- This topic has 4 replies, 4 voices, and was last updated May 27-7:14 pm by iznit.
-
Posts
-
solar
In installing antiX and trying to change it to my preferences afterwards it struck me that I was never asked to type a password for anything like updating, installing new packages, or using synaptic.
I am relative newby to linux, though having some experience with Mint. Upon install I provided a username and a root password. Then I installed things like firefox and synaptic through package installer, and used synaptic to install xfburn (all without the need to type any password). Installing xfburn gave the message: Download is performed unsandboxed as root as file ‘/root/.synaptic/tmp//tmp_cl’ couldn’t be accessed by user ‘_apt’. – pkgAcquire::Run (13: Permission denied). Then I started to worry a little bit. Did I mixed up user and root rights and compromised the security of my system?From Mint I learned that the password was always asked for updating and installing new packages. But then, there the first user was always root if I remember well. Then I got the idea to provide the first user in antiX with a password and to disable autologin. Now I am being asked for a user password when using the antiX updater or launching the package installer. I would still prefer to autologin but use passwords for such tasks as installing new packages if that is possible. (Reinstalling xfburn eventually happened without the message quoted above)
Is the policy of password use in antiX any different from other distros? I realise I will have to learn a bit more about when using root or user is appropriate, but any comment on this is highly appreciated.
For the rest, I like antiX a lot, particularly it’s speed on my old desktop.
Brian Masinick
christophe
Is the policy of password use in antiX any different from other distros?
I don’t think so. I know that there is a short time when, after entering password for escalation to root privileges, you don’t need to enter a password for another such action. I think it’s something like 15 minutes, but I’m not sure. (Maybe someone else can answer that.)
If you originally set up root to have no password, maybe that’s the reason you were not asked to provide one? I think you should have a password for any user, in my opinion. Only login with your normal user. Autologin is fine – for the normal user. Never use root to login for normal usage, just use the normal user, and escalate to root permissions as-needed.
I’m not sure what you mean by “first user,” but you’ll have “root” and another one that is your normal user when you install antiX. Actually the installer offers to skip the root user if you want to.
I would still prefer to autologin but use passwords for such tasks as installing new packages if that is possible. (Reinstalling xfburn eventually happened without the message quoted above)
That is the default, if you set your normal user to autologin. Maybe you typed your password once absentmindedly, and then continued happily installing new software, without being prompted again for those 15 minutes? I don’t know. It DOES sound like something I might do… 🙂
- This reply was modified 11 months, 3 weeks ago by christophe.
- This reply was modified 11 months, 2 weeks ago by christophe.
confirmed antiX frugaler, since 2019
Thanks Brian and Christophe, very helpful.
I must say that there are indeed variations among distros in how they handle the sudo command. Not all have a certain window of time like in AntiX as Christophe noted. In one of the ubuntu variations for instance I could do things in synaptic and (de)install various packages after providing the password at the first instance, but only if I kept synaptic open. As soon as as the synaptic window is closed sudo rights were also closed. That does not seem to be the case in AntiX in my experience.
I am following Brian’s suggestion and diving a bit more into how sudo rights work and were they are allocated. Haven’t found yet how and were the window of time for sudo rights are made (it is totally new for me, so it takes time), any further suggestions still welcome.
iznit
how and were the window of time for sudo rights are made
man sudoers
If you don’t have time to fully read it, press ” / ” slash key while viewing to initiate a search and search for timeoutThe command “sudo visudo” will open sudoers file for editing and you can adjust the timeout amount there.
- You must be logged in to reply to this topic.
