu xterm will start the (a bit outdated) terminal emulator of that name, but beware: what you type there you type that as root! The equivalent command for Gnome is gnomesu.

It is probably not a good idea to start Firefox this way and then go surfing and downloading throughout the Internet. So know what and why you are running as root.

Execute a command as root during a terminal session

It is very common in Linux to use the command line, especially for root. As mentioned above you could start a CLI (Command Line Interface) terminal emulator (konsole, xterm) directly as root, but when you are not typing statements that require root privilege all the time it is better to start the terminal emulator as admin/happy and restrict root usage only to the required statements. Use the sudo statement for this e.g.

sudo /etc/rc.d/apache2 restart

After the Apache restart is finished (you will normally see any output generated during this action) you are again admin/happy. For editing the fstab you could use sudo vi /etc/fstab. But kdesu kwrite /etc/fstab is also an option when that is your favorite editor.

Execute a command which has a GUI as root during a terminal session

For starting a GUI program as root you need access to the DISPLAY which is owned by the user you're logged-in as. The sudo xeyes command gives: unable to open Display: To resolve this you can start sudo using -E option to keep the environment preserved. To make it permanent follow the following steps: sudo /usr/sbin/visudo find the line that says Defaults env_keep= " LANG LC_ADDRESS ... add DISPLAY and XAUTHORITY to this list. The beginning of the line now looks like this:Defaults env_keep = "DISPLAY XAUTHORITY LANG LC_ADDRESS ... Save the file and now you can type sudo xeyes without the need of the -E option.

A longer terminal session as root

When longer root access is needed use the su command. A new shell is started with root privileges. The usage of the option - (or -l or --login) is strongly recommended because it starts the shell for root as a login shell. This means that all initializations run during a normal login is done and among other things this will give you the correct PATH variable. When not doing this you will have the PATH variable of happy/admin which may contain unexpected directories which may contain dangerous executables. Most notorious is the directory . (your working directory). When a normal user creates, for example, a script with the name ls containing

Внимание: The following code is an example of what not to do. If you run the code below, it will destroy your system, deleting everything. The code below is comparable to deltree C:\

#!/bin/sh
cd /
rm -rf *

in /tmp/ or in his/her home directory, root can erase the complete system unintentionally. Even when the . is the last directory in th PATH one is not safe from typing errors calling a local program unintentionally (instead of lsi -a, la, for example). So to become root for a longer session:

happy@system:~> su -
Password:
system:~ #

Mind the different prompt (which even shows red in some terminal emulators). To end your session as root:

system:~ # exit
logout
happy@system:~>

The real console

The real console of your system is the keyboard screen combination you know already because it is also used for your GUI. To allow for this multiple use there are several 'logical screens' available. These can be reached by the key-combinations Ctrl-Alt-Fn. Your GUI is normally at Ctrl-ALt-F7. You can have a second (and more) GUI logins at the same time, to be found at Ctrl-Alt-F8, etc. The real console is at Ctrl-Alt-F1. When you try this key-combination for the first time after a boot you will see the last lines of output of that boot and a terminal login prompt. The same applies as for a terminal emulation (login as admin/happy and use sudo and/or su though NOT kdesu or gnomesu.

There are more terminal logins waiting for you at Ctrl-Alt F2 ... Ctrl-Alt-F6, but they are less nice to see and almost nobody uses them (maybe one of them when number 1 hangs).

As the real console is very difficult to sniff from, you may login on this one as root directly. This may even be necessary when your /home is unreachable (when it is on a separate partition, which is a good thing, it may be unmounted either because of a problem or because it is needed during e.g. an update/install). You can not login as a normal user then. But root's home directory is not in /home, it is in /. This is one of the reasons why this is done.

Bibliography

Practical UNIX Security by Simson Garfinkel and Gene Spafford (O'Reilly Serie, ISBN 0-937175-72-2)
Essential System Administration by Æleen Frisch (O'Reilly Serie, ISBN 1-56592-127-5)
Computer Security Basics by Deborah Russell and G.T. Gangemi Sr . (O'Reilly Serie, ISBN 0-937175-71-4)

Links

SDB:root cannot execute certain programs <keyword>root,login</keyword>