Welcome
Welcome to refracta

You are currently viewing our boards as a guest, which gives you limited access to view most discussions and access our other features. By joining our free community, you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content, and access many other special features. In addition, registered members also see less advertisements. Registration is fast, simple, and absolutely free, so please, join our community today!

[SOLVED]Root without password in refracta

Ask your questions here.

[SOLVED]Root without password in refracta

Postby geograf » Thu Sep 25, 2014 12:41 pm

Hello.

Sorry for my English. :)

I am creating Debian Jessie rescue system in virtualbox. And I make root without
password, sudo as well, for my programs.
But after creating refracta snapshot my debian refracta system need root password
to run gparted or gsmartcontrol.
I am using refracta version 9.1.2-1.

How to make refracta system without root authorisation password.
Last edited by geograf on Tue Sep 30, 2014 12:19 pm, edited 1 time in total.
geograf
 
Posts: 5
Joined: Thu Sep 25, 2014 12:18 pm

Re: Root without password in refracta

Postby fsmithred » Thu Sep 25, 2014 12:50 pm

How did you make the original system's root without password? Did you just enter blank space when the passwd command asked for the new password? Refractasnapshot does not ask you to change the root password. So, if your root account has a blank password, then entering a blank field when gksu asks for the password should work. But I have never tried this. Please let us know if this works.

Edit: Additional questions: Did you change etc/sudoers? If so, what changes did you make? Did you set sudo-mode in gconf? (run 'grep sudo .gconf/apps/gksu/%gconf.xml' in your user's home directory to check if sudo-mode is set to true or false.)

Edit2: What's your boot command look like? Please post either the entry from the boot menu inside the snapshot or the output of the command 'cat /proc/cmdline' from the running live system.
User avatar
fsmithred
 
Posts: 1987
Joined: Wed Mar 09, 2011 9:13 pm

Re: Root without password in refracta

Postby geograf » Thu Sep 25, 2014 2:04 pm

Why I cannot add anything? When I try to add my answer I got this:

Forbidden

You don't have permission to access /posting.php on this server.

Ok. I made it.

How did you make the original system's root without password?


I make it like this:
Code: Select all
sudo passwd -d root
sudo nano / etc / pam.d / common-auth

Find line with: pam_unix.so and at end of this line change it nullok_secure to nullok or add nullok if not exist.

Additional questions: Did you change etc/sudoers? If so, what changes did you make?


Code: Select all
sudo visudo

And under the line %sudo I am adding this:
Code: Select all
jessie ALL=(ALL) NOPASSWD : ALL


... or the output of the command 'cat /proc/cmdline' from the running live system.


Code: Select all
BOOT_IMAGE= / live / vmlinuz quiet initrd= / live / initrd.img boot=live ip=frommedia union=aufs


I noticed that in the running refracta system when I try to launch gparted from system menu, gksu does not accept any password. But launching gparted from terminal with sudo, have no problem.
geograf
 
Posts: 5
Joined: Thu Sep 25, 2014 12:18 pm

Re: Root without password in refracta

Postby fsmithred » Thu Sep 25, 2014 2:21 pm

The forum software will not let you post (/)etc (without the parentheses). It's a bug or a feature, depending on your point of view.
User avatar
fsmithred
 
Posts: 1987
Joined: Wed Mar 09, 2011 9:13 pm

Re: Root without password in refracta

Postby fsmithred » Thu Sep 25, 2014 2:41 pm

I think you could edit ~/.gconf/apps/gksu/%gconf.xml and change sudo-mode from "value=false" to "value=true". There may be other changes needed in that file. See this post, which explains how to do it with gconf editor.
http://askubuntu.com/questions/244134/n ... oot-action

I'm not sure if it will work in cases where the .desktop file uses pkexec instead of gksu. Take a look at the Exec line in /usr/share/applications/gparted.desktop for example and possible experimentation. In the past, I've used "Exec=gksu gparted" to get it to ask for root password, with sudo-mode set to "value=false" in %gconf.xml.

Why do you want both passwordless root and sudo? Wouldn't just one of those do what you need?
User avatar
fsmithred
 
Posts: 1987
Joined: Wed Mar 09, 2011 9:13 pm

Re: Root without password in refracta

Postby geograf » Thu Sep 25, 2014 4:05 pm

Easyest way is to edit (/usr/share/applications/gparted.desktop) and change Exec=gparted-pkexec to Exec=sudo gparted-pkexec

Why do you want both passwordless root and sudo? Wouldn't just one of those do what you need?

Becouse is faster, and you do not need to remember changing desktop file.
geograf
 
Posts: 5
Joined: Thu Sep 25, 2014 12:18 pm

Re: Root without password in refracta

Postby geograf » Thu Sep 25, 2014 6:44 pm

Unfortunately still is problem with graphical programs like mounting block devices.
Better is to doble click on device icon on desktop, than launching terminal and command typing.

Edit: I try to workaround this with adding user to root group, and it works, but after build refracta iso it's no longer works. (No it do not work and should not)
geograf
 
Posts: 5
Joined: Thu Sep 25, 2014 12:18 pm

Re: Root without password in refracta

Postby geograf » Tue Sep 30, 2014 12:18 pm

Problem finally solved.

Here is how I did it:

Make copy of file:
Code: Select all
sudo cp / etc / pam.d / common-auth   / etc / pam.d / common-auth.new


In file common-auth.new
change line from pam_unix.so nullok_secure
to
pam_unix.so nullok

Create filie if no exists / etc / rc.local
with content:
Code: Select all
#! / bin / bash
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
passwd -d root
cp -f / etc / pam.d / common-auth.new   / etc / pam.d / common-auth
exit 0

Make copy of file:
Code: Select all
cp  / home / $USER / .gconf / apps / gksu / %gconf.xml   / home / $USER / .gconf / apps / gksu / %gconf.xml.new


In file: %gconf.xml.new
change line:
value = "true"
to
value = "false"

Add a script called .notifyoff (for example) which should be in home dir. And add it to autorun in your KDE, Xfce, Gnome, etc.
with content:

Code: Select all
#! / bin / bash
cp -f  / home / $USER/ .gconf / apps / gksu / %gconf.xml.new   / home / $USER / .gconf / apps / gksu / %gconf.xml

Next type in terminal:
Code: Select all
chmod +x .notifyoff.sh
sudo adduser your_user_name disk


And thats it.

Thank you for your help.
geograf
 
Posts: 5
Joined: Thu Sep 25, 2014 12:18 pm


Return to Help

Who is online

Users browsing this forum: No registered users and 0 guests

suspicion-preferred