[421] in athena10
Re: root logins
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Aug 13 16:43:41 2008
Date: Wed, 13 Aug 2008 16:43:34 -0400
From: Greg Hudson <ghudson@MIT.EDU>
To: athena10-mtg@menelaus.MIT.EDU
In-Reply-To: <016A9D49-6A08-403B-B8BB-359953CD914C@mit.edu>
Content-Type: text/plain
Message-Id: <1218658821.12433.198.camel@error-messages.mit.edu>
On Wed, 2008-08-13 at 16:16 -0400, Jonathan Reed wrote:
> On cluster workstations, obviously we will want to continue to disable
> root logins. However, will we still be setting a password for the
> root user? (And will that continue to be "profroot", or is it time to
> change? "deanroot", perhaps?) Alternatively, is there a need for
> ordinary users to become root in clusters any more? It should no
> longer be necessary for mounting peripherals like USB drives?
I'm open to arguments, but my plan had been to continue with the same
policy as before.
> On "private" workstations (-workstation, etc), Ubuntu by default does
> not allow root to login to a graphical session on VT7. Should we
> encourage users to simply use VT1 for all their root login needs on
> private workstations? Or should we strongly plug sudo instead? (I'm
> mainly thinking about the PWOG here)
I think the best option is to add your Athena username to the admin
group and use sudo, which also lets you use the graphical admin
utilities.
If that's not a good idea for some reason, you can log in as any user
and su, provided that you have set a root password.
Logging in as root on vt1 is probably only a good idea if you're about
to muck with accounts, which would make it inconvenient to be logged in
as one of the accounts you're going to muck with.
