[TCLUG] Bastille - Root can't login to KDE

Fri Sep 5 22:55:30 CDT 2003

It is a box at home that I am using.  And I am still learning.  I didn't
take anything you said wrong.  I think that is all informative and I am
grateful for all feedback.  I ran Bastille because I don't have a friggin'
clue about so much of the security stuff and I'd rather have Bastille have
it's way with my system than those dang romanians.

-----Original Message-----
From: tclug-list-admin at mn-linux.org
[mailto:tclug-list-admin at mn-linux.org]On Behalf Of Sam MacDonald
Sent: Friday, September 05, 2003 10:44 PM
To: tclug-list at mn-linux.org
Subject: Re: [TCLUG] Bastille - Root can't login to KDE

The reason "root" is not used is because 1 mistake can cause disaster,
however, I would venture a guess this is a machine at home.  A machine
to learn Linux on and a machine that it's OK to rebuild at any time.

Don't take this part wrong.
However  you ran a system hardening tool without having a complete
understanding of the tool.  With Linux it's best to read about the tool
you want to use, ask questions of the group for advice, then install the
tool.

Don't get me wrong about this, I haven't used Bastille so I can't make
more then a guess.  By definition a hardened system would not allow root
to use X, because root is not just an account to administer the system
with.  "root" is the system account (someone correct me if I'm wrong or
off base) the account that runs the whole show.

I have an account I created for administration of the Linux box. I also
have an account that I have my 9 year old son use (get'em early).  The
only reason I would use "root" is to give the account I use for
administration more rights/permissions.  As an administrator, using good
practices, I wouldn't use root for anything.  I would keep the root
password in a safe place and change it often.  After saying that I can
also say I'm guilty of using "root" for other purposes.

On an isolated home systems lots of people use root because it "has the
power",  "root" has way to much power to be used at all.  In some cases
things can't be fixed when "root" is used.  That's why having another
administrator account is important.

This same thing is true for many windows systems at home, the
"administrator" account has the power, and makes it easy to add software
and hardware. The difference is that "root" has much more power then
"administrator".  I would venture that "root" has an equivalent of
"system" and "administrator" in windows rolled in to 1 account.

I've only had 1 corrupt "system" account in over 9 years of windows
administration. I still wonder how it happened because "system" can't be
used to login.  It was NT 3.50 so I'm not loosing sleep over it now.

Sam.

Dan Rue wrote:

> Tom Wurdock wrote:
>
>> Hey all,
>>
>> I ran Bastille Linux to try and harden up my system.  Now I can't
>> login to KDE as root, not can I run/view certain programs.
>
>
> Why would you want to log into KDE as root in the first place?  If you
> want to do rootly things, you should go to a command line and use "su"
> or "sudo".  "man su" or "man sudo" at the command line for more
> information.
>
> That said, i'm sure there are ways in kde to do root things in the
> control panel or whatever without actually logging in as root.
> doesn't it prompt you for a password?  I don't run KDE so I don't
> know, but you shouldn't ever need to log in as root.
>
> dan
>
>> It is not clear to me what part of the Bastille process did this.
>> Any help appreciated.
>>
>> TOm
>
>
>
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> http://www.mn-linux.org tclug-list at mn-linux.org
> https://mailman.real-time.com/mailman/listinfo/tclug-list
>

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list