Announcement

**penguin.ch** · Apr 11, 2007, 03:14 AM

Re: user groups and root privileges

Originally posted by easyfragger

What could make the difference between the two setups, and, is it still safe to run the system with the user having all the described privileges?

To start with the second part: such a configuration I'd regard as "windozism", read: perfectly unsecure. :P

As for the first part: what's the default user's primary group? It's supposed to be one, named alike the user.

**easyfragger** · Apr 11, 2007, 03:18 AM

Re: user groups and root privileges

Originally posted by UnicornRider

To start with the second part: such a configuration I'd regard as "windozism", read: perfectly unsecure. :P

I see - so how to change it?

Originally posted by UnicornRider

As for the first part: what's the default user's primary group? It's supposed to be one, named alike the user.

The primary group is the group named like the user himself.

**javierrivera** · Apr 11, 2007, 04:33 AM

Re: user groups and root privileges

Does this help?.

Code:

$ sudo -k

Which is the user uid?

You can check it in the user control panel. I believe that it should be 1000.

Javier.

**easyfragger** · Apr 11, 2007, 04:43 AM

Re: user groups and root privileges

Originally posted by javierrivera

Does this help?.

Code:

$ sudo -k

Which is the user uid?

I can't check it right now because I'm at work, but as far as I remember, the user id is in fact 1000. Is that alright? I'll try sudo -k later.

**penguin.ch** · Apr 11, 2007, 04:53 AM

Re: user groups and root privileges

Originally posted by javierrivera

Which is the user uid?

Code:

USER@FREYJA # id
uid=1000(birdy) gid=1000(birdy)
ROOT@FREYJA # id
uid=0(root) gid=0(root)

**easyfragger** · Apr 11, 2007, 10:54 AM

Re: user groups and root privileges

back home I can tell: my user id is 1000, and sudo -k does not help solving the problem. I have not full root access, though; for example I can't read files like /etc/sudoers only root has read access to. However, admin mode in adept and the system configurations goes without a password.

**javierrivera** · Apr 11, 2007, 11:06 AM

Re: user groups and root privileges

And what about:

Code:

$ kdesu -s

Javier.

**easyfragger** · Apr 11, 2007, 04:35 PM

Re: user groups and root privileges

... hm, kdesu -s also makes no difference in my situation

**javierrivera** · Apr 12, 2007, 12:57 AM

Re: user groups and root privileges

If you try to use kdesu on the command line to open some program, like:

Code:

$ kdesu konqueror

Does it show the password prompt?
Is there any useful error?

Javier.

**easyfragger** · Apr 12, 2007, 01:15 AM

Re: user groups and root privileges

When opening programs with kdesu, there are some errors like

X Error: BadDevice, invalid or uninitialized input device 169
Major opcode: 147
Minor opcode: 3
Resource id: 0x0
Failed to open device

(which are probably not related to the problem?)
Anyway, "kdesu konqueror" opens konqueror without asking for a password, and allows me to read files only root has read access to. For example, I can open /etc/sudoers within the konqueror started with kdesu, but a simple "more /etc/sudoers" in the console returns "Permission denied".

What is going on here?

**javierrivera** · Apr 12, 2007, 01:35 AM

Re: user groups and root privileges

Seens like kdesu has cached your password or something like that. It is supposed to do it, but only for a while. And "kdesu -s" should erase it.

I'd try to look for a process called kdesud and kill it.

Javier.

**penguin.ch** · Apr 12, 2007, 01:40 AM

Re: user groups and root privileges

Originally posted by easyfragger

What is going on here?

Good question ... what might bring you one step closer to the answer:

Install gksu and use it as a (temporary) replacement for kdesu ...

If this trick worked out, I'd assume kdesu being the culprit.

**easyfragger** · Apr 12, 2007, 01:43 AM

Re: user groups and root privileges

Thanks for the help, but unfortunately, the problem is still here. Actually, there was a process "kdesud" running, but killing it didn't fix the issue. Watching the table of processes I see that kdesud is started whenever I use admin privileges; for example, when starting adept. More precisely, in this situation 4 processes are started: "kdesu" and "kdesud" owned by the user in question, and two processes called "kdesu_stub" owned by root. After closing the admin application, only kdesud remains active.

**easyfragger** · Apr 12, 2007, 01:46 AM

Re: user groups and root privileges

Originally posted by UnicornRider

Install gksu and use it as a (temporary) replacement for kdesu ...

If this trick worked out, I'd assume kdesu being the culprit.

Using gksu or kdesu makes no difference here -

- "gksu konqueror" also gives me access to files I am supposed to have no access to.

Announcement

user groups and root privileges

user groups and root privileges

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment