subject:"root password"

Re: F38 Fresh install from Live ISO - setting root password

2023-04-25 Thread Samuel Sieb


On 4/25/23 15:55, Max Pyziur wrote:
Per the subject line, where does the root password get set on an F38 
fresh install.


"sudo passwd" after you login to the installed system.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

F38 Fresh install from Live ISO - setting root password

2023-04-25 Thread Max Pyziur


Greetings,

Per the subject line, where does the root password get set on an F38 fresh 
install.


Thank you.

Max
p...@brama.com
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: help needed: How to reset the root password

2022-12-19 Thread Peter Boy



> Am 17.12.2022 um 14:06 schrieb Richard Shaw :
> 
> On Sat, Dec 17, 2022 at 2:57 AM Peter Boy  wrote:
> A Quick Doc article describes the procedure:
> https://docs.fedoraproject.org/en-US/quick-docs/reset-root-password/ 
> 
> We, the Fedora Docs team, are in the process to review and improve the Quick 
> Docs articles. We are (unfortunately) not omniscient IT gods but need support 
> from Fedora community. 
> 
> According to some comments 
> (https://pagure.io/fedora-docs/quick-docs/issue/524) the article misses at 
> least some information:
> 
> - the second part about using live CD doesn’t describe Workstation and BTRFS
> 
> I'm not sure why that wouldn't work for Workstation (or any standard install 
> of a linux os) as long as the volume isn't encrypted. It doesn't even have to 
> be a Fedora live image (probably about time to replace "CD" with "Image"), I 
> could do the same (and used to) with System Rescue CD.
>  
> - for which Fedora variant do the instructions apply? Server for sure, 
> Workstation? CoreOS? Silverblue? Kinoite? all spins? 
> 
> I can't speak to Silverblue...
> 
>  
> - what else is missing, misleading, or misunderstandable?
> 
> Looks pretty straight forward but I do which Fedora provided a helper script 
> to mount the filesystems. I always have to look up what's supposed to be a 
> "bind" mount or something else once I have /boot and / mounted.
> 
> Thanks,
> Richard


Many thanks for feedback. So we’ll publish it as is.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: help needed: How to reset the root password

2022-12-17 Thread Richard Shaw

On Sat, Dec 17, 2022 at 2:57 AM Peter Boy  wrote:

> A Quick Doc article describes the procedure:
> https://docs.fedoraproject.org/en-US/quick-docs/reset-root-password/
>
> We, the Fedora Docs team, are in the process to review and improve the
> Quick Docs articles. We are (unfortunately) not omniscient IT gods but need
> support from Fedora community.
>
> According to some comments (
> https://pagure.io/fedora-docs/quick-docs/issue/524) the article misses at
> least some information:
>
> - the second part about using live CD doesn’t describe Workstation and
> BTRFS
>

I'm not sure why that wouldn't work for Workstation (or any standard
install of a linux os) as long as the volume isn't encrypted. It doesn't
even have to be a Fedora live image (probably about time to replace "CD"
with "Image"), I could do the same (and used to) with System Rescue CD.

> - for which Fedora variant do the instructions apply? Server for sure,
> Workstation? CoreOS? Silverblue? Kinoite? all spins?

I can't speak to Silverblue...

> - what else is missing, misleading, or misunderstandable?
>

Looks pretty straight forward but I do which Fedora provided a helper
script to mount the filesystems. I always have to look up what's supposed
to be a "bind" mount or something else once I have /boot and / mounted.

Thanks,
Richard
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

help needed: How to reset the root password

2022-12-17 Thread Peter Boy

A Quick Doc article describes the procedure:
https://docs.fedoraproject.org/en-US/quick-docs/reset-root-password/ 

We, the Fedora Docs team, are in the process to review and improve the Quick 
Docs articles. We are (unfortunately) not omniscient IT gods but need support 
from Fedora community. 

According to some comments (https://pagure.io/fedora-docs/quick-docs/issue/524) 
the article misses at least some information:

- the second part about using live CD doesn’t describe Workstation and BTRFS
- for which Fedora variant do the instructions apply? Server for sure, 
Workstation? CoreOS? Silverblue? Kinoite? all spins?
- what else is missing, misleading, or misunderstandable?

Please, take a quick look at the article and give specific wording for 
completion and improvement by either

- reply here
- add comment to https://pagure.io/fedora-docs/quick-docs/issue/524
- edit a copy of the page using pagure editor (2nd icon from the right in the 
bread-crumb bar, use "fork & edit“)


Thanks for contributing






--
Peter Boy
https://fedoraproject.org/wiki/User:Pboy
p...@fedoraproject.org

Timezone: CET (UTC+1) / CEST (UTC+2)


Fedora Server Edition Working Group member
Fedora docs team contributor and board member
Java developer and enthusiast


___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Re: default root password on mysql (mariadb)

2022-01-26 Thread Leonardo Cuyar Morales

I think the right command syntax is:

 sudo mysqladmin -uroot -p password

it ask for password and then ask for the new password

On 1/26/22, Anil Felipe Duggirala  wrote:
> hello,
> I am following these instructions
> (https://fedoramagazine.org/howto-install-wordpress-fedora/) to install
> MariaDb on Fedora 34.
> Trying to set the "root" password for mysql is not working for me, doing:
> sudo mysqladmin -u root password
>
> Gives error:
> Warning: Since password will be sent to server in plain text, use ssl
> connection to ensure password safety.
> mysqladmin: unable to change password; error: 'You have an error in your SQL
> syntax; check the manual that corresponds to your MariaDB server version for
> the right syntax to use near '() IDENTIFIED BY 'mynewpassword'' at line 1'
>
> I am asking this question here because there is at least another person from
> Fedora had the exact same problem, but no solution was provided.
> https://stackoverflow.com/questions/67861172/how-to-fix-error-changing-root-password-with-mysqladmin
>
> I don't believe the password for the 'root' user has been set for Mysql. I
> can start mysql simply by typing 'sudo mysql'.
> Should I try to change the password from within mysql? How can I check if a
> password has been assigned?
>
> thanks everyone.
>
>
> Anil F
> ___
> users mailing list -- users@lists.fedoraproject.org
> To unsubscribe send an email to users-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
> Do not reply to spam on the list, report it:
> https://pagure.io/fedora-infrastructure
>


-- 
Imagination is more important than knowledge
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

default root password on mysql (mariadb)

2022-01-26 Thread Anil Felipe Duggirala

hello,
I am following these instructions 
(https://fedoramagazine.org/howto-install-wordpress-fedora/) to install MariaDb 
on Fedora 34.
Trying to set the "root" password for mysql is not working for me, doing:
sudo mysqladmin -u root password

Gives error:
Warning: Since password will be sent to server in plain text, use ssl 
connection to ensure password safety.
mysqladmin: unable to change password; error: 'You have an error in your SQL 
syntax; check the manual that corresponds to your MariaDB server version for 
the right syntax to use near '() IDENTIFIED BY 'mynewpassword'' at line 1'

I am asking this question here because there is at least another person from 
Fedora had the exact same problem, but no solution was provided. 
https://stackoverflow.com/questions/67861172/how-to-fix-error-changing-root-password-with-mysqladmin

I don't believe the password for the 'root' user has been set for Mysql. I can 
start mysql simply by typing 'sudo mysql'.
Should I try to change the password from within mysql? How can I check if a 
password has been assigned?

thanks everyone.


Anil F
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-11-01 Thread Samuel Sieb


On 2021-11-01 14:00, Tom Horsley wrote:

On Mon, 1 Nov 2021 13:17:11 -0700
Samuel Sieb wrote:


That doesn't make sense.  Which drivers are you using?


Whatever I found when I first installed it years ago :-). Looking
in printers.conf I see this:

MakeModel Brother HL-2040 Foomatic/hpijs-pcl5e

Or maybe that's what the brother installer or cups itself decided to use.

Anyway I guess that explains why it needs hplip.


That would explain it.  You might want to look into using the actual 
Brother drivers instead.

___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-11-01 Thread Tom Horsley

On Mon, 1 Nov 2021 13:17:11 -0700
Samuel Sieb wrote:

> That doesn't make sense.  Which drivers are you using?

Whatever I found when I first installed it years ago :-). Looking
in printers.conf I see this:

MakeModel Brother HL-2040 Foomatic/hpijs-pcl5e

Or maybe that's what the brother installer or cups itself decided to use.

Anyway I guess that explains why it needs hplip.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-11-01 Thread Samuel Sieb


On 2021-11-01 07:41, Tom Horsley wrote:

On Sun, 31 Oct 2021 10:48:12 -0400
Tom Horsley wrote:


Found it! https://bbs.archlinux.org/viewtopic.php?id=263182

I no longer have an hp scanner or printer, so I removed
libsane-hpaio and hplip and no longer get the $@!# root
prompt in xsane or simple-scan


AARGH! Apparently my brother printer needs something in hplip
to work, so I reinstalled and changed my after-dfn-hooks script
to add: "rm -f /etc/sane.d/dll.d/hpaio" to remove the annoying
file when it gets recreated by some update.


That doesn't make sense.  Which drivers are you using?
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-11-01 Thread Tom Horsley

On Sun, 31 Oct 2021 10:48:12 -0400
Tom Horsley wrote:

> Found it! https://bbs.archlinux.org/viewtopic.php?id=263182
> 
> I no longer have an hp scanner or printer, so I removed
> libsane-hpaio and hplip and no longer get the $@!# root
> prompt in xsane or simple-scan

AARGH! Apparently my brother printer needs something in hplip
to work, so I reinstalled and changed my after-dfn-hooks script
to add: "rm -f /etc/sane.d/dll.d/hpaio" to remove the annoying
file when it gets recreated by some update.

DNF hooks described here:

https://tomhorsley.com/game/Mjolnir.html
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-10-31 Thread ToddAndMargo via users


On 10/31/21 07:48, Tom Horsley wrote:

On Sun, 31 Oct 2021 10:25:45 -0400
Tom Horsley wrote:


It works, but is exactly like xsane, it asks for the root
password before finding the scanner :-(.

On the other hand, if I hit "cancel" instead of giving the
password, it is still able to scan, so something strange
is going on behind the scenes.


Found it! https://bbs.archlinux.org/viewtopic.php?id=263182

I no longer have an hp scanner or printer, so I removed
libsane-hpaio and hplip and no longer get the $@!# root
prompt in xsane or simple-scan


Awesome troubleshooting!   :-)
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-10-31 Thread Tom Horsley

On Sun, 31 Oct 2021 10:25:45 -0400
Tom Horsley wrote:

> It works, but is exactly like xsane, it asks for the root
> password before finding the scanner :-(.
> 
> On the other hand, if I hit "cancel" instead of giving the
> password, it is still able to scan, so something strange
> is going on behind the scenes.

Found it! https://bbs.archlinux.org/viewtopic.php?id=263182

I no longer have an hp scanner or printer, so I removed
libsane-hpaio and hplip and no longer get the $@!# root
prompt in xsane or simple-scan
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-10-31 Thread Tom Horsley

On Sat, 30 Oct 2021 16:50:23 -0700
ToddAndMargo via users wrote:

> # dnf install simple-scan
> 
> Here is how to get it to work on a network:
> 
> https://forums.linuxmint.com/viewtopic.php?t=196697
> https://forums.linuxmint.com/viewtopic.php?f=42=143325

It works, but is exactly like xsane, it asks for the root
password before finding the scanner :-(.

On the other hand, if I hit "cancel" instead of giving the
password, it is still able to scan, so something strange
is going on behind the scenes.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-10-31 Thread Tom Horsley

On Sun, 31 Oct 2021 22:08:33 +0800
Ed Greshko wrote:

> If you give the root pw, scan, and then quit xsane and then restart xsane 
> does it ask for the
> root pw again?

Yep, asks every time. I did find some ancient entries down in ~/.sane
for many older scanners I used once upon a time, so I deleted them
since maybe it is trying to see if one of them still exists, but it
still asks for the root password every time.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-10-31 Thread Ed Greshko


On 31/10/2021 20:07, Tom Horsley wrote:

On Sun, 31 Oct 2021 13:57:33 +0800
Ed Greshko wrote:


Is there any magic I can do to avoid that root prompt? I can't
imagine I have to be root to connect to a network device.

What type of scanner do you have and how is it networked?

It is an old Epson Artisan 725 which can't print any longer, but
can still scan. I'm using the wifi built in to it.


OK, I thought maybe it was a USB scanner being connected via CUPS.

If you give the root pw, scan, and then quit xsane and then restart xsane does 
it ask for the
root pw again?

--
On Facebook it is called Vaguebooking.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-10-31 Thread Tom Horsley

On Sun, 31 Oct 2021 13:57:33 +0800
Ed Greshko wrote:

> > Is there any magic I can do to avoid that root prompt? I can't
> > imagine I have to be root to connect to a network device.  
> 
> What type of scanner do you have and how is it networked?

