Fedora Security :: How To Become The Root On System
May 8, 2009
i still can't see quite well the security reason for not allowing one logging in as root on Fedora, but anyway...how to become the root on my system, Fedora 10, please?i did open a terminal and typed s - root then my password, now im the root, but only on the terminal, as CLI, but what if i want to change the munu.lst inside grub i.e.? and some other files or settings that there's no option to just type in the root password, how to overcome that please?
View 9 Replies
ADVERTISEMENT
Jun 23, 2009
I am interested in making the root file system is read-only. I've moved /var and /tmp file systems to another partitions. There are two files in the /etc directory that need to be writable.
These are:
I've moved this files to /var and linked it. I've added command to the /etc/rc.d/rc.local file:
That's it. Are there other solutions to make the root file system is read-only?
View 1 Replies
View Related
Feb 2, 2010
For a month or so now, I have been enabling ssh and opening port 22. I cron'ed the start and stop commands to leave them open only a few hours a day. After a bit, I checked my logs to find that some IP or another was attempting to brute force my root account.
I took little real threat by the offense.
(1) my system does not allow root to login and
(2) it would cut them off sooner than later when my system issued the stop command.
fast forward
Today I log in to find that all of my log files, as viewed from the gnome log file viewer, were empty of entries from about noon yesterday and prior.
Though I haven't noticed anything at all out of the ordinary with my system, I would like to get more opinions on the matter. Would there be any conceivable way that this was an automatic system routine, a clean up action of something? Additionally, if I was indeed the victim of a hack, what can I do to further protect my system (keeping in mind that I do want to access my system via ssh from time to time)?
View 4 Replies
View Related
Jan 17, 2010
My system started running at 75 % CPU (its normally 20%), so I opened a terminal and looked at 'top', there are many processes running as root, the one thats sucking the CPU is this:'user'- root, 'pid'-2963, 'command'-X. below that there are a few processes of my user account, then alot more 'root' processes.
View 2 Replies
View Related
Aug 10, 2010
I'm getting a lot of mail messages with not really any information (that I get anyway) but things like:
@312>
W266>
I372=
[code]...
View 3 Replies
View Related
Jan 8, 2010
I was considering adding the below to my RHEL5 system's /etc/pam.d/system-auth file.
password required pam_cracklib.so try_first_pass retry=3 minlen=8
dcredit=-1 ucredit=-1 ocredit=-1 lcredit=0
auth required pam_unix.so nullok try_first_pass
[code]...
View 1 Replies
View Related
Oct 20, 2010
I found this on Bee's website. For more info on this exploit there are links there:[URl]..All you have to do in Fedora 13 is enter the following lines in a shell as normal user:
[Code]...
I don't think this can be considered solely an "upstream" problem, because I first tried it in Arch using the same version of glibc, and the final command causes both gnome-terminal and xterm windows to disappear.
View 14 Replies
View Related
Mar 3, 2010
I'm using Gnome and I'd like to still have the ability to reboot/shutdown from one particular account as well as root. How would I modify the chmod command to add this ability?Also, I have a few users who just will hold the power button in to shutdown the machine. How can I keep them from doing this?// Pruned from the vintage 2007 Prevent a non-root user from shutting down, rebooting or suspend the system thread. Please create new threads instead of resurrecting ancient ones.
View 2 Replies
View Related
Aug 10, 2010
I have a problem with sshd daemon on a target linux system:The system has only one user (root) without password.The sshd_config looks like:
Code:
Port 22
Protocol 2
[code]...
View 8 Replies
View Related
Feb 12, 2011
I have been trying to use my DS2490 USB to serial device with a Maxim .DG1921G thermocron with owfs. It is supposed to give me access to a virtual file system for the thermocrom without needing to launch owfs as root.
