On Saturday 29 August 2020 04:04:55 Dr. Nikolaus Klepp wrote: > > > > #1 - When installing, I deliberately chose *not* to set a root > > > > password; since nobody else ever gets to touch my system, it is > > > > enough that my user password is granted root privileges when I use > > > > sudo or su. > > > > > > Always set a root password, even it's 123456789. Not all programs > > > accept root without password. > > > > Yeah, I tried that, but I always end up with this same problem. When I > > tried setting a root password before (because it always seemed like the > > *right* answer), I got this same result. > > > > When I made the move from Kubuntu to Debian, I went through this > > root-password thing at least 5 or 6 times. I always ended up with a > > system where I could not be granted admin or root privileges ... EXCEPT > > in a sudo su shell! So that's what I usually do: I create a sudo su > > shell, then exit and allow permissions to expire, then when I need quick > > access again, I just hit my UP arrow key, re-enter password, and go back > > into sudo su to kill something or whatever else needs immediate > > attention. > > > > Now, it would be nice to crack this nut, once and for all, but I don't > > want to keep asking my own machine for permission to do things. The > > question is, which of us is master? > > Hm. I'm quite sure I'm master on my systems, but that could be a delusion > ... > > What I have not understood yet: you can get root access from terminal with > "su" or you have to use "sudo bash" ? > Thanks, Nik! I'm glad somebody is willing to explain this to me like I am a child. I probably ought to have got this years and years ago, but since I don't need it so much in a group setting, or office, I could put it off. Some of this discussion has been superseded by another email, as they crossed paths. However, in answer to this point: When I open a terminal, type "sudo su", I can enter my password, and then I am root. I can do whatever I want to my system, no matter how ill-conceived and dangerous. However, I cannot use it to launch gui programs, only to run some root commands, such as when I want to run pkill to kill several processes all at once, because they relate to something else that is running away. When I am done, I type exit, or I can even kill su processes, rather than waiting for permissions to expire. But when I (was) try(ing) to run a gui program (for example, gufw), I would be asked for my password, then told that it was incorrect. I have set my system not to allow root logins. There is no separate admin apart from the present author, although I cannot just do anything; I still must enter my password to become su. However, without having installed quite all the trinity-sudo packages, I was denied root permissions, except in the shell, by running "sudo su". Sorry for the tedious details, but I do want to get to the bottom of this issue, even though it may be self-inflicted. Bill > > > > Anyway, so now, suddenly, I am asked for the root password in order > > > > to run gufw and other such stuff. But when I enter my password, I get > > > > a message that the password is incorrect. This happened before, long > > > > ago, when I first switched from (k)ubuntu to debian; debian seems to > > > > have a stricter default policy, which is probably a good thing, and I > > > > probably ought to get the hang of this thing, right? > > > > > > > > So I need an easier solution than whatever this is that I am doing > > > > (or not doing). I have been combing through my Linux pocket guide and > > > > Linux in a Nutshell and Linux Bible, etc., but they all say the same > > > > thing, and none of them work. > > > > > > > > #2 - I still want a graphical firewall that runs like the old > > > > Firestarter; gufw isn't quite what I want, or maybe I just haven't > > > > yet configured it properly. > > > > > > didn't know Firestarter, but it loks nice for a firewall. I have to > > > admit I don't like linux firewall (I prefer the BSD way). Anyway, I use > > > "ufw" - it has a nice GUI, depending on your text editor :) > > > > > > > What I want is not just a GUI, but instead, one that displays *active > > > > connections* as they appear and disappear, and allows changing rules > > > > on the fly. Is there such a thing? > > > > > > "fierwall-applet" could be what you want, but it drags in a hole bunch > > > of things. > > > > Will check it out, thanks. > > > > > > Running it in a terminal would suit me just fine, so long as it is a > > > > dynamic display of active connections as they occur. Also an easier > > > > way to edit iptables. (I read that there is some new "thing" to > > > > replace iptables, meaning that ufw and gufw and their kin will all > > > > become obsolete very soon, apparently being phased out, and I had a > > > > hard time downloading them.) > > > > > > > > Another possible fix would be: to pass my firestarter rules (based on > > > > iptables) along to ufw/gufw. > > > > > > gufw? a gui for ufw? Abomoination! > > > That could definitly be done. Are you in for a bit of shell black > > > magic? > > > > I am always prepared for some black magic. That is why I keep my *Linux > > in a Nutshell* grimoire always close to hand. Oh, and salt, burning > > sulfur, candles and incense, and some cats. > > > > I used to keep goats and chickens, but nowadays my landlord is always > > complaining. > > > > Seriously, whatever you can recommend to get me back "in control" of the > > Mother Ship. > > > > Thanks a bunch! > > > > > > But anyway, what I want is to see my active connections. (See > > > > enclosed screenshot.) > > > > > > > > Any help or comments or suggestions are appreciated. If not, at least > > > > a good joke. > > > > > > Windows guys suggest to run a firewall in amazon cloud and send all > > > your network through it. I still have not figured out if tis is a bad > > > joke or that they actully do, but I have the strong feeling this is a > > > seriouse advise (there are commertial offers for this kind of stuff). > > > > It sounds like these kids forget everything about security, privacy, > > whenever somebody says the word "cloud" -- then it's all okay. > > > > > > Bill > > > > > > > > P.S. The worst insult is, just before my upgrade, I had got my Jessie > > > > system fine-tuned to near-perfection, and was feeling rather smug and > > > > virtually bulletproof. On the bright side: Beowulf/Buster does seem > > > > to run better, overall, except for when I can't get it to DO WHAT I > > > > WANT. > > > > > > > > :-\ > > > > > > > > See screenshot for firewall example. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > > trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx For additional > > commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx Read list > > messages on the web archive: http://trinity-users.pearsoncomputing.net/ > > Please remember not to top-post: > > http://trinity.pearsoncomputing.net/mailing_lists/#top-posting --------------------------------------------------------------------- To unsubscribe, e-mail: trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx For additional commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/ Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