It is an old Epson Artisan 725 which can't print any longer, but
can still scan. I'm using the wifi built in to it.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-10-30 Thread Ed Greshko


On 31/10/2021 03:58, Tom Horsley wrote:

I have a network scanner. Every time I start xsane, it thinks a bit,
then prompts me for the root password, then finally the xsane
windows come up and I can scan.

Is there any magic I can do to avoid that root prompt? I can't
imagine I have to be root to connect to a network device.


What type of scanner do you have and how is it networked?

--
On Facebook it is called Vaguebooking.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Run xsane without root password prompt?

2021-10-30 Thread ToddAndMargo via users


On 10/30/21 12:58, Tom Horsley wrote:

I have a network scanner. Every time I start xsane, it thinks a bit,
then prompts me for the root password, then finally the xsane
windows come up and I can scan.

Is there any magic I can do to avoid that root prompt? I can't
imagine I have to be root to connect to a network device.



Hi Tom,

Not what you asked, BUT WHEN DOES THAT STOP ME!!!

I stopped using xsane years ago becasue it is so
awkward.  I have been using Simple Scan.  It is
a gazillions times easier to use.

# dnf install simple-scan

Here is how to get it to work on a network:

https://forums.linuxmint.com/viewtopic.php?t=196697
https://forums.linuxmint.com/viewtopic.php?f=42=143325

-T

My request for an new name for sane, following
the CUPS convention:

Common Unix Scanning System.

CUSS for short.


What ???



___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Run xsane without root password prompt?

2021-10-30 Thread Tom Horsley

I have a network scanner. Every time I start xsane, it thinks a bit,
then prompts me for the root password, then finally the xsane
windows come up and I can scan.

Is there any magic I can do to avoid that root prompt? I can't
imagine I have to be root to connect to a network device.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: WTF?! Gimp wants root password???

2021-05-18 Thread Tom Horsley

On Wed, 19 May 2021 05:49:15 +0800
Ed Greshko wrote:

> Why don't you try the same thing in a newly created user account?

Actually, it seems to have stopped by itself. After I hit
"cancel" on the first request, it hasn't asked again in subsequent
runs of gimp.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: WTF?! Gimp wants root password???

2021-05-18 Thread Ed Greshko


On 19/05/2021 02:19, Tom Horsley wrote:

Just started gimp for the very first time on fedora 34
and it pops up a authenticate dialog asking for root
password.

What in the great googly-moogly is this about?

(Stderr has some message about xsane so maybe it wants
to configure a scanner which I do not have on the system).
How do I make it stop forever and never ask again?



Sounds like a "personal problem".

Just installed gimp on 2 F34 VM's.  One Workstation, the other KDE spin.
When gimp is started on both, no request for root's (or any other) password.

Why don't you try the same thing in a newly created user account?

--
Remind me to ignore comments which aren't germane to the thread.
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

WTF?! Gimp wants root password???

2021-05-18 Thread Tom Horsley

Just started gimp for the very first time on fedora 34
and it pops up a authenticate dialog asking for root
password.

What in the great googly-moogly is this about?

(Stderr has some message about xsane so maybe it wants
to configure a scanner which I do not have on the system).
How do I make it stop forever and never ask again?
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[389-users] Re: How do I change the root password storage scheme to CRYPT-SHA512 through dsconf?

2021-04-16 Thread Chris Spike

> dsconf slapd-YOUR_INSTANCE directory_manager password_change --> this 
> will prompt you for the new password

That did the trick, thanks a lot!

It also made me curious how the actual format for 'nsslapd-rootpw' was and it 
turns out I wasn't off with '{crypt}$6$...':

# dsconf localhost config get | grep rootpw
nsslapd-rootpw: 
{crypt}.mR.LkShcdNcJbAFPE.10PKJ7EFD4hB0C33znHyIjgPF67IxNVNKgkKDiuuxQq/
nsslapd-rootpwstoragescheme: CRYPT-SHA512

However, I noticed that the hash was not what I fed into dsconf. So it turns 
out that one _can_ set the rootpw through dsconf but it has to be in plain text:

# dsconf localhost config replace nsslapd-rootpwstoragescheme=CRYPT-SHA512 
nsslapd-rootpw="secret"
Successfully replaced "nsslapd-rootpwstoragescheme"
Successfully replaced "nsslapd-rootpw"
# dsconf localhost config get | grep rootpw
nsslapd-rootpw: 
{crypt}$6$bW$Gea8I1Xoi.zkkGWBvrIxIm41G3/90hX2L4H3hMt18js7VzkT14YNuNtY4Ueao181O/MfPuPn4TmyQFcGZIThI.
nsslapd-rootpwstoragescheme: CRYPT-SHA512

Since I'd like to change the password non-interactively this seems a bit easier 
than fiddling around with 'dsconf slapd-YOUR_INSTANCE directory_manager 
password_change' which doesn't seem to have an option to read the password from 
stdin?

I did some more research and switching from PBKDF2_SHA256 to CRYPT-SHA512 
probably has no significant security benefit anyway so in the end this was a 
bit of an academic exercise. If someone has an opinion on that, I'd be 
interested to hear that though.

Thanks again Mark for your quick help.

Cheers!
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[389-users] Re: How do I change the root password storage scheme to CRYPT-SHA512 through dsconf?

2021-04-16 Thread Mark Reynolds



On 4/16/21 3:04 AM, spike wrote:


Hi everyone,

I'd like to change the default root password storage scheme from 
PBKDF2_SHA256 to CRYPT-SHA512 but I'm not having much success. I'm 
using the RHDS 11 documentation 
(https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html-single/administration_guide/index#change_directory_manager_storage_scheme-CLI) 
as a reference since the 389ds documentation page 
(https://directory.fedoraproject.org/docs/389ds/documentation.html) 
refers to that as "The best documentation for use and deployment". The 
389ds version is 1.4.4.15 which should correspond with RHDS 11.



Looks like we have a doc bug :-(

This is the procedure:

dsconf slapd-YOUR_INSTANCE config replace 
nsslapd-rootpwstoragescheme=CRYPT-SHA512


dsconf slapd-YOUR_INSTANCE directory_manager password_change --> this 
will prompt you for the new password


That should do it.

HTH,

Mark



What I've tried:

# mkpasswd -m sha512crypt secret
$6$gOiCU3fNsdrH9.mR$fVxsLUf0JLS4wYdQa98VNy7mIy.LkShcdNcJbAFPE.10PKJ7EFD4hB0C33znHyIjgPF67IxNVNKgkKDiuuxQq/ 

# dsconf localhost config replace 
nsslapd-rootpwstoragescheme=CRYPT-SHA512 
nsslapd-rootpw="{crypt}$6$gOiCU3fNsdrH9.mR$fVxsLUf0JLS4wYdQa98VNy7mIy.LkShcdNcJbAFPE.10PKJ7EFD4hB0C33znHyIjgPF67IxNVNKgkKDiuuxQq/"

selinux is disabled, will not relabel ports or files.
Successfully replaced "nsslapd-rootpwstoragescheme"
selinux is disabled, will not relabel ports or files.
Successfully replaced "nsslapd-rootpw"


Which results in me being unable to log in (bind non-anonymously). 
I've also tried:


# dsconf localhost config replace 
nsslapd-rootpwstoragescheme=CRYPT-SHA512 
nsslapd-rootpw="{CRYPT-SHA512}$6$gOiCU3fNsdrH9.mR$fVxs..."


and

# dsconf localhost config replace 
nsslapd-rootpwstoragescheme=CRYPT-SHA512 
nsslapd-rootpw="$6$gOiCU3fNsdrH9.mR$fVxs..."


which were also unsuccessful (login not possible).

Setting a `CRYPT-SHA512` password though the 389ds cockpit UI plugin 
works fine though, so I'm pretty sure I'm just not getting the syntax 
for `dsconf` correctly.


Any pointers are greatly appreciated.

Cheers!
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure


--

389 Directory Server Development Team
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[389-users] How do I change the root password storage scheme to CRYPT-SHA512 through dsconf?

2021-04-16 Thread spike



Hi everyone,

I'd like to change the default root password storage scheme from PBKDF2_SHA256 to 
CRYPT-SHA512 but I'm not having much success. I'm using the RHDS 11 documentation 
(https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html-single/administration_guide/index#change_directory_manager_storage_scheme-CLI)
 as a reference since the 389ds documentation page 
(https://directory.fedoraproject.org/docs/389ds/documentation.html) refers to that as 
"The best documentation for use and deployment". The 389ds version is 1.4.4.15 
which should correspond with RHDS 11.

What I've tried:

# mkpasswd -m sha512crypt secret
$6$gOiCU3fNsdrH9.mR$fVxsLUf0JLS4wYdQa98VNy7mIy.LkShcdNcJbAFPE.10PKJ7EFD4hB0C33znHyIjgPF67IxNVNKgkKDiuuxQq/
# dsconf localhost config replace nsslapd-rootpwstoragescheme=CRYPT-SHA512 
nsslapd-rootpw="{crypt}$6$gOiCU3fNsdrH9.mR$fVxsLUf0JLS4wYdQa98VNy7mIy.LkShcdNcJbAFPE.10PKJ7EFD4hB0C33znHyIjgPF67IxNVNKgkKDiuuxQq/"
selinux is disabled, will not relabel ports or files.
Successfully replaced "nsslapd-rootpwstoragescheme"
selinux is disabled, will not relabel ports or files.
Successfully replaced "nsslapd-rootpw"


Which results in me being unable to log in (bind non-anonymously). I've also 
tried:

# dsconf localhost config replace nsslapd-rootpwstoragescheme=CRYPT-SHA512 
nsslapd-rootpw="{CRYPT-SHA512}$6$gOiCU3fNsdrH9.mR$fVxs..."

and

# dsconf localhost config replace nsslapd-rootpwstoragescheme=CRYPT-SHA512 
nsslapd-rootpw="$6$gOiCU3fNsdrH9.mR$fVxs..."

which were also unsuccessful (login not possible).

Setting a `CRYPT-SHA512` password though the 389ds cockpit UI plugin works fine 
though, so I'm pretty sure I'm just not getting the syntax for `dsconf` 
correctly.

Any pointers are greatly appreciated.

Cheers!
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

requests for root password

2017-08-25 Thread Fulko Hew

As a result of a recent update, I now see authentication requests for
the root password whenever:

a)  the software update daemon wakes up to check for updates (or to
install what it finds)
b) when I plug in a USB mass storage device

How can this be turned off again ?

TIA
Fulko
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org

Solved - Re: Recovering lost root password by editing shadow

2016-12-16 Thread Robert Moskowitz

Something stupid, like changing shadow on another mounted drive I was 
working on...


Sigh.

thanks


On 12/16/2016 12:02 PM, Greg Woods wrote:


On Fri, Dec 16, 2016 at 9:32 AM, Robert Moskowitz > wrote:


vi shadow
(delete all the characters between the first and second :)


You might need to do the same with /etc/passwd too.

--Greg



___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org


___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org

Re: Recovering lost root password by editing shadow

2016-12-16 Thread Greg Woods

On Fri, Dec 16, 2016 at 9:32 AM, Robert Moskowitz 
wrote:

> vi shadow
> (delete all the characters between the first and second :)
>

You might need to do the same with /etc/passwd too.

--Greg
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org

Recovering lost root password by editing shadow

2016-12-16 Thread Robert Moskowitz

I have lost the root password on a arm server.  Cannot use the boot to 
single user mode, but can pull the hard drive and mount it on another 
system...


So what I did was:

Mount drive on my notebook
Then in a terminal window as root, cd to the drive's /etc dir
chmod 711 shadow
vi shadow
(delete all the characters between the first and second :)
(save the shadow file)
more shadow  <- checked that indeed, the password field was now blank
chmod 000 shadow

The unmounted the drive, put it back on the arm server and rebooted.

Logged in as myself then tried 'su' with no password.

Did not work, invalid password

Tried 'login root' with no password.  Did not work, invalid password.

So what did I miss?  I did notice a file /etc/shadow- that I did not change.

Thank you for any help

___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org

Re: Dnf-yumex doesn't recognize root password

2015-07-14 Thread Antonio M

https://bugzilla.redhat.com/show_bug.cgi?id=1242800

2015-07-14 10:21 GMT+02:00 Bob Goodwin - Zuni, Virginia, USA 
bobgood...@wildblue.net:



 On 14/07/15 04:15, antonio montagnani wrote:

 after this morning updated, dnf-yumex doesn't work anymore as it doesn't
 understand my root passwor (error 36).
 Is anybody taking care to make any test before issuing updates (from
 testing-updated to updates)??
 --
 Antonio M
 Skype: amontag52

 Linux Fedora F22 (Twenty two)
 on Fujitsu Lifebook A512


 Yes, same here, after the third attempt I see:

 Fatal Error : Polkit-not-authorized

 Bob

 --
 Bob Goodwin - Zuni, Virginia, USA
 http://www.qrz.com/db/W2BOD
 box10  FEDORA-22/64bit LINUX XFCE


 --
 users mailing list
 users@lists.fedoraproject.org
 To unsubscribe or change subscription options:
 https://admin.fedoraproject.org/mailman/listinfo/users
 Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
 Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 Have a question? Ask away: http://ask.fedoraproject.org




-- 
Antonio Montagnani
Skype : amontag52

Linux Fedora 22 (Twenty-two)
inviato da Gmail
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Dnf-yumex doesn't recognize root password

2015-07-14 Thread Bob Goodwin - Zuni, Virginia, USA




On 14/07/15 05:10, Bob Goodwin - Zuni, Virginia, USA wrote:


After a reboot yumex recognizes my password.

