Re: passwd in x11 and login appearance
Re: passwd in x11 and login appearance
- Subject: Re: passwd in x11 and login appearance
- From: John Francini <email@hidden>
- Date: Thu, 2 Dec 2004 10:07:32 -0500
Joerg,
The root user you enabled is the real thing. Root is root. Its home
directory is on /var/root. That way, if you put /Users on another
volume (which can be done), root will always be available even if that
other volume is not available.
If you want to DIS-able it, do the following:
1. Log in as a normal administrator
2. Open Applications->Utilities->Netinfo Manager.
3. In the Security menu, pick "Authenticate". This will require your
admin username/password.
4. Again in the Security menu, pick "Disable Root User".
You're done!
As for security, unless you go to great lengths to defeat it, the root
user can not be used for remote access via file sharing, FTP, SSH, or
Windows sharing. And those services have to be specifically enabled in
the Services preference pane; they're all turned off by default.
As for the passwd command, you can always run it for yourself without
authorizing, since you need to authorize with your current password in
order to use it.
Hope this helps,
John
On Dec 2, 2004, at 9:14 AM, Joerg Mertins wrote:
On Wed, 1 Dec 2004, Eric Dahlman wrote:
On Dec 1, 2004, at 2:49 PM, Joerg Mertins wrote:
This seems quite strange: I use 10.2.8 and XDarwin 1.1.1.1 and
wanted to change my accounts password via command line in x11 bash
window, using the command "sudo passwd". That did not succeed but I
remembered system preferences in aquas main menu and everything
worked fine.
Using sudo to run passwd would run it as root and not the user so
unless you included the flags to set the password for you as the
specific user you actually created a password for root. I think that
may be the case as one of the side effects of enabling the root
account a change in the login screen IIRC.
Thanks for the hint, Eric.
Thats exactly what happened. I can login as root now. I am not sure
yet if thats just a user called root or actually a real root (with all
root rights). Its not in the home directory but in a whole new
separate tree starting at /private and containing among other stuff
/private/var/root/...
I dont like that very much, but I have some scruples attempting to
delete a root user. However, it may just sit there if it doesnt mean
an additional security threat. I cannot deal with that user via apples
preferences (maybe because its in that new tree), so what do I have to
make sure to prevent logins from other machines etc?
the reason I orininally did passwd with sudo was, that whenever I
administrate the system I am beeing asked for it, too, imagining that
it was somehow used to become a "hidden" root...
Thanks for your advice,
Joe
You can verify this by trying to log in as root to see if it works.
Unfortunately, I cannot tell you how to re-disable the root login,
but a bit of googling would most likely turn it up.
-Eric
_______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list (email@hidden)
This email sent to email@hidden