Code:
/var/log/messages gives:
Feb 8 16:22:45 norman-HP-G56-Notebook-PC kernel: [ 236.140141] usb 5-1: new full speed USB device using ohci_hcd and address 2[code]....
but if ds2490 module is loaded it works when run sudo.It seems from this that it is a lack of permissions to USB but I have tried all the methods on at http://owfs.org/index.php?page=udev etc. to overcome this and a few others but none work.I am running Ubuntu 10.10 kernel 2.6.35-22-generic #33-Ubuntu SMP
View 1 Replies
View Related
Apr 13, 2011
this is the allert i got:Code:Summary:Your system may be seriously compromised! /usr/sbin/NetworkManager tried to loada kernel module.Detailed Description:SELinux has prevented NetworkManager from loading a kernel module. All confinedprograms that need to load kernel modules should have already had policy writtenfor them. If a compromised application tries to modify the kernel this AVC willbe generated. This is a serious issue.Your system may very well be compromised.Allowing Access:Contact your security administrator and report this issue.Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:system_r:NetworkManager_t:s0
Target Objects None [ capability ]
[code]....
View 5 Replies
View Related
Aug 19, 2009
I have a fedora 10 server to which I can ssh as the root user using RSA.
However for any user other than root a password is always requested.
I have made changes to PAM and check the rights to all the files and read pages upon pages. I can mess it up completely so no one can login but cant get it so that anyone other than root can use a public key.
Another interesting and may be related item is that when any user logs in, with a password, via ssh then they get the error:
Could not chdir to home directory /home/xxxx: Permission denied
But they can cd to their home directory and have no problems.
I am thinking that this may be to do with the mount. The home directory is on a HDD but the system dive is an SSD.
I have gone over everything so many times I am now lost, I must be overlooking something so simple and obvious its just not coming to mind.
View 4 Replies
View Related
Sep 8, 2009
I have a problem, I have installed Fedora 11. And i need to login as root user.
How to do so?
View 14 Replies
View Related
Sep 21, 2009
what does one do when he forgets the root password ? i still have a terminal logged in as root how can i change the password in terminall
View 2 Replies
View Related
Oct 2, 2009
I am using Fedora 10 .Generally to update I open a virtual console by pressing Ctrl-Alt-F2,login as root and give the "yum update" command.Then I continue using my graphical terminal for other tasks from the 'non-root' account..Now my room-mate comes uses my 'non-root' account to browse web for few minutes and then opens a terminal types "halt", ENTER and viola...! My root account seems to be insulted by a 'non-root' user!.When I am doing updates or other important work as root any silly user can just 'halt' my computer. Can somebody tell me how to set up my computer so that when root is logged in no other user can simply halt the computer.
View 3 Replies
View Related
Nov 2, 2009
Can the audit daemon (auditd) be run by a non-root user? I'd like to create a special user who only run the audit daemon. Is that possible?
View 1 Replies
View Related
Nov 14, 2009
I have been experiencing harassment with my websites being hacked so pardon me if this is an over-paranoid question.
Just recently started on FC11 after having abandoned Fedora for CentOS for a few months. So glad to be back, but...
I have been getting notices about security updates. When I click for the update, I am not asked for the root password and the update occurs.
View 12 Replies
View Related
Nov 20, 2009
fedora 10 and im trying to set up some user accounts on a computer. My current problem is that we set up 2 root accounts and we need both to be able to authenticate. So far this works on the command line but whenever i'm on the GUI it seems that it only allows root to give its password for things. How do i enable the second account to do that as well.as a note, i am doing this for someone else so i have little to no control how this is set up, so please, i am not looking for reasons why this is not a good idea i would just like to figure this out
View 2 Replies
View Related
Mar 3, 2010
I need to launch a bash file in Linux from an unprivileged user session, file that will run bash commands as root. But I do not want to create an user with root privileges to do that.
View 10 Replies
View Related
Jan 12, 2009
It seem like unix abit annoying every time you log in you need to password can I disable it
View 10 Replies
View Related
Apr 4, 2009
Remote root login is enabled. How do I disable this
View 14 Replies
View Related
Apr 23, 2009
I have a system in which I do not have root access to. On that system, I have my own directory which I share with other users. I am trying to clean it up when I noticed that there was a subdirectory created by another users in my group that I cannot delete. It has all the permissions set besides global write. How can I delete this folder without root permission? I can't even chmod or chown it.
View 3 Replies
View Related
Oct 6, 2009
I'm currently running a dual boot (VistaFedora 11) system. I've noticed that the first time I access files on the Windows partition (via Nautilus GUI) I'm prompted for root access. However, on subsequent attempts to access the Windows partition I am NOT prompted for root access (even after I close/re-open Nautilus). My concern is that I'm leaving my root access "open".