Now protests about repo Dropbox:

failure: repodata/repomd.xml from Dropbox: [Errno 256] No more 
mirrors to try.
http://linux.dropbox.com/fedora/22/repodata/repomd.xml: [Errno 14] 
HTTP Error 404 - Not Found


You can try starting 'yumex -n' from a command line
and deselecting the repositories causing problems
and try again.

yumex -n Dropbox  [or dropbox] does not work either? But I may be 
entering the command wrong?


Bob





[root@box10 bobg]# yumex --root

Seems to be a work around ...


--
Bob Goodwin - Zuni, Virginia, USA
http://www.qrz.com/db/W2BOD
box10  FEDORA-22/64bit LINUX XFCE

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Dnf-yumex doesn't recognize root password

2015-07-14 Thread Bob Goodwin - Zuni, Virginia, USA




On 14/07/15 04:43, Bob Goodwin - Zuni, Virginia, USA wrote:



I just did [dnf update] a second computer with --exclude polkit and 
got the same result, doesn't recognize my root password?


Bob



After a reboot yumex recognizes my password.

Now protests about repo Dropbox:

failure: repodata/repomd.xml from Dropbox: [Errno 256] No more mirrors 
to try.
http://linux.dropbox.com/fedora/22/repodata/repomd.xml: [Errno 14] HTTP 
Error 404 - Not Found


You can try starting 'yumex -n' from a command line
and deselecting the repositories causing problems
and try again.

yumex -n Dropbox  [or dropbox] does not work either? But I may be 
entering the command wrong?


Bob

--
Bob Goodwin - Zuni, Virginia, USA
http://www.qrz.com/db/W2BOD
box10  FEDORA-22/64bit LINUX XFCE

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Dnf-yumex doesn't recognize root password

2015-07-14 Thread antonio montagnani

after this morning updated, dnf-yumex doesn't work anymore as it doesn't 
understand my root passwor (error 36).
Is anybody taking care to make any test before issuing updates (from 
testing-updated to updates)??

--
Antonio M
Skype: amontag52

Linux Fedora F22 (Twenty two)
on Fujitsu Lifebook A512

http://lugsaronno.altervista.org
http://campingmonterosa.altervista.org

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Dnf-yumex doesn't recognize root password

2015-07-14 Thread Bob Goodwin - Zuni, Virginia, USA




On 14/07/15 04:32, Antonio M wrote:
I changed component from yumex-dnf to polkit that was updated this 
morning


2015-07-14 10:24 GMT+02:00 Antonio M antonio.montagn...@gmail.com 
mailto:antonio.montagn...@gmail.com:


https://bugzilla.redhat.com/show_bug.cgi?id=1242800

2015-07-14 10:21 GMT+02:00 Bob Goodwin - Zuni, Virginia, USA
bobgood...@wildblue.net mailto:bobgood...@wildblue.net:



On 14/07/15 04:15, antonio montagnani wrote:

after this morning updated, dnf-yumex doesn't work anymore
as it doesn't understand my root passwor (error 36).
Is anybody taking care to make any test before issuing
updates (from testing-updated to updates)??
-- 
Antonio M

Skype: amontag52

Linux Fedora F22 (Twenty two)
on Fujitsu Lifebook A512


Yes, same here, after the third attempt I see:

Fatal Error : Polkit-not-authorized

Bob





I just did [dnf update] a second computer with --exclude polkit and got 
the same result, doesn't recognize my root password?


Bob

--
Bob Goodwin - Zuni, Virginia, USA
http://www.qrz.com/db/W2BOD
box10  FEDORA-22/64bit LINUX XFCE

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Dnf-yumex doesn't recognize root password

2015-07-14 Thread Antonio M

Bob, polkit and polkit 0.113-2 clears the issue :-)

2015-07-14 10:32 GMT+02:00 Antonio M antonio.montagn...@gmail.com:

 I changed component from yumex-dnf to polkit that was updated this
 morning

 2015-07-14 10:24 GMT+02:00 Antonio M antonio.montagn...@gmail.com:

 https://bugzilla.redhat.com/show_bug.cgi?id=1242800

 2015-07-14 10:21 GMT+02:00 Bob Goodwin - Zuni, Virginia, USA 
 bobgood...@wildblue.net:



 On 14/07/15 04:15, antonio montagnani wrote:

 after this morning updated, dnf-yumex doesn't work anymore as it
 doesn't understand my root passwor (error 36).
 Is anybody taking care to make any test before issuing updates (from
 testing-updated to updates)??
 --
 Antonio M
 Skype: amontag52

 Linux Fedora F22 (Twenty two)
 on Fujitsu Lifebook A512


 Yes, same here, after the third attempt I see:

 Fatal Error : Polkit-not-authorized

 Bob

 --
 Bob Goodwin - Zuni, Virginia, USA
 http://www.qrz.com/db/W2BOD
 box10  FEDORA-22/64bit LINUX XFCE


 --
 users mailing list
 users@lists.fedoraproject.org
 To unsubscribe or change subscription options:
 https://admin.fedoraproject.org/mailman/listinfo/users
 Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
 Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 Have a question? Ask away: http://ask.fedoraproject.org




 --
 Antonio Montagnani
 Skype : amontag52

 Linux Fedora 22 (Twenty-two)
 inviato da Gmail




 --
 Antonio Montagnani
 Skype : amontag52

 Linux Fedora 22 (Twenty-two)
 inviato da Gmail




-- 
Antonio Montagnani
Skype : amontag52

Linux Fedora 22 (Twenty-two)
inviato da Gmail
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Dnf-yumex doesn't recognize root password

2015-07-14 Thread Antonio M

from a terminal if I use su, password is recognized and I can dnf update,
install. Is this a different problem??


2015-07-14 10:43 GMT+02:00 Bob Goodwin - Zuni, Virginia, USA 
bobgood...@wildblue.net:



 On 14/07/15 04:32, Antonio M wrote:

 I changed component from yumex-dnf to polkit that was updated this
 morning

 2015-07-14 10:24 GMT+02:00 Antonio M antonio.montagn...@gmail.com
 mailto:antonio.montagn...@gmail.com:

 https://bugzilla.redhat.com/show_bug.cgi?id=1242800

 2015-07-14 10:21 GMT+02:00 Bob Goodwin - Zuni, Virginia, USA
 bobgood...@wildblue.net mailto:bobgood...@wildblue.net:



 On 14/07/15 04:15, antonio montagnani wrote:

 after this morning updated, dnf-yumex doesn't work anymore
 as it doesn't understand my root passwor (error 36).
 Is anybody taking care to make any test before issuing
 updates (from testing-updated to updates)??
 -- Antonio M
 Skype: amontag52

 Linux Fedora F22 (Twenty two)
 on Fujitsu Lifebook A512


 Yes, same here, after the third attempt I see:

 Fatal Error : Polkit-not-authorized

 Bob




 I just did [dnf update] a second computer with --exclude polkit and got
 the same result, doesn't recognize my root password?


 Bob

 --
 Bob Goodwin - Zuni, Virginia, USA
 http://www.qrz.com/db/W2BOD
 box10  FEDORA-22/64bit LINUX XFCE

 --
 users mailing list
 users@lists.fedoraproject.org
 To unsubscribe or change subscription options:
 https://admin.fedoraproject.org/mailman/listinfo/users
 Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
 Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 Have a question? Ask away: http://ask.fedoraproject.org




-- 
Antonio Montagnani
Skype : amontag52

Linux Fedora 22 (Twenty-two)
inviato da Gmail
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Dnf-yumex doesn't recognize root password

2015-07-14 Thread Bob Goodwin - Zuni, Virginia, USA




On 14/07/15 04:15, antonio montagnani wrote:
after this morning updated, dnf-yumex doesn't work anymore as it 
doesn't understand my root passwor (error 36).
Is anybody taking care to make any test before issuing updates (from 
testing-updated to updates)??

--
Antonio M
Skype: amontag52

Linux Fedora F22 (Twenty two)
on Fujitsu Lifebook A512


Yes, same here, after the third attempt I see:

Fatal Error : Polkit-not-authorized

Bob

--
Bob Goodwin - Zuni, Virginia, USA
http://www.qrz.com/db/W2BOD
box10  FEDORA-22/64bit LINUX XFCE

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Dnf-yumex doesn't recognize root password

2015-07-14 Thread Michael Schwendt

On Tue, 14 Jul 2015 10:15:08 +0200, antonio montagnani wrote:

 after this morning updated, dnf-yumex doesn't work anymore as it doesn't 
 understand my root passwor (error 36).
 Is anybody taking care to make any test before issuing updates (from 
 testing-updated to updates)??

The testing activity is public:

  https://admin.fedoraproject.org/updates/

Try to find out which updates are responsible and look up whether
there have been any testing comments and votes.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Dnf-yumex doesn't recognize root password

2015-07-14 Thread Antonio M

I changed component from yumex-dnf to polkit that was updated this
morning

2015-07-14 10:24 GMT+02:00 Antonio M antonio.montagn...@gmail.com:

 https://bugzilla.redhat.com/show_bug.cgi?id=1242800

 2015-07-14 10:21 GMT+02:00 Bob Goodwin - Zuni, Virginia, USA 
 bobgood...@wildblue.net:



 On 14/07/15 04:15, antonio montagnani wrote:

 after this morning updated, dnf-yumex doesn't work anymore as it doesn't
 understand my root passwor (error 36).
 Is anybody taking care to make any test before issuing updates (from
 testing-updated to updates)??
 --
 Antonio M
 Skype: amontag52

 Linux Fedora F22 (Twenty two)
 on Fujitsu Lifebook A512


 Yes, same here, after the third attempt I see:

 Fatal Error : Polkit-not-authorized

 Bob

 --
 Bob Goodwin - Zuni, Virginia, USA
 http://www.qrz.com/db/W2BOD
 box10  FEDORA-22/64bit LINUX XFCE


 --
 users mailing list
 users@lists.fedoraproject.org
 To unsubscribe or change subscription options:
 https://admin.fedoraproject.org/mailman/listinfo/users
 Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
 Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 Have a question? Ask away: http://ask.fedoraproject.org




 --
 Antonio Montagnani
 Skype : amontag52

 Linux Fedora 22 (Twenty-two)
 inviato da Gmail




-- 
Antonio Montagnani
Skype : amontag52

Linux Fedora 22 (Twenty-two)
inviato da Gmail
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

how can i make restart not require root password

2013-09-04 Thread Jehan PROCACCIA

hello, 
I've got hundred of fedora19 station installed on computer lab for our 
students. 
these are self service multi-user stations, users needs to restart the station 
whenever they want to 
unfortunatly apparently polkit prevents them to restart when another user is 
(or had been ?) connected . 
I know it is a safe behavior, but we defenitively want to enable users to 
restart the station themself whenever they want to, but without requiring the 
root password ! 
indeed, often student leave the room without disconecting (bad !) , then the 
screen locks but still allows someone else to connect, but that second student 
then cannot restart :-( . 

I've tried lot of things: 
http://askubuntu.com/questions/1190/how-can-i-make-shutdown-not-require-admin-password
 
apparently .pkla files a deprecated , and I confirmed that creating a 
/etc/polkit-1/localauthority/50-local.d/allow_all_users_to_restart.pkla 
containing Action=org.freedesktop.consolekit.system.restart-multiple-users 
AllowActive=yes doesn't work 

then, from #fedora IRC I've been proposed to create rules in 
/etc/polkit-1/rules.d : 
http://paste.fedoraproject.org/36844/ 
[root@b06-02 rules.d]# cat 00-early-checks.rules 
/* Allow shutdown when others are logged in */ 
polkit.addRule(function(action, subject) { 
if (action.id == org.freedesktop.consolekit.system.stop-multiple-users || 
action.id == org.freedesktop.consolekit.system.restart-multiple-users) { 
return polkit.Result.YES; 
} 
}); 

it still fails, when user click on their username on the top right corner of 
the gnome-session, schroll down to shutdown, then click restart, a window 
appears warning that there are other user conencted and that authentification 
is required for rebooting the system while other users are logged in, and ends 
by asking to enter the Administrator password :-( 
Where can I remove that feature ? 

Thanks 
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread Ahmad Samir

On 4 September 2013 11:02, Jehan PROCACCIA jehan.procac...@tem-tsp.euwrote:

 hello,
 I've got hundred of fedora19 station installed on computer lab for our
 students.
 these are self service multi-user stations, users needs to restart the
 station whenever they want to
 unfortunatly apparently polkit prevents them to restart when another
 user is (or had been ?) connected .
 I know it is a safe behavior, but we defenitively want to enable users to
 restart the station themself whenever they want to, but without requiring
 the root password !
 indeed, often student leave the room without disconecting (bad !) , then
 the  screen locks but still allows someone else to connect, but that second
 student then cannot restart :-( .

