Search:  
Gentoo Wiki

TIP_Link_Root_To_Main_User

This article is part of the Tips & Tricks series.
Terminals / Shells Network X Window System Portage System Filesystems Kernel Other


Warning: This creates a major security hole, because user bob can edit the .bash_login, .bashrc of root and is able to execute commands with root-privileges indirectly. On systems with procmail installed bob can create a malcious .procmailrc and execute it by sending mail to root. Please understand the ramifications of doing this before continuing and, for goodness sakes, don't do this on a production server.


This is a simple guide to linking root's home directory to that of your main user, which I will call bob for the purposes of this guide. Note that this is just a luxury for a single user who periodically runs programs as root, and that you wouldn't want to do this on any mission critical machines.

First, back up any important data currently in /root. Then, as root:

rm -rf /root
ln -sf /home/bob /root
cd /etc/cron.hourly
echo "chown -R bob:users /home/bob" >> chown_bob
chmod 555 chown_bob
cd -

Now root and bob share the same home directory. But when you're logged in as bob you don't have root's privileges, so everything is still reasonably secure. Note that you could also edit /etc/passwd and change /root to /home/bob if you like, but I think the symlink is clearer.

Now you don't have to worry about maintaining seperate copies of config files, such as:

etc...

The reason the chown command goes in cron.hourly (which causes it to execute every hour on the hour) is so that files created in the home directory belonging to root will soon become owned by bob, so that bob can make use of them, too. And since root has full access to anyone's files (including bob), there's no need for root to own things himself.

Should the need arise you can also run the command manually, like so:

# /etc/cron.hourly/chown_bob

...but you'll rarely have any need to do this, and it's certainly much less hassle than maintaining seperate copies of files in /root and /home/bob, or even linking individual files.

A better way to do the chown-ing is to add the following lines to bob's /home/bob/.bash_logout :

if [ `/usr/bin/whoami` = 'root' ]
then
        /bin/chown -R bob:users /home/bob
fi

That way, every time the root logs out, he will change the ownership of the files in /home/bob back to bob.

This article is still a Stub. You can help Gentoo-Wiki by expanding it.

Retrieved from "http://www.gentoo-wiki.info/TIP_Link_Root_To_Main_User"

Last modified: Tue, 10 Jan 2006 03:15:00 +0000 Hits: 13,408