this post was submitted on 11 Aug 2023
98 points (97.1% liked)

Linux

48323 readers
834 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Hey guys. I'm new to Linux and I'm running Linux Mint 21.2 Cinnamon. Yesterday I have f*cked up. I was testing things in users and geve myself standart priveledges insted of Admin ones I had from beggining and then restarted PC. I then tried log back into users tab and change myself back to Admin but even tho the password is correct It says that it is not. /So at this point there is only one user in PC who has standart privliedges and no Admin./ I then tried to access root via terminal and this time It said that I don't have permision to do that. And this is where I'm at right now. Please help get back my admin privliedges.

Edit: Issue is fixed. I started GRUB and changed my password which fixed the whole issue. Once again big Thank you to everyone who gave me tips and also big thank you to the guy who started posting about rowing machines. You all wonderful.

top 50 comments
sorted by: hot top controversial new old
[–] Saik0Shinigami@lemmy.saik0.com 53 points 1 year ago (2 children)

If you've lost root credentials you can always bypass them.

https://www.tecmint.com/reset-forgotten-root-password-in-ubuntu/

When your in after this point you can reset the password to something you know then continue from there.

[–] MJRul3s@lemm.ee 11 points 1 year ago

Thanks. I will try that when I get home from work and give you my feedback.

[–] timespace@lemmy.ninja 6 points 1 year ago* (last edited 1 year ago) (11 children)

Wait wtf? You can just reset root password that easy? What’s even the point of having a password, if all of your data and info is so easily accessed if someone gets physical hold of the machine. I guess so software/remote hackers can’t get your stuff, but still. This seems wild to me, I dunno.

New to Linux so I’m sorry if I’m being ignorant, but it does seem crazy you can get access to a machine without the password.

Edit: Thanks for all the comments below! I guess I’ve been spoiled by BitLocker in Windows being enabled by default and not having to think of disk encryption. Appreciate everyone’s time and responses!

[–] Wangus@startrek.website 42 points 1 year ago (1 children)

There needs to be some mechanism to recover your machine should this happen. It's not that much more difficult to do it on a windows machine either.

The truth of the matter is is if somebody has physical access to your machine it's not your machine anymore. They can pull out the hard drive and plug it into a machine that they have a password for and read from it if it's not encrypted. So on and so forth.

[–] Resolved3874@lemdro.id 2 points 1 year ago

Which is why you never throw away a computer with the drives in it and you never throw drives away without physically destroying them. Don't give other people the chance to see your weird shit.

[–] errorinthread@lemmy.world 35 points 1 year ago

This is why encryption is important, but physical access to a device will always lead to bad things