 I've tried lot of things:

 http://askubuntu.com/questions/1190/how-can-i-make-shutdown-not-require-admin-password
 apparently .pkla files a deprecated , and I confirmed that creating a
 /etc/polkit-1/localauthority/50-local.d/allow_all_users_to_restart.pkla
 containing Action=org.freedesktop.consolekit.system.restart-multiple-users
 AllowActive=yes doesn't work

 then, from #fedora IRC I've been proposed to create rules in
 /etc/polkit-1/rules.d :
 http://paste.fedoraproject.org/36844/
 [root@b06-02 rules.d]# cat 00-early-checks.rules
 /* Allow shutdown when others are logged in  */
 polkit.addRule(function(action, subject) {
 if (action.id ==
 org.freedesktop.consolekit.system.stop-multiple-users ||
 action.id ==
 org.freedesktop.consolekit.system.restart-multiple-users) {
 return polkit.Result.YES;
 }
 });

 it still fails, when user click on their username on the top right corner
 of the gnome-session, schroll down to shutdown, then click restart, a
 window appears warning that there are other user conencted and that
 authentification is required for rebooting the system while other users
 are logged in, and  ends by asking to enter the Administrator  password
 :-(
 Where can I remove that feature ?

 Thanks


IIUC, the actions you need to authenticate are:
org.freedesktop.login1.power-off-multiple-sessions
org.freedesktop.login1.reboot-multiple-sessions

have a look at /usr/share/polkit-1/actions/org.freedesktop.login1.policy.

FWIW, usually  polkit authentication propmpts are logged in the system
logs, either check /var/log/messages, or `journalctl -bn` (executed after
polkitd prompted for authentication).


 --
 users mailing list
 users@lists.fedoraproject.org
 To unsubscribe or change subscription options:
 https://admin.fedoraproject.org/mailman/listinfo/users
 Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
 Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 Have a question? Ask away: http://ask.fedoraproject.org




-- 
Ahmad Samir
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread Bill Davidsen


Jehan PROCACCIA wrote:

hello,
I've got hundred of fedora19 station installed on computer lab for our students.
these are self service multi-user stations, users needs to restart the station
whenever they want to
unfortunatly apparently polkit prevents them to restart when another user is
(or had been ?) connected .
I know it is a safe behavior, but we defenitively want to enable users to
restart the station themself whenever they want to, but without requiring the
root password !
indeed, often student leave the room without disconecting (bad !) , then the
screen locks but still allows someone else to connect, but that second student
then cannot restart :-( .

I've tried lot of things:
http://askubuntu.com/questions/1190/how-can-i-make-shutdown-not-require-admin-password
apparently .pkla files a deprecated , and I confirmed that creating a
/etc/polkit-1/localauthority/50-local.d/allow_all_users_to_restart.pkla
containi



ng Action=org.freedesktop.consolekit.system.restart-multiple-users

AllowActive=yes doesn't work

then, from #fedora IRC I've been proposed to create rules in 
/etc/polkit-1/rules.d :
http://paste.fedoraproject.org/36844/
[root@b06-02 rules.d]# cat 00-early-checks.rules
/* Allow shutdown when others are logged in  */
polkit.addRule(function(action, subject) {
 if (action.id == org.freedesktop.consolekit.system.stop-multiple-users ||
 action.id == 
org.freedesktop.consolekit.system.restart-multiple-users) {
 return polkit.Result.YES;
 }
});

it still fails, when user click on their username on the top right corner of the
gnome-session, schroll down to shutdown, then click restart, a window appears
warning that there are other user conencted and that authentification is
required for rebooting the system while other users are logged in, and  ends by
asking to enter the Administrator  password :-(
Where can I remove that feature ?

1 - Do the students ever have to initiate a long running job and wait for 
results? If so, having someone else reboot the machine is not desirable.


2 - It might be better to just log out idle users.

3 - However, if it is your intention to let any user reboot at any time, use 
visudo to add a line:

  %bootersALL=(ALL)   NOPASSWD: /sbin/reboot
so the next student could log in and reboot from command line with
  sudo su /sbin/reboot
Note that this requires putting all students allowed to do this (all of them?) 
into a secondary group allowed to reboot.


My though is that there is a reason why this isn't the default, if there is no 
legitimate use which justifies not rebooting, you certainly can do that. In 
particular, you probably don't want people logging in remotely and just 
rebooting the machine, students have been known to prank one another.


--
Bill Davidsen david...@tmr.com
  We have more to fear from the bungling of the incompetent than from
the machinations of the wicked.  - from Slashdot
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread Jehan Procaccia


Le 04/09/2013 11:38, Ahmad Samir a écrit :
On 4 September 2013 11:02, Jehan PROCACCIA jehan.procac...@tem-tsp.eu 
mailto:jehan.procac...@tem-tsp.eu wrote:


hello,
I've got hundred of fedora19 station installed on computer lab for
our students.
these are self service multi-user stations, users needs to restart
the station whenever they want to
unfortunatly apparently polkit prevents them to restart when
another user is (or had been ?) connected .
I know it is a safe behavior, but we defenitively want to enable
users to restart the station themself whenever they want to, but
without requiring the root password !
indeed, often student leave the room without disconecting (bad !)
, then the  screen locks but still allows someone else to connect,
but that second student then cannot restart :-( .

I've tried lot of things:

http://askubuntu.com/questions/1190/how-can-i-make-shutdown-not-require-admin-password
apparently .pkla files a deprecated , and I confirmed that
creating a
/etc/polkit-1/localauthority/50-local.d/allow_all_users_to_restart.pkla
containing
Action=org.freedesktop.consolekit.system.restart-multiple-users
AllowActive=yes doesn't work

then, from #fedora IRC I've been proposed to create rules in
/etc/polkit-1/rules.d :
http://paste.fedoraproject.org/36844/
[root@b06-02 rules.d]# cat 00-early-checks.rules
/* Allow shutdown when others are logged in  */
polkit.addRule(function(action, subject) {
if (action.id http://action.id ==
org.freedesktop.consolekit.system.stop-multiple-users ||
action.id http://action.id ==
org.freedesktop.consolekit.system.restart-multiple-users) {
return polkit.Result.YES;
}
});

it still fails, when user click on their username on the top right
corner of the gnome-session, schroll down to shutdown, then click
restart, a window appears warning that there are other user
conencted and that authentification is required for rebooting the
system while other users are logged in, and  ends by asking to
enter the Administrator  password :-(
Where can I remove that feature ?

Thanks


IIUC, the actions you need to authenticate are:
org.freedesktop.login1.power-off-multiple-sessions
org.freedesktop.login1.reboot-multiple-sessions

yes ! that was it, instead of 
org.freedesktop.consolekit.system.restart-multiple-users it is 
org.freedesktop.login1.reboot-multiple-sessions that must be set to YES .

I tried that with success
Thanks a lot .

however, it is confusing those two items 
consolekit.system.restart-multiple-users and 
login1.reboot-multiple-sessions, what is the difference between them ?



have a look at /usr/share/polkit-1/actions/org.freedesktop.login1.policy.

FWIW, usually  polkit authentication propmpts are logged in the system 
logs, either check /var/log/messages, or `journalctl -bn` (executed 
after polkitd prompted for authentication).


--
users mailing list
users@lists.fedoraproject.org mailto:users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org




--
Ahmad Samir




-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread Jehan Procaccia


Le 04/09/2013 17:08, Bill Davidsen a écrit :

Jehan PROCACCIA wrote:

hello,
I've got hundred of fedora19 station installed on computer lab for 
our students.
these are self service multi-user stations, users needs to restart 
the station

whenever they want to
unfortunatly apparently polkit prevents them to restart when 
another user is

(or had been ?) connected .
I know it is a safe behavior, but we defenitively want to enable 
users to
restart the station themself whenever they want to, but without 
requiring the

root password !
indeed, often student leave the room without disconecting (bad !) , 
then the
screen locks but still allows someone else to connect, but that 
second student

then cannot restart :-( .

I've tried lot of things:
http://askubuntu.com/questions/1190/how-can-i-make-shutdown-not-require-admin-password 


apparently .pkla files a deprecated , and I confirmed that creating a
/etc/polkit-1/localauthority/50-local.d/allow_all_users_to_restart.pkla
containi



ng Action=org.freedesktop.consolekit.system.restart-multiple-users

AllowActive=yes doesn't work

then, from #fedora IRC I've been proposed to create rules in 
/etc/polkit-1/rules.d :

http://paste.fedoraproject.org/36844/
[root@b06-02 rules.d]# cat 00-early-checks.rules
/* Allow shutdown when others are logged in  */
polkit.addRule(function(action, subject) {
 if (action.id == 
org.freedesktop.consolekit.system.stop-multiple-users ||
 action.id == 
org.freedesktop.consolekit.system.restart-multiple-users) {

 return polkit.Result.YES;
 }
});

it still fails, when user click on their username on the top right 
corner of the
gnome-session, schroll down to shutdown, then click restart, a window 
appears
warning that there are other user conencted and that 
authentification is
required for rebooting the system while other users are logged in, 
and  ends by

asking to enter the Administrator  password :-(
Where can I remove that feature ?

1 - Do the students ever have to initiate a long running job and wait 
for results? If so, having someone else reboot the machine is not 
desirable.


2 - It might be better to just log out idle users.

3 - However, if it is your intention to let any user reboot at any 
time, use visudo to add a line:

  %bootersALL=(ALL)   NOPASSWD: /sbin/reboot
so the next student could log in and reboot from command line with
  sudo su /sbin/reboot
Note that this requires putting all students allowed to do this (all 
of them?) into a secondary group allowed to reboot.


My though is that there is a reason why this isn't the default, if 
there is no legitimate use which justifies not rebooting, you 
certainly can do that. In particular, you probably don't want people 
logging in remotely and just rebooting the machine, students have been 
known to prank one another.


unfortunatly , some user never use a terminal and would'nt know how to 
use a command line as sudo su /sbin/reboot
the purpose here was to enable restart from the drop down menu withing 
the gnome session .

as ahmad samir replied earlier, I have the solution with setting this:
[root@b06-01 ~]# cat /etc/polkit-1/rules.d/00-early-checks.rules
/* Allow shutdown when others are logged in  */
polkit.addRule(function(action, subject) {
if (action.id == org.freedesktop.login1.reboot-multiple-sessions ||
action.id == 
org.freedesktop.login1.power-off-multiple-sessions) {

return polkit.Result.YES;
}
});

thanks .
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread Bill Davidsen


Jehan Procaccia wrote:

Le 04/09/2013 17:08, Bill Davidsen a écrit :

Jehan PROCACCIA wrote:

hello,
I've got hundred of fedora19 station installed on computer lab for our 
students.

these are self service multi-user stations, users needs to restart the station
whenever they want to
unfortunatly apparently polkit prevents them to restart when another user is
(or had been ?) connected .
I know it is a safe behavior, but we defenitively want to enable users to
restart the station themself whenever they want to, but without requiring the
root password !
indeed, often student leave the room without disconecting (bad !) , then the
screen locks but still allows someone else to connect, but that second student
then cannot restart :-( .

I've tried lot of things:
http://askubuntu.com/questions/1190/how-can-i-make-shutdown-not-require-admin-password 


apparently .pkla files a deprecated , and I confirmed that creating a
/etc/polkit-1/localauthority/50-local.d/allow_all_users_to_restart.pkla
containi



ng Action=org.freedesktop.consolekit.system.restart-multiple-users

AllowActive=yes doesn't work

then, from #fedora IRC I've been proposed to create rules in 
/etc/polkit-1/rules.d :

http://paste.fedoraproject.org/36844/
[root@b06-02 rules.d]# cat 00-early-checks.rules
/* Allow shutdown when others are logged in  */
polkit.addRule(function(action, subject) {
 if (action.id == 
org.freedesktop.consolekit.system.stop-multiple-users ||
 action.id == 
org.freedesktop.consolekit.system.restart-multiple-users) {

 return polkit.Result.YES;
 }
});

it still fails, when user click on their username on the top right corner of 
the

gnome-session, schroll down to shutdown, then click restart, a window appears
warning that there are other user conencted and that authentification is
required for rebooting the system while other users are logged in, and  
ends by

asking to enter the Administrator  password :-(
Where can I remove that feature ?

1 - Do the students ever have to initiate a long running job and wait for 
results? If so, having someone else reboot the machine is not desirable.


2 - It might be better to just log out idle users.

3 - However, if it is your intention to let any user reboot at any time, use 
visudo to add a line:

  %bootersALL=(ALL)   NOPASSWD: /sbin/reboot
so the next student could log in and reboot from command line with
  sudo su /sbin/reboot
Note that this requires putting all students allowed to do this (all of 
them?) into a secondary group allowed to reboot.


