Ask your questions here.
Post a reply

[SOLVED]Root without password in refracta

Thu Sep 25, 2014 12:41 pm

Hello.

Sorry for my English. :)

I am creating Debian Jessie rescue system in virtualbox. And I make root without
password, sudo as well, for my programs.
But after creating refracta snapshot my debian refracta system need root password
to run gparted or gsmartcontrol.
I am using refracta version 9.1.2-1.

How to make refracta system without root authorisation password.
Last edited by geograf on Tue Sep 30, 2014 12:19 pm, edited 1 time in total.

Re: Root without password in refracta

Thu Sep 25, 2014 12:50 pm

How did you make the original system's root without password? Did you just enter blank space when the passwd command asked for the new password? Refractasnapshot does not ask you to change the root password. So, if your root account has a blank password, then entering a blank field when gksu asks for the password should work. But I have never tried this. Please let us know if this works.

Edit: Additional questions: Did you change etc/sudoers? If so, what changes did you make? Did you set sudo-mode in gconf? (run 'grep sudo .gconf/apps/gksu/%gconf.xml' in your user's home directory to check if sudo-mode is set to true or false.)

Edit2: What's your boot command look like? Please post either the entry from the boot menu inside the snapshot or the output of the command 'cat /proc/cmdline' from the running live system.

Re: Root without password in refracta

Thu Sep 25, 2014 2:04 pm

Why I cannot add anything? When I try to add my answer I got this:

Forbidden

You don't have permission to access /posting.php on this server.

Ok. I made it.

How did you make the original system's root without password?


I make it like this:
Code:
sudo passwd -d root
sudo nano / etc / pam.d / common-auth

Find line with: pam_unix.so and at end of this line change it nullok_secure to nullok or add nullok if not exist.

Additional questions: Did you change etc/sudoers? If so, what changes did you make?


Code:
sudo visudo

And under the line %sudo I am adding this:
Code:
jessie ALL=(ALL) NOPASSWD : ALL


... or the output of the command 'cat /proc/cmdline' from the running live system.


Code:
BOOT_IMAGE= / live / vmlinuz quiet initrd= / live / initrd.img boot=live ip=frommedia union=aufs


I noticed that in the running refracta system when I try to launch gparted from system menu, gksu does not accept any password. But launching gparted from terminal with sudo, have no problem.

Re: Root without password in refracta

Thu Sep 25, 2014 2:21 pm

The forum software will not let you post (/)etc (without the parentheses). It's a bug or a feature, depending on your point of view.

Re: Root without password in refracta

Thu Sep 25, 2014 2:41 pm

I think you could edit ~/.gconf/apps/gksu/%gconf.xml and change sudo-mode from "value=false" to "value=true". There may be other changes needed in that file. See this post, which explains how to do it with gconf editor.
http://askubuntu.com/questions/244134/n ... oot-action

I'm not sure if it will work in cases where the .desktop file uses pkexec instead of gksu. Take a look at the Exec line in /usr/share/applications/gparted.desktop for example and possible experimentation. In the past, I've used "Exec=gksu gparted" to get it to ask for root password, with sudo-mode set to "value=false" in %gconf.xml.

Why do you want both passwordless root and sudo? Wouldn't just one of those do what you need?

Re: Root without password in refracta

Thu Sep 25, 2014 4:05 pm

Easyest way is to edit (/usr/share/applications/gparted.desktop) and change Exec=gparted-pkexec to Exec=sudo gparted-pkexec

Why do you want both passwordless root and sudo? Wouldn't just one of those do what you need?

Becouse is faster, and you do not need to remember changing desktop file.

Re: Root without password in refracta

Thu Sep 25, 2014 6:44 pm

Unfortunately still is problem with graphical programs like mounting block devices.
Better is to doble click on device icon on desktop, than launching terminal and command typing.

Edit: I try to workaround this with adding user to root group, and it works, but after build refracta iso it's no longer works. (No it do not work and should not)

Re: Root without password in refracta

Tue Sep 30, 2014 12:18 pm

Problem finally solved.

Here is how I did it:

Make copy of file:
Code:
sudo cp / etc / pam.d / common-auth   / etc / pam.d / common-auth.new


In file common-auth.new
change line from pam_unix.so nullok_secure
to
pam_unix.so nullok

Create filie if no exists / etc / rc.local
with content:
Code:
#! / bin / bash
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
passwd -d root
cp -f / etc / pam.d / common-auth.new   / etc / pam.d / common-auth
exit 0

Make copy of file:
Code:
cp  / home / $USER / .gconf / apps / gksu / %gconf.xml   / home / $USER / .gconf / apps / gksu / %gconf.xml.new


In file: %gconf.xml.new
change line:
value = "true"
to
value = "false"

Add a script called .notifyoff (for example) which should be in home dir. And add it to autorun in your KDE, Xfce, Gnome, etc.
with content:

Code:
#! / bin / bash
cp -f  / home / $USER/ .gconf / apps / gksu / %gconf.xml.new   / home / $USER / .gconf / apps / gksu / %gconf.xml

Next type in terminal:
Code:
chmod +x .notifyoff.sh
sudo adduser your_user_name disk


And thats it.

Thank you for your help.
Post a reply