> -----Original Message----- > From: Phil Meyer [mailto:pmeyer@xxxxxxxxxxxxxxxx] > Sent: Monday, June 15, 2009 2:15 PM > To: Community assistance, encouragement,and advice for using Fedora. > Subject: Re: Root Access > > Mike Dwiggins wrote: > > I installed Fedora 11 on a dual-boot machine. When I > booted up on the > > Fedora partition I went straight to /etc/pam.d/gdm and deleted the > > line which keeps out root as a login. > > I still cannot login as root! Did this version hide a > block on root > > somewhere else? > > > > Many have answered properly here, but it may not be common > knowledge how it is done professionally in large shops. > > In most big data centers, the root password is not known to > anyone, but is kept in a sealed envelope in a locked drawer > at the operations center, which is manned 24x7. It takes > manager approval to open the desk, lock-box, envelope, and > get the root password. > > Consider that, next time you 'think' you need to log in as > root. I personally have administered UNIX/Linux systems for > years at a time without ever typing the root password, or > logging in as root. > > During automated installs, and all large shops do/should be > doing automated installs, the root password is set. > > Management, and the operations staff can set the root > passwords across all systems at once, and without notice to > me or any other administrator. > > In fact, normal users cannot log into most systems, and > administrators can only log in remotely with ssh keys (no > passwords) to the systems that they administer. > > Just a thought. It was never intended that casual users ever > log in as root on any UNIX based system, and should have been > less prevalent on Linux for many years. > > I myself, felt it necessary to log in as root on Linux > systems for one post install session, up until about Fedora > 2. But not since then. > > Good Luck! > I'm sure that all of the warnings about logging on as root are correct, and while danger lurks, there seems to be an issue here that could have a better solution. A while back there was a big discussion about whether the application names should be listed on the menus for various things such as the "document viewer". It seems that the problem is that, yes, there are always ways to accomplish what you need to do at the command line through an su to root, but folks that aren't steeped in Linux are often unaware of what the necessary commands are. When you run into the problem of requiring root access many are tempted to figure that they need to log on as root. A new user gets caught in a sort of Catch 22. You need root access, but you can't log on as root, and you have no idea of how to accomplish that at the command line, or in some cases, if it's even possible to do it at the command line. I think that if Windoze users had to go to the command line every time they needed administrator privledges most people would not have a clue... I know that the ultimate solution is an education process, but it would seem that there could be a way to facilitate that short of buying "Running Linux" from O'Reilly. "Running Linux" is a fine book, but isn't this kind of thing one of the issues that you always hear about Linux not being a suitable OS for a non-expert user? Herb -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