My though is that there is a reason why this isn't the default, if there is 
no legitimate use which justifies not rebooting, you certainly can do that. 
In particular, you probably don't want people logging in remotely and just 
rebooting the machine, students have been known to prank one another.


unfortunatly , some user never use a terminal and would'nt know how to use a 
command line as sudo su /sbin/reboot
the purpose here was to enable restart from the drop down menu withing the 
gnome session .

as ahmad samir replied earlier, I have the solution with setting this:
[root@b06-01 ~]# cat /etc/polkit-1/rules.d/00-early-checks.rules
/* Allow shutdown when others are logged in  */
polkit.addRule(function(action, subject) {
if (action.id == org.freedesktop.login1.reboot-multiple-sessions ||
action.id == org.freedesktop.login1.power-off-multiple-sessions) {
return polkit.Result.YES;
}
});

thanks .


Actually command lines are specified in menu items and icons...

--
Bill Davidsen david...@tmr.com
  'Nothing to hide' does not imply 'nothing to fear'
  - me
  ATT could not seriously contend that a reasonable entity in its position
   could have believed that the alleged domestic dragnet was legal.
  -judge Vaughn R. Walker of the U.S. District Court
   for the Northern District of California, EFF vs. ATT


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread poma

On 04.09.2013 17:55, Jehan Procaccia wrote:
…
 however, it is confusing those two items
 consolekit.system.restart-multiple-users and
 login1.reboot-multiple-sessions, what is the difference between them ?

$ repoquery --whatprovides */org.freedesktop.consolekit.policy
$ repoquery --repoid=updates --whatprovides */org.freedesktop.login1.policy

$ FD=http://cgit.freedesktop.org
$ CK=ConsoleKit/plain
$ PA=data/org.freedesktop.consolekit.policy
$ curl -s $FD/$CK/$PA | grep -P '(?=.*id)(?=.*multi)'
$ PKA=/usr/share/polkit-1/actions
$ SLD=org.freedesktop.login1.policy
$ grep -P '(?=.*id)(?=.*multi)' $PKA/$SLD


$ man 1 pkaction


poma


http://www.freedesktop.org/wiki/Software/ConsoleKit/
…
ConsoleKit is currently not actively maintained. The focus has shifted
to the built-in seat/user/session management of Software/systemd called
systemd-loginctl
…
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread Suvayu Ali

On Wed, Sep 04, 2013 at 12:31:46PM -0400, Bill Davidsen wrote:
 Jehan Procaccia wrote:
 Le 04/09/2013 17:08, Bill Davidsen a écrit :
 
 3 - However, if it is your intention to let any user reboot at any time,
 use visudo to add a line:
   %bootersALL=(ALL)   NOPASSWD: /sbin/reboot
 so the next student could log in and reboot from command line with
   sudo su /sbin/reboot
 Note that this requires putting all students allowed to do this (all of
 them?) into a secondary group allowed to reboot.
 
 unfortunatly , some user never use a terminal and would'nt know how to use
 a command line as sudo su /sbin/reboot
 the purpose here was to enable restart from the drop down menu withing the
 gnome session .
 
 Actually command lines are specified in menu items and icons...

I don't think sudo works from a menu, you need gksudo or ksudo for that.
That said, sudo is a hammer compared to polkit.  For example, polkit can
restrict allowed actions to a user present at the physical terminal (as
the OP wanted), I don't think sudo can do that.

PS: I use sudo all the time, but then on my machines, I'm the only real user.

-- 
Suvayu

Open source is the future. It sets us free.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread Joe Zeff


On 09/04/2013 05:44 PM, Suvayu Ali wrote:

I don't think sudo works from a menu, you need gksudo or ksudo for that.
That said, sudo is a hammer compared to polkit.  For example, polkit can
restrict allowed actions to a user present at the physical terminal (as
the OP wanted), I don't think sudo can do that.


Fedora comes with beesu and things such as yumex use it.  Of course, you 
could always just turn on the suid bit on the executable, but I'd leave 
it as a last resort, especially as you'd have to do it again any time 
the file gets updated.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread poma

On 05.09.2013 02:52, Joe Zeff wrote:
 On 09/04/2013 05:44 PM, Suvayu Ali wrote:
 I don't think sudo works from a menu, you need gksudo or ksudo for that.
 That said, sudo is a hammer compared to polkit.  For example, polkit can
 restrict allowed actions to a user present at the physical terminal (as
 the OP wanted), I don't think sudo can do that.
 
 Fedora comes with beesu and things such as yumex use it.  Of course, you
 could always just turn on the suid bit on the executable, but I'd leave
 it as a last resort, especially as you'd have to do it again any time
 the file gets updated.

You drive Fedora on old fashioned way.
Welcome to the present.

https://lists.fedoraproject.org/pipermail/users/2013-August/440106.html
…
/etc/polkit-1/rules.d/50-dk.yumex.backend.pkexec.run.rules

$ rpm -ql yumex | grep policy


poma


-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread Suvayu Ali

On Wed, Sep 04, 2013 at 05:52:59PM -0700, Joe Zeff wrote:
 On 09/04/2013 05:44 PM, Suvayu Ali wrote:
 I don't think sudo works from a menu, you need gksudo or ksudo for that.
 That said, sudo is a hammer compared to polkit.  For example, polkit can
 restrict allowed actions to a user present at the physical terminal (as
 the OP wanted), I don't think sudo can do that.
 
 Fedora comes with beesu and things such as yumex use it.  Of course, you
 could always just turn on the suid bit on the executable, but I'd leave it
 as a last resort, especially as you'd have to do it again any time the file
 gets updated.

You just mentioned things that one should not do, specially on a system
where curious students are bound to fool around.

-- 
Suvayu

Open source is the future. It sets us free.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: how can i make restart not require root password

2013-09-04 Thread Joe Zeff


On 09/04/2013 06:47 PM, Suvayu Ali wrote:

You just mentioned things that one should not do, specially on a system
where curious students are bound to fool around.


Mentioning the suid bit was just, for me, a matter of being complete. 
Using besu (Not beesu, as I wrote.) will work if you've set sudo up 
properly, such as giving everybody sudo rights for this command, and 
*only* this command.  It's not something I'd do, at least not around 
students, but that's not my call to make.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Linus Torvalds would also vent if he used Fedora (root password for printers)

2012-06-14 Thread valent.turko...@gmail.com

I have updated the bugzilla page:
https://bugzilla.redhat.com/show_bug.cgi?id=596711

David, in the bugzilla you said that it was upstream bug, but in this
thread that it is not. Please clarify your opinion in Fedora Bugzilla,
thank you.

Cheers,
Valent.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Linus Torvalds would also vent if he used Fedora (root password for printers)

2012-06-14 Thread valent.turko...@gmail.com

On Wed, Jun 13, 2012 at 6:50 PM, n2xssvv.g02gfr12930
n2xssvv.g02gfr12...@ntlworld.com wrote:
 On 06/13/2012 02:44 PM, valent.turko...@gmail.com wrote:

 Why is Administrator type account being asked for root pasword when
 accessing printer settings?

 Is there some user group I need to be part of? Do I need to edit some
 system files? Are there some PolicyKit options that need to be edited?
 How?

 Here are screenshots for printer dialog and user account:
 http://dl.dropbox.com/u/184632/printer-root.png
 http://dl.dropbox.com/u/184632/user-valent.png

 If you know how please share how you managed to do it, because it is
 driving me nuts, if I'm not mistaken this is the same issue that Linus
 Torvalds vented regarding same issue on OpenSuse -
 https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5

 Thanks in advance,
 Valent.

 Quite simply. if more than one user is using the said computer then
 determining who has access
 to what resources may be important, and printers are considered a resource.
 I can understand your
 frustration, but if other people with access to your computer with another
 account use your printer
 resources without permission I suspect you'd eventually get annoyed. It
 amounts to be careful what
 you wish for.

 Regards

 cpp4ever

I'm single user on my laptop, and this user is part of Administrator
group. This is not the answer to this question, you missed the point.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Linus Torvalds would also vent if he used Fedora (root password for printers)

2012-06-13 Thread valent.turko...@gmail.com

Why is Administrator type account being asked for root pasword when
accessing printer settings?

Is there some user group I need to be part of? Do I need to edit some
system files? Are there some PolicyKit options that need to be edited?
How?

Here are screenshots for printer dialog and user account:
http://dl.dropbox.com/u/184632/printer-root.png
http://dl.dropbox.com/u/184632/user-valent.png

If you know how please share how you managed to do it, because it is
driving me nuts, if I'm not mistaken this is the same issue that Linus
Torvalds vented regarding same issue on OpenSuse -
https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5

Thanks in advance,
Valent.

-- 
follow me - www.twitter.com/valentt  http://kernelreloaded.blog385.com
linux, anime, spirituality, wireless, scuba, linuxmce smart home, zwave
ICQ: 2125241, Skype: valent.turkovic, MSN: valent.turko...@hotmail.com
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Linus Torvalds would also vent if he used Fedora (root password for printers)

2012-06-13 Thread valent.turko...@gmail.com

On Wed, Jun 13, 2012 at 3:44 PM, valent.turko...@gmail.com
valent.turko...@gmail.com wrote:
 Why is Administrator type account being asked for root pasword when
 accessing printer settings?

 Is there some user group I need to be part of? Do I need to edit some
 system files? Are there some PolicyKit options that need to be edited?
 How?

 Here are screenshots for printer dialog and user account:
 http://dl.dropbox.com/u/184632/printer-root.png
 http://dl.dropbox.com/u/184632/user-valent.png

 If you know how please share how you managed to do it, because it is
 driving me nuts, if I'm not mistaken this is the same issue that Linus
 Torvalds vented regarding same issue on OpenSuse -
 https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5

 Thanks in advance,
 Valent.

Hi David,
maybe you can share your insight, if it is a PolicyKit issue you are
the right person to bug, right ;)

Valent.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Linus Torvalds would also vent if he used Fedora (root password for printers)

2012-06-13 Thread Jayson Rowe

On Wed, Jun 13, 2012 at 9:44 AM, valent.turko...@gmail.com
valent.turko...@gmail.com wrote:
 Why is Administrator type account being asked for root pasword when
 accessing printer settings?

 Is there some user group I need to be part of? Do I need to edit some
 system files? Are there some PolicyKit options that need to be edited?
 How?

 Here are screenshots for printer dialog and user account:
 http://dl.dropbox.com/u/184632/printer-root.png
 http://dl.dropbox.com/u/184632/user-valent.png

 If you know how please share how you managed to do it, because it is
 driving me nuts, if I'm not mistaken this is the same issue that Linus
 Torvalds vented regarding same issue on OpenSuse -
 https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5

 Thanks in advance,
 Valent.

 --
 follow me - www.twitter.com/valentt  http://kernelreloaded.blog385.com
 linux, anime, spirituality, wireless, scuba, linuxmce smart home, zwave
 ICQ: 2125241, Skype: valent.turkovic, MSN: valent.turko...@hotmail.com
 --
 users mailing list
 users@lists.fedoraproject.org
 To unsubscribe or change subscription options:
 https://admin.fedoraproject.org/mailman/listinfo/users
 Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 Have a question? Ask away: http://ask.fedoraproject.org

umhe *does* use Fedora :)

-- 
-jayson
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Linus Torvalds would also vent if he used Fedora (root password for printers)

2012-06-13 Thread valent.turko...@gmail.com

 Have a question? Ask away: http://ask.fedoraproject.org

Thanks for providing this link, i asked this question also there;
http://ask.fedoraproject.org/question/1884/why-are-administrator-users-being-asked-for-root
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Linus Torvalds would also vent if he used Fedora (root password for printers)

2012-06-13 Thread valent.turko...@gmail.com

On Wed, Jun 13, 2012 at 5:40 PM, David Zeuthen dav...@redhat.com wrote:
 On Wed, 2012-06-13 at 16:42 +0200, valent.turko...@gmail.com wrote:
 On Wed, Jun 13, 2012 at 3:44 PM, valent.turko...@gmail.com
 valent.turko...@gmail.com wrote:
  Why is Administrator type account being asked for root pasword when
  accessing printer settings?
 
  Is there some user group I need to be part of? Do I need to edit some
  system files? Are there some PolicyKit options that need to be edited?
  How?
 
  Here are screenshots for printer dialog and user account:
  http://dl.dropbox.com/u/184632/printer-root.png
  http://dl.dropbox.com/u/184632/user-valent.png
 
  If you know how please share how you managed to do it, because it is
  driving me nuts, if I'm not mistaken this is the same issue that Linus
  Torvalds vented regarding same issue on OpenSuse -
  https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5
 
  Thanks in advance,
  Valent.

 Hi David,
 maybe you can share your insight, if it is a PolicyKit issue you are
 the right person to bug, right ;)

 No. I've said this a million times, and I'll say it again: polkit is
 only a mechanism and does not control the policy for individual actions
 defined by applications. Even the docs, see

 http://www.freedesktop.org/software/polkit/docs/latest/polkit-apps.html

 nowadays state this

  Not interrupting console users with authentication dialogs should be
  considered a priority. For example, it is not wise to require console
  users to authenticate for such mundane tasks as adding a printer queue
  (if the administrator really wants the OS to act this way, he can
  always deploy suitable authorization rules).

 in the best practices section.