View 4 Replies
View Related
Oct 20, 2009
I have been receiving attack alerts. And I would like to root out the source of the problem. I'll give you the messages. If you could help me prevent this hacker from even being able to attempt these things please any advice is helpful. There have been memory stack attempts, failed sys_admin conversion attempts, password file write attempts etc.....
[Code]...
View 5 Replies
View Related
Jan 27, 2010
Can't seem to do it, wondering if anyone knows how? Normally there's something in sshd_config that can be switched to true or yes to allow root login but I can't see it in fedora 12.I can login via root at a terminal no problem, just not via ssh, I get access denied every time. Also, I need to login using password authentication.I've done: 227169 but that's just for GUI which I don't really need since I rarely ever log into the GUI.I have also searched through here and mostly only found info such as above, how to enable root login for GUI, or billions of posts about how logingin as root is bad but I cannotswer to my question.DISCLAIMER: Please do not reply to this thread if all you can contribute is the question of why I need root or to put some message telling me I can do everything using su, etc, etc. Please only contribute if you can answer my question. A: My machine and a valid quesiton. B: Spirit of Linux is open, not restrictive
View 3 Replies
View Related
Feb 22, 2010
I wanted to disable root logins in console, so I searched for that. I found that if I change root's bash to "/sbin/nologin" in "/etc/passwd", root user will not be able to login. So I did that. But when I wanted to use sudo command, it didn't show me root bash, but it only do the same thing as logging in as root in single user mode (shows message that this account is disabled). So, how I can disable root logins, but keep enabled sudo command for standard users?
View 6 Replies
View Related
Dec 2, 2010
I like to do a minimal install, and then run some of my own scripts to install the rest of the packages I need, so to keep a lean system. When installing F14 with a partitioning scheme as follows:
Code:
/boot - 500MB
LVM
- swap - 2048 MB
- / - 15GB
- /home - Rest of file system - Encrypted
Everything works fine and the encryption works with no problem. However, as a friend pointed out to me, if you partition as follows:
Code:
/boot - 100MB/ - Rest of filesystem - Encrypted You are not able to boot the system when doing a minimal install. Meaning: you get up to the point to where you need to enter your password to decrypt the filesystem, and then nothing but..., well, nothing. However, and here it gets interesting, if you use the same partition layout, and you install the "Graphical Desktop", everything works fine. As I can not understand why this happens, I am currently testing a partition setup like so:
Code:
/boot - 100MB
LVM - Encrypted
- / - Rest of filesystem
Just to see if that works.
Anyhow: to make a long story short: It seems that the minimal install "forgets" to add some packages which are needed to decrypt the filesystem. Does anyone know which package this could be or why this occurs, so it can be added as part of the minimal install?
View 4 Replies
View Related
Nov 25, 2009
All of these audit messages is from one su - and root password at a gnome-terminal.This started happening from some update from koji in the last 18 hrs or so.It take 20-25 sec from su - to get the password prompt.
[Code]...
View 2 Replies
View Related
May 20, 2010
Anyone had any experience with unlocking a LUKS encrypted root partition via ssh? It is ok to leave /boot unencrypted.
There are a few pages from google with the debians variants, archived by putting dropbear into initrd.
I like to do that with my fedora/centos remote servers, but struggle to find any resources specific to it. Anyone has any suggestions and thoughts as to what might be a suitable way forward?
View 2 Replies
View Related
Apr 9, 2011
I have recently installed Fedora 14 on a new computer we presented as a gift to my sister-in-law. She is new to Linux. Although I've used Fedora since Core 1, I'm no expert on security issues, and this baffles me. She's doesn't know how to change the root password, so why doesn't it work any more? She discovered the problem when attempting a yum update from a terminal.(1) How could the root password have gotten changed? How likely is it that someone got onto her system through ssh, made a lucky guess on her root password, and then changed it? Are there robots that do this?
(2) The firewall is enabled. I have it set up as follows: (a) under "Trusted Services," only ssh is checked (I need to be able to get in remotely this way); (b) under "Trusted Interfaces," I have eth0 checked (I need to be able to use VNConto her desktop).Question: Are these settings giving ample protection? What settings would be recommended to protect her system while at the same time allowing me to access it through ssh and VNC?
View 8 Replies
View Related