 If you are ever in doubt which action an authentication dialog is about,
 just look at /var/log/secure after dismissing the dialog:

  Jun 13 11:35:38 lucifer polkitd(authority=local): Operator of unix-session:1 
 FAILED to authenticate to gain authorization for action 
 org.opensuse.cupspkhelper.mechanism.all-edit for unix-process:1242:6289810 
 [gnome-control-center --overview] (owned by unix-user:davidz)

 Thus, the action is: org.opensuse.cupspkhelper.mechanism.all-edit

 Next, use 'rpm -qf' to find the package defining this action

  # rpm -qf 
 /usr/share/polkit-1/actions/org.opensuse.cupspkhelper.mechanism.policy
  cups-pk-helper-0.2.2-1.fc17.x86_64

 and this is where you should direct your complaint.

 Hope this helps.

     David

Thanks David, this helps a lot.

I'm still not sure where to file a bug, do you have any suggestions?
I'm running Fedora 16 and 17 - so should I file a bug for this issue
to GNOME 3 guys/galls because gnome-control-center is the app asking
for root password, or is this an issue in default policykit policies
and should be added by default?

This is what I got from the logs:

Jun 13 18:23:25 valentt polkitd(authority=local): Operator of
unix-session:/org/freedesktop/ConsoleKit/Session2 FAILED to
authenticate to gain authorization for action
org.opensuse.cupspkhelper.mechanism.all-edit for
unix-process:10296:70024359 [gnome-control-center printers] (owned by
unix-user:valentt)

After i found org.opensuse.cupspkhelper.mechanism.all-edit to be
keyword in this issue googling around produced these related
pages/bugs:
http://fedoraproject.org/wiki/Printing/ConfigurationTool
https://bugzilla.redhat.com/show_bug.cgi?id=596711 [1]
https://bugs.freedesktop.org/show_bug.cgi?id=41008 [2]

After I figure out this issue I'll write a blog post so that other
won't bother you regarding this issue.

Fedora bugzilla [1] conculsion is that this is an upstream [2] bug, right?

-- 
follow me - www.twitter.com/valentt  http://kernelreloaded.blog385.com
linux, anime, spirituality, wireless, scuba, linuxmce smart home, zwave
ICQ: 2125241, Skype: valent.turkovic, MSN: valent.turko...@hotmail.com
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Linus Torvalds would also vent if he used Fedora (root password for printers)

2012-06-13 Thread n2xssvv.g02gfr12930

On 06/13/2012 02:44 PM, valent.turko...@gmail.com wrote:
 Why is Administrator type account being asked for root pasword when
 accessing printer settings?

 Is there some user group I need to be part of? Do I need to edit some
 system files? Are there some PolicyKit options that need to be edited?
 How?

 Here are screenshots for printer dialog and user account:
 http://dl.dropbox.com/u/184632/printer-root.png
 http://dl.dropbox.com/u/184632/user-valent.png

 If you know how please share how you managed to do it, because it is
 driving me nuts, if I'm not mistaken this is the same issue that Linus
 Torvalds vented regarding same issue on OpenSuse -
 https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5

 Thanks in advance,
 Valent.

Quite simply. if more than one user is using the said computer then
determining who has access
to what resources may be important, and printers are considered a
resource. I can understand your
frustration, but if other people with access to your computer with
another account use your printer
resources without permission I suspect you'd eventually get annoyed. It
amounts to be careful what
you wish for.

Regards

cpp4ever


-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: Linus Torvalds would also vent if he used Fedora (root password for printers)

2012-06-13 Thread Matthew Saltzman

On Wed, 2012-06-13 at 12:50 -0400, n2xssvv.g02gfr12930 wrote: 
 On 06/13/2012 02:44 PM, 
 valent.turko...@gmail.commailto:valent.turko...@gmail.com wrote:
 
 Why is Administrator type account being asked for root pasword when
 accessing printer settings?
 
 Is there some user group I need to be part of? Do I need to edit some
 system files? Are there some PolicyKit options that need to be edited?
 How?
 
 Here are screenshots for printer dialog and user account:
 http://dl.dropbox.com/u/184632/printer-root.png
 http://dl.dropbox.com/u/184632/user-valent.png
 
 If you know how please share how you managed to do it, because it is
 driving me nuts, if I'm not mistaken this is the same issue that Linus
 Torvalds vented regarding same issue on OpenSuse -
 https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5
 
 Thanks in advance,
 Valent.
 
 
 
 Quite simply. if more than one user is using the said computer then 
 determining who has access
 to what resources may be important, and printers are considered a resource. I 
 can understand your
 frustration, but if other people with access to your computer with another 
 account use your printer
 resources without permission I suspect you'd eventually get annoyed. It 
 amounts to be careful what
 you wish for.
 
 Regards
 
 cpp4ever
 

When you set up Fedora, if you go through the firstboot procedure, you
are prompted to create a user.  In recent versions, there is an option
to make that user an administrator.  In that case, the user is made a
member of the wheel group and is prompted for his own password instead
of root when performing administrative tasks using the GUI tools.

To make a user an administrator ex post, avail yourself of the User
Accounts settings app. in Gnome Shell.

 

-- 
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-08 Thread James Wilkinson

Steven Stern wrote:
 I keep meaning to edit the sudo config files to block things like
 
   sudo su -
   sudo bash
 
 but I get lazy. Someday, this will bite me in the ***.

Note for anyone considering this: it’s virtually impossible to make this
watertight, because there are too many ways for someone to get around
it.

For example, what happens if someone creates a bash script and then runs
it with sudo? Can people make sudo-run programs overwrite a program that
they can then run with sudo, or a program that root will run normally?
Can programs on the list be persuaded to run an editor or a shell?

You really need to start with a very short whitelist, and add to it as
required.

James.

-- 
E-mail: james@ | It is a mistake to allow any mechanical object to realise
aprilcottage.co.uk | that you are in a hurry.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-08 Thread Steven Stern

On 02/08/2012 02:49 PM, James Wilkinson wrote:
 Steven Stern wrote:
 I keep meaning to edit the sudo config files to block things like

   sudo su -
   sudo bash

 but I get lazy. Someday, this will bite me in the ***.
 
 Note for anyone considering this: itâs virtually impossible to make this
 watertight, because there are too many ways for someone to get around
 it.
 
 For example, what happens if someone creates a bash script and then runs
 it with sudo? Can people make sudo-run programs overwrite a program that
 they can then run with sudo, or a program that root will run normally?
 Can programs on the list be persuaded to run an editor or a shell?
 
 You really need to start with a very short whitelist, and add to it as
 required.
 
 James.
 

Exactly. Don't give anyone sudo you wouldn't trust with root, yourself
included.

-- 
-- Steve
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-07 Thread Tim

On Mon, 2012-02-06 at 22:28 -0600, Steven Stern wrote:
 The right way is to boot into single user mode. These will also work
 if your account has sudo access
  
 sudo su -
  
 or
  
 sudo /etc/shadow
  
 and remove the root password, then login as root and reset the
 password
  
 or
  
 sudo passwd root

Seems like you're all (the different solutions offered by various
people) doing much more than you need to.  If you do manage to boot into
the single user mode, you will typing in a terminal as the root user.
All you have to do, next, is use the passwd command by itself, and
enter a new password.  There's no need to su or sudo, nor edit any files
where passwords are stored.

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-07 Thread Steven Stern

On 02/07/2012 04:01 AM, Tim wrote:
 On Mon, 2012-02-06 at 22:28 -0600, Steven Stern wrote:
 The right way is to boot into single user mode. These will also work
 if your account has sudo access
  
 sudo su -
  
 or
  
 sudo /etc/shadow
  
 and remove the root password, then login as root and reset the
 password
  
 or
  
 sudo passwd root
 
 Seems like you're all (the different solutions offered by various
 people) doing much more than you need to.  If you do manage to boot into
 the single user mode, you will typing in a terminal as the root user.
 All you have to do, next, is use the passwd command by itself, and
 enter a new password.  There's no need to su or sudo, nor edit any files
 where passwords are stored.
 

Sometimes, one is not able to reboot.

-- 
-- Steve
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-07 Thread Reindl Harald



Am 07.02.2012 15:04, schrieb Steven Stern:
 Seems like you're all (the different solutions offered by various
 people) doing much more than you need to.  If you do manage to boot into
 the single user mode, you will typing in a terminal as the root user.
 All you have to do, next, is use the passwd command by itself, and
 enter a new password.  There's no need to su or sudo, nor edit any files
 where passwords are stored.
 
 Sometimes, one is not able to reboot.

in which cases if he owns the machine?

if he does not own it has reasons he has not the option
but in this case he is also not permittet to change root-pwd

if you can not reboot because you forgot your root password
and need it for reboot in your configuration type sync
and make a hard reboot or do not forget your password



signature.asc
Description: OpenPGP digital signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-07 Thread Mikkel L. Ellertson


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 02/07/2012 04:01 AM, Tim wrote:
 On Mon, 2012-02-06 at 22:28 -0600, Steven Stern wrote:
 Seems like you're all (the different solutions offered by various
people) doing much more than you need to. If you do manage to boot
into the single user mode, you will typing in a terminal as the root
user. All you have to do, next, is use the passwd command by
itself, and enter a new password. There's no need to su or sudo, nor
edit any files where passwords are stored.

One other small point - if you do edit the password files, you
should use vipw. If you do not like using vi as an editor, you can
specify the editor to use by setting $VISUAL or $EDITOR...

Mikkel
- -- 
Do not meddle in the affairs of dragons, for thou art crunchy and
taste good with Ketchup!
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk8xMcwACgkQqbQrVW3JyMR/ZwCfRlOzwQoWWIXy2Ym5R/1wvgV3
TaYAnivPcR5d2YeYihCg4ux/4gSM0oa0
=2Ycd
-END PGP SIGNATURE-

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-07 Thread Joe Zeff


On 02/07/2012 02:01 AM, Tim wrote:

  There's no need to su or sudo, nor edit any files
where passwords are stored.


The point is that the sudo trick will work (assuming that you have it 
set up) without booting into recovery mode.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-07 Thread Steven Stern

On 02/07/2012 01:01 PM, Joe Zeff wrote:
 On 02/07/2012 02:01 AM, Tim wrote:
   There's no need to su or sudo, nor edit any files
 where passwords are stored.
 
 The point is that the sudo trick will work (assuming that you have it
 set up) without booting into recovery mode.

I keep meaning to edit the sudo config files to block things like

  sudo su -
  sudo bash

but I get lazy. Someday, this will bite me in the ***.

-- 
-- Steve
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-07 Thread Joe Zeff


On 02/07/2012 02:08 PM, Steven Stern wrote:

I keep meaning to edit the sudo config files to block things like

   sudo su -
   sudo bash

but I get lazy. Someday, this will bite me in the ***.


There's a much better, easier way to prevent that: don't activate sudo 
unless there are people using your box that need to do specific admin 
tasks but don't have the root password.  And, if you do give them sudo 
access, limit it to the commands they actually need to be using because 
if you don't, giving them sudo access is exactly the same as giving out 
the root password.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

root password

2012-02-06 Thread Amit Rp

I forgot the root password. Please advise whether there is any possibility
of retrieving  it?
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-06 Thread Harish Pillay

On Tue, Feb 7, 2012 at 10:13 AM, Amit Rp amitr...@gmail.com wrote:
 I forgot the root password. Please advise whether there is any possibility
 of retrieving  it?

go into single user mode and when you are dropped into the
prompt, you can change the root password.

see: 
https://docs.fedoraproject.org/en-US/Fedora/13/html/Installation_Guide/s1-rescuemode-booting-single.html

Harish
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-06 Thread Bruno Wolff III

On Tue, Feb 07, 2012 at 07:43:37 +0530,
  Amit Rp amitr...@gmail.com wrote:
 I forgot the root password. Please advise whether there is any possibility
 of retrieving  it?

It's normally easier to boot into single user mode and change it to something
new than to try to recover it.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-06 Thread Boris Epstein

On Mon, Feb 6, 2012 at 9:14 PM, Bruno Wolff III br...@wolff.to wrote:

 On Tue, Feb 07, 2012 at 07:43:37 +0530,
  Amit Rp amitr...@gmail.com wrote:
  I forgot the root password. Please advise whether there is any
 possibility
  of retrieving  it?

 It's normally easier to boot into single user mode and change it to
 something
 new than to try to recover it.
 --
 users mailing list
 users@lists.fedoraproject.org
 To unsubscribe or change subscription options:
 https://admin.fedoraproject.org/mailman/listinfo/users
 Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 Have a question? Ask away: http://ask.fedoraproject.org


100%.

Yet another way is to boot off of a CD or USB stick and manually edit the
/etc/shadow file in the root partition - but that is more cumbersome.

Boris.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-06 Thread Steven Stern

On 02/06/2012 08:13 PM, Amit Rp wrote:
 I forgot the root password. Please advise whether there is any
 possibility of retrieving  it?
 
 
 
The right way is to boot into single user mode. These will also work if
your account has sudo access

sudo su -

or

sudo /etc/shadow

and remove the root password, then login as root and reset the password

or

sudo passwd root

-- 
-- Steve
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Re: root password

2012-02-06 Thread Scott Doty

On 02/06/2012 06:47 PM, Boris Epstein wrote:


 On Mon, Feb 6, 2012 at 9:14 PM, Bruno Wolff III br...@wolff.to
 mailto:br...@wolff.to wrote:

 On Tue, Feb 07, 2012 at 07:43:37 +0530,
  Amit Rp amitr...@gmail.com mailto:amitr...@gmail.com wrote:
  I forgot the root password. Please advise whether there is any
 possibility
  of retrieving  it?

 It's normally easier to boot into single user mode and change it
 to something
 new than to try to recover it.
 --
 users mailing list
 users@lists.fedoraproject.org mailto:users@lists.fedoraproject.org
 To unsubscribe or change subscription options:
 https://admin.fedoraproject.org/mailman/listinfo/users
 Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 Have a question? Ask away: http://ask.fedoraproject.org


 100%.

 Yet another way is to boot off of a CD or USB stick and manually edit
 the /etc/shadow file in the root partition - but that is more cumbersome.


Protip:  If you're booting a cd or stick, no need to manually edit the
target system's /etc/shadow.  When you mount the system's / partition,
chroot there, then just run passwd.

And honestly, chroot(1) is perfect for working on systems under
different filesystem hierarchies.  For example, I use it to update
ltsp's nfs root on occasion:

# # on the nfs server:
# setarch i686 chroot /opt/ltsp/i386 /bin/bash

Fun, no? :)

 -Scott
p.s. for even more fun, try wrapping your head around pivot_root(8)... :)


-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Changing Forgotten Root Password

2010-07-30 Thread binarynut

  Fedora 11, 12

Changing Forgotten Root Password.

Starting computer and going into Single User Mode and deleting the x 
in /etc/passwd and restarting computer and login as root and add new 
root password, does that still hold true for FC10, 11, 12

/etc/passwd

root:x:0:0:root:/root:/bin/bash

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Changing Forgotten Root Password

2010-07-30 Thread Craig White

On Fri, 2010-07-30 at 16:18 -0400, binary...@comcast.net wrote:
 Fedora 11, 12
 
 Changing Forgotten Root Password.
 
 Starting computer and going into Single User Mode and deleting the x 
 in /etc/passwd and restarting computer and login as root and add new 
 root password, does that still hold true for FC10, 11, 12
 
 /etc/passwd
 
 root:x:0:0:root:/root:/bin/bash

don't manually edit /etc/passwd, /etc/group, /etc/shadow at all

simply start in 'Single User Mode' and type 'passwd' - it will ask for a
new password for root user

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Changing Forgotten Root Password

2010-07-30 Thread Robert G. (Doc) Savage


On Fri, 2010-07-30 at 16:18 -0400, binary...@comcast.net wrote:
 Fedora 11, 12
 
 Changing Forgotten Root Password.
 
 Starting computer and going into Single User Mode and deleting the x 
 in /etc/passwd and restarting computer and login as root and add new 
 root password, does that still hold true for FC10, 11, 12
 
 /etc/passwd
 
 root:x:0:0:root:/root:/bin/bash

Even simpler: go into Single User mode and run 'passwd' to change the
root password. No editing of /etc/passwd required.

--Doc Savage
  Fairview Heights, IL

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Changing Forgotten Root Password

2010-07-30 Thread Kevin Fenzi

On Fri, 30 Jul 2010 16:18:27 -0400
binary...@comcast.net wrote:

   Fedora 11, 12
 
 Changing Forgotten Root Password.
 
 Starting computer and going into Single User Mode and deleting the
 x in /etc/passwd and restarting computer and login as root and
 add new root password, does that still hold true for FC10, 11, 12
 
 /etc/passwd
 
 root:x:0:0:root:/root:/bin/bash

This is a bad idea. That sets the password to nothing at all. You would
have a window there where anyone could login. ;( 

Instead see: 

http://fedoraproject.org/wiki/Reset_Forgotten_Root_Password

kevin


signature.asc
Description: PGP signature
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Changing Forgotten Root Password

2010-07-30 Thread Thierry Vanden Broucke

1) Start (reboot) machine
2) Enter grub ( pressing the letter  'e' )
3) Go to the second line and edit the line ( pressing the letter 'e' )
4) Go to the the end of the line and insert the word ( single )
5) Press Enter
6) Press the letter 'b'
7) wait
8) #passwd root
9) Enter password for root
10) #reboot


2010/7/30 Kevin Fenzi ke...@scrye.com

 On Fri, 30 Jul 2010 16:18:27 -0400
 binary...@comcast.net wrote:

Fedora 11, 12
 
  Changing Forgotten Root Password.
 
  Starting computer and going into Single User Mode and deleting the
  x in /etc/passwd and restarting computer and login as root and
  add new root password, does that still hold true for FC10, 11, 12
 
  /etc/passwd
 
  root:x:0:0:root:/root:/bin/bash

 This is a bad idea. That sets the password to nothing at all. You would
 have a window there where anyone could login. ;(

 Instead see:

 http://fedoraproject.org/wiki/Reset_Forgotten_Root_Password

 kevin

 --
 users mailing list
 users@lists.fedoraproject.org
 To unsubscribe or change subscription options:
 https://admin.fedoraproject.org/mailman/listinfo/users
 Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines




-- 
Thierry Vanden Broucke
Linux User - 415586
Oracle ID - SR3276201
Oracle Database 10G Certified Associate
Oracle Application Server 10G Certified Associate
Cel. +55 71-9158-3495
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: Changing Forgotten Root Password

2010-07-30 Thread Tom H

On Fri, Jul 30, 2010 at 4:22 PM, Craig White craigwh...@azapple.com wrote:
 On Fri, 2010-07-30 at 16:18 -0400, binary...@comcast.net wrote:
 Fedora 11, 12

 Changing Forgotten Root Password.

 Starting computer and going into Single User Mode and deleting the x
 in /etc/passwd and restarting computer and login as root and add new
 root password, does that still hold true for FC10, 11, 12

 /etc/passwd

 root:x:0:0:root:/root:/bin/bash
 
 don't manually edit /etc/passwd, /etc/group, /etc/shadow at all

 simply start in 'Single User Mode' and type 'passwd' - it will ask for a
 new password for root user

If you have set up your boxes to require the root password to boot
into single-user mode, you have to net-boot (or cd-boot), mount the
root partition, chroot, blank out the root password (I prefer deleting
root's password in /etc/shadow to the x deletion described by the
OP), and run passwd.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Mike McCarty

Patrick O'Callaghan wrote:
 On Wed, 2010-05-26 at 14:48 -0500, Mike McCarty wrote:
 AFAIK this is a function of 'sudo'. It asks you the first time and
 remembers for a few minutes after. I've never seen this behaviour
 other
 than with sudo.
 Umm, perhaps you mean su. The sudo command does not prompt
 for the root password.
 
 No, I mean sudo. In the default config it prompts for the user's
 password.

But the OP asked about root password, not the user's password.

 It doesn't remember the password. It makes an entry in a log
 with the epoch. When next invoked, sudo checks the latest entry,
 and if less than a certain amount of time has elapsed, simply
 goes on. If more than the time limit has elapsed, then it prompts,
 and makes a new entry.
 
 IOW it remembers it by logging it. How else would it do it except by
 recording it in a file?

I'm not interested in argumentation. It does not remember passwords,
period.

Mike
-- 
p=p=%c%s%c;main(){printf(p,34,p,34);};main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Rahul Sundaram

On 05/27/2010 11:47 AM, Mike McCarty wrote:
 Patrick O'Callaghan wrote:
   
 IOW it remembers it by logging it. How else would it do it except by
 recording it in a file?
 
 I'm not interested in argumentation. It does not remember passwords,
 period.
   

I am not sure how you can declare that when it is obvious the
functionality is there.  Perhaps the argument here is about semantics. 

Rahul
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Mike McCarty

Rahul Sundaram wrote:
 On 05/27/2010 11:47 AM, Mike McCarty wrote:
 Patrick O'Callaghan wrote:
   
 IOW it remembers it by logging it. How else would it do it except by
 recording it in a file?
 
 I'm not interested in argumentation. It does not remember passwords,
 period.
   
 
 I am not sure how you can declare that when it is obvious the
 functionality is there.  Perhaps the argument here is about semantics. 

All programs which prompt for, and receive, passwords in clear
text form go to extra lengths to make sure that they do NOT
remember passwords in any form. They overwrite the input
buffers used, for example. Any program which receives passwords
in clear text and doesn't make sure not to remember the
passwords should have its metaphorical wrist slapped, since it
creates a potential security breach.

The fellow I responded to is contributing to a thread which
concerns precise differences between how different tools
handle security. He already wrote one inaccurate statement,
from which I infer that he is not writing very clearly, and
possibly not thinking very clearly, about what takes place
when these programs run, to wit, implying that sudo prompts
for root's password, which it does not. When I tried to
read behind what he wrote, which was obviously inaccurate,
and supposed that he meant su, he corrected me, reinforcing
my belief that he was not giving due consideration to what
he is writing.

As a consequence, since I've already been corrected when trying,
inaccurately, to figure a way for his statements to make sense,
I no longer intend to do so. I believe he means what he writes,
but he isn't thinking clearly about what he writes. So, if it's
inaccurate, it's inaccurate, and I'm not going to try to guess
as what he might have meant, which might have been correct, but
was not what he wrote. That is, if it makes a difference to the
thread.

I'm not interested in egoes, or posturing, or whatever. I just
want to help someone who knows less about how these security
programs work to understand better. That won't happen when
inaccurate and unclear or ambiguous statments are being made.

I am not going to argue about anything. If he can show me where
in the source sudo remembers passwords I'll recant. If he can't
do that, then he should simply admit that he misspoke, and be
a little more careful. I'm not trying to save my ego, either,
nor prove that I, or anyone else, is right or wrong.

I just don't want to see inaccurate information spread, like
sudo remembers passwords when it goes to some length to make
sure that it does not.

Mike
-- 
p=p=%c%s%c;main(){printf(p,34,p,34);};main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Rahul Sundaram

On 05/27/2010 12:09 AM, Tom Horsley wrote:
 I have seen claims on this list that the root password is
 remembered for a small amount of time so you don't keep
 getting asked. That has never worked for me, but I assumed
 it was just because I was running a non-standard session
 and was missing something.
   

Consolehelper and PolicyKit agent on specific instances does this.  You
will see a key icon on your system tray that can you click to make it
forget immediately. 

Rahul
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Mike McCarty

Rahul Sundaram wrote:

I'd appreciate it if you wouldn't CC me.

 On 05/27/2010 12:57 PM, Mike McCarty wrote:
 All programs which prompt for, and receive, passwords in clear
 text form go to extra lengths to make sure that they do NOT
 remember passwords in any form
   
 
 Mike, 
 
 Refer to the notes on password caching at
 
 http://www.wlug.org.nz/SudoHowto
 
 The default is 5 minutes of caching.

I'm aware of that information.

Well, it seems that I was not clear enough in my statement.

At the risk of being taken for rude, I'll expound on what
the misconception being promulgated here is. I'm not trying
to be argumentative, but what's been written here is just wrong,
especially since programs like this go to some lengths not
to remember passwords. We even go to the length of not making
it easy to find encrypted passwords, let alone passwords
in clear text, by using shadow.

The sudo program does not remember passwords. It remembers
epochs when passwords were properly entered. That's what I
said in my earlier messages. This makes the third time,
I believe. I can say that, because it is the truth. (almost)

So, just to be clear, let me be clear, and hopefully not
argumentative.

Sudo does not cache, or store, passwords. It stores the information
that a password was correctly entered and when and for whom.
(See below for a clarification on this point.)
It does not store or remember the password in any form, AFAIK,
and if it sometimes accidentally does, it needs to be changed.

An epoch, and a user name, are not a password.

Storing an epoch, and a user name, is not storing or remembering
a password.

Here's how sudo remembers that information. It's not stored
in a file, as one supposed it must be; it's stored in multiple
nested directory entries.

$ whoami
jmccarty

$ ps
   PID TTY  TIME CMD
  9239 pts/36   00:00:00 bash
11378 pts/36   00:00:00 ps

$ sudo ls -l /var/run/sudo
total 20
drwx--  2 root root 4096 Oct 22  2007 bird
drwx--  2 root root 4096 May 27 02:53 jmccarty
drwx--  2 root root 4096 Aug 27  2008 lfs
-rw---  1 root root   64 Oct 21  2004 _pam_timestamp_key
drwx--  2 root root 4096 Jun  2  2009 root

$ sudo ls -l /var/run/sudo/jmccarty
total 8
-rw---  1 root root  0 May 14 12:47 13
-rw---  1 root root  0 Apr 23 03:23 18
-rw---  1 root root  0 May 21 16:03 24
-rw---  1 root root  0 May 26 15:07 33
-rw---  1 root root  0 May 27 02:55 36
-rw---  1 root root  0 May 26 15:16 37

Note carefully that the files are ZERO length; these
contain no information, only the directory entry
is significant, AFAIK. I have, on occasion, seen files
which have some information in them, though I do not
know what it may be. I should have the source for sudo somewhere,
and could go read it to find out. I haven't taken the time
so far to investigate that.

The file name is the pts from which sudo was run. I just ran
sudo, so an entry was made for me, at the time I ran sudo,
and indicating that I ran it from pts/36.

Nowhere does sudo store or remember a password, period.
It stores the information that a password was entered
properly, and when, and by whom. Well, not quite, because
it really stores the last time it successfully ran on a
given pts. A password may not have been entered, since
a password entry is not required during the cache period.
The entry will be updated, however, extending the cache
period. Also, a password is not required for some users,
root for example. These users do not, AFAIK, get entries
when they run sudo. At least, I've not seen it.

The sudo command provides a way to extend the cache period,
without entering some useless command, by means of

$ sudo -v

which simply validates that one is a valid sudoer, and
updates the cache entry. Using

$ sudo -k

sets the entry to the current epoch, so that the next use
will require the entry of a password (if the user is
required to enter one).

$ sudo -K

removes the entry altogether.

I hope that is clear, and unambiguous, and not rude
or argumentative.

Somehow it seems simpler just to say sudo does not 'remember'
passwords, instead of having to write a tutorial, and
I wish that it were possible to do that without getting people
challenge that fact before taking any time of their own to
investigate how the program works.

Mike
-- 
p=p=%c%s%c;main(){printf(p,34,p,34);};main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Rahul Sundaram

On 05/27/2010 02:42 PM, Mike McCarty wrote:
 I'm aware of that information.

 Well, it seems that I was not clear enough in my statement.
   

There is no lack of clarity.   When people refer to sudo remembering
passwords, they are certainly referring to the functionality and not the
implementation details (which most people don't know and dont want to
know).  While you might argue that the terminology is incorrect and you
are technically right,  I don't see much of a gain in being nit picky
about it.  If you think you can expoud on the implementation details and
get everyone to use a different terminology, I am afraid you are going
to end up being very frustrated.   The boat has sailed on that long back. 

Rahul
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Mike McCarty

Mike McCarty wrote:

[...]

 $ sudo ls -l /var/run/sudo/jmccarty
 total 8
 -rw---  1 root root  0 May 14 12:47 13
 -rw---  1 root root  0 Apr 23 03:23 18
 -rw---  1 root root  0 May 21 16:03 24
 -rw---  1 root root  0 May 26 15:07 33
 -rw---  1 root root  0 May 27 02:55 36
 -rw---  1 root root  0 May 26 15:16 37
 
 Note carefully that the files are ZERO length; these
 contain no information, only the directory entry
 is significant, AFAIK. I have, on occasion, seen files

One slight clarification: The epoch the file timestamp
is set to is that of when sudo is run. When one uses

$ sudo -k

the timestamp is set to an epoch in the past. For example
from another (su to root) terminal I now see

# ls -l /var/run/sudo/jmccarty
total 8
-rw---  1 root root  0 May 14 12:47 13
-rw---  1 root root  0 Apr 23 03:23 18
-rw---  1 root root  0 May 21 16:03 24
-rw---  1 root root  0 May 27 03:15 33
-rw---  1 root root 55 May 25 16:47 34:root
-rw---  1 root root  0 Dec 31  1969 36
-rw---  1 root root  0 May 26 15:16 37
-rw---  1 root root 60 May 25 13:12 unknown:root


Interestingly, I now see entries with some data in them.
I've wondered whether those entries might not be from
something like that.

$ sudo dumphex /var/run/sudo/jmccarty/34:root
Password:

  2F 76 61 72  2F 72 75 6E  2F 73 75 64  6F 2F 6A 6D 
|/var/run/sudo/jm|
0010  63 63 61 72  74 79 2F 33  34 3A 72 6F  6F 74 00 73 
|ccarty/34:root.s|
0020  45 FC 4B C0  23 47 DC EA  6A C5 6E 44  D8 85 2A 44 
|E.K.#G..j.nD..*D|
0030  18 C3 20 0D  EC 74 9E  |.. ..t.|

I don't know what that information may represent, but I suspect
it's the entries that su makes to track its information.

Mike
-- 
p=p=%c%s%c;main(){printf(p,34,p,34);};main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Andrew Parker

On Thu, May 27, 2010 at 5:19 AM, Rahul Sundaram methe...@gmail.com wrote:
 On 05/27/2010 02:42 PM, Mike McCarty wrote:
 I'm aware of that information.

 Well, it seems that I was not clear enough in my statement.


 There is no lack of clarity.   When people refer to sudo remembering
 passwords, they are certainly referring to the functionality and not the
 implementation details (which most people don't know and dont want to
 know).  While you might argue that the terminology is incorrect and you
 are technically right,  I don't see much of a gain in being nit picky
 about it.  If you think you can expoud on the implementation details and
 get everyone to use a different terminology, I am afraid you are going
 to end up being very frustrated.   The boat has sailed on that long back.

 Rahul

I disagree.  Nit picking details in this industry is essential for
progress and understanding.  Defending flawed terminology that imply
security holes when they don't exist is foolish.  I would like to
thank Mike for his explanations, I for one have learnt something
today.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Rahul Sundaram

On 05/27/2010 03:30 PM, Andrew Parker wrote:
 I disagree.  Nit picking details in this industry is essential for
 progress and understanding.  Defending flawed terminology that imply
 security holes when they don't exist is foolish.  I would like to
 thank Mike for his explanations, I for one have learnt something
 today.
   

I wasn't defending flawed terminology.  I was just saying,  just like
the word hacker or so many other things that are widely popular and
misattributed,  it is pretty much a lost battle.   Good luck trying if
you are so inclined to do so.

Rahul

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Tim Waugh

On Wed, 2010-05-26 at 14:39 -0400, Tom Horsley wrote:
 Today I was running system-config-printer to install all
 the various printers around here at work on a freshly
 installed fedora 13 system running as a brand new user
 in a standard gnome session.

As with other PolicyKit-enabled applications, you can configure the
amount of password dialogs you need to see.  You can reduce this to
'none at all' if you like.

For an example configuration which removes the need to see any
CUPS-related password dialogs when configuring the local machine, see
this short description I wrote:
https://fedoraproject.org/wiki/Printing/ConfigurationTool#PolicyKit_configuration

That configuration file applies to actions matching
org.opensuse.cupspkhelper.mechanism.*, i.e. everything that
cups-pk-helper provides.  You can also extend that to
org.fedoraproject.config.* for the other configuration tools in
Fedora, and org.libvirt.unix.* for everything to do with
virtualization, etc.

Yes, it is a bit mad that you get so many root passwords when adding a
printer, but system-config-printer needs to use these actions:

* org.fedoraproject.config.firewall.auth (to read the firewall
configuration, to be able to offer the ability to actually find any
network printers)

* org.opensuse.cupspkhelper.mechanism.devices-get (to be able to find
any devices at all)

* org.opensuse.cupspkhelper.mechanism.printeraddremove (to be able to
actually add a printer)

The policy for these actions is shipped as part of the cups-pk-helper
package.  The over-arching Fedora policy that specifies what the package
must ship is here:
  https://fedoraproject.org/wiki/Privilege_escalation_policy

Tim.
*/



signature.asc
Description: This is a digitally signed message part
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Patrick O'Callaghan

On Thu, 2010-05-27 at 01:17 -0500, Mike McCarty wrote:
  No, I mean sudo. In the default config it prompts for the user's
  password.
 
 But the OP asked about root password, not the user's password.

And I replied in order to help him with his underlying need, which is
not to know the root password but to be able to use root privileges
without repeatedly having to type a password. IOW I assumed I was
replying to what he meant rather than what he said. Since he hasn't
contradicted that impression, I stand by my reply.

poc

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-27 Thread Patrick O'Callaghan

On Thu, 2010-05-27 at 02:27 -0500, Mike McCarty wrote:
 The fellow I responded to is contributing to a thread which
 concerns precise differences between how different tools
 handle security. He already wrote one inaccurate statement,
 from which I infer that he is not writing very clearly, and
 possibly not thinking very clearly, about what takes place
 when these programs run, to wit, implying that sudo prompts
 for root's password, which it does not. When I tried to
 read behind what he wrote, which was obviously inaccurate,
 and supposed that he meant su, he corrected me, reinforcing
 my belief that he was not giving due consideration to what
 he is writing.

Speaking as the fellow you are presumably referring to, your account,
dripping with condescension despite your assertion that it isn't about
ego or posturing, signally fails to mention my further reply to this
point. There is no confusion in my mind about what was said, there is no
confusion in my mind about sudo and how it works, there is no confusion
about what the OP wanted to know (which is not the same as what he said
he wanted to know). The only one who's confused about what was said
appears to be you, since you again state that I think sudo remembers
passwords, despite my replying that I don't think that and that the very
idea is insane.

poc

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

root password prompts

2010-05-26 Thread Tom Horsley

I have seen claims on this list that the root password is
remembered for a small amount of time so you don't keep
getting asked. That has never worked for me, but I assumed
it was just because I was running a non-standard session
and was missing something.

Today I was running system-config-printer to install all
the various printers around here at work on a freshly
installed fedora 13 system running as a brand new user
in a standard gnome session.

I get three or four root password prompts for each
separate printer install.

Where is this mythical setting to make it
remember the password?
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-26 Thread Patrick O'Callaghan

On Wed, 2010-05-26 at 14:39 -0400, Tom Horsley wrote:
 I have seen claims on this list that the root password is
 remembered for a small amount of time so you don't keep
 getting asked. That has never worked for me, but I assumed
 it was just because I was running a non-standard session
 and was missing something.
 
 Today I was running system-config-printer to install all
 the various printers around here at work on a freshly
 installed fedora 13 system running as a brand new user
 in a standard gnome session.
 
 I get three or four root password prompts for each
 separate printer install.
 
 Where is this mythical setting to make it
 remember the password?

AFAIK this is a function of 'sudo'. It asks you the first time and
remembers for a few minutes after. I've never seen this behaviour other
than with sudo.

poc

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-26 Thread Mike McCarty

Patrick O'Callaghan wrote:
 On Wed, 2010-05-26 at 14:39 -0400, Tom Horsley wrote:

[...]

 Where is this mythical setting to make it
 remember the password?
 
 AFAIK this is a function of 'sudo'. It asks you the first time and
 remembers for a few minutes after. I've never seen this behaviour other
 than with sudo.

Umm, perhaps you mean su. The sudo command does not prompt
for the root password.

It doesn't remember the password. It makes an entry in a log
with the epoch. When next invoked, sudo checks the latest entry,
and if less than a certain amount of time has elapsed, simply
goes on. If more than the time limit has elapsed, then it prompts,
and makes a new entry.

Mike
-- 
p=p=%c%s%c;main(){printf(p,34,p,34);};main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-26 Thread Mike McCarty

Mike McCarty wrote:
 Patrick O'Callaghan wrote:
 On Wed, 2010-05-26 at 14:39 -0400, Tom Horsley wrote:
 
 [...]
 
 Where is this mythical setting to make it
 remember the password?
 AFAIK this is a function of 'sudo'. It asks you the first time and
 remembers for a few minutes after. I've never seen this behaviour other
 than with sudo.
 
 Umm, perhaps you mean su. The sudo command does not prompt
 for the root password.

I guess this is too brief. The sudo command does not prompt
for the root password. The su command may prompt for the
root password, and always does if it ever does, unless being
invoked by root. The sudo command does make entries in a log
which it checks, and if it prompts for the user password (not
root, even if root invokes it) then it does not do so if
invoked again by the same user within a certain time period.

I hope that isn't too confusing. I'm sure man su and man sudo
will help untangle it all.

Mike
-- 
p=p=%c%s%c;main(){printf(p,34,p,34);};main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-26 Thread Patrick O'Callaghan

On Wed, 2010-05-26 at 14:48 -0500, Mike McCarty wrote:
  AFAIK this is a function of 'sudo'. It asks you the first time and
  remembers for a few minutes after. I've never seen this behaviour
 other
  than with sudo.
 
 Umm, perhaps you mean su. The sudo command does not prompt
 for the root password.

No, I mean sudo. In the default config it prompts for the user's
password.

 It doesn't remember the password. It makes an entry in a log
 with the epoch. When next invoked, sudo checks the latest entry,
 and if less than a certain amount of time has elapsed, simply
 goes on. If more than the time limit has elapsed, then it prompts,
 and makes a new entry.

IOW it remembers it by logging it. How else would it do it except by
recording it in a file?

poc

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Re: root password prompts

2010-05-26 Thread Genes MailLists

 and makes a new entry.
 
 IOW it remembers it by logging it. How else would it do it except by
 recording it in a file?
 
 poc
 

  It is an suid program - it doesn't need a password unless the policy
chooses to ask for one.
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

1 2 >

1 - 100 of 115 matches

Mail list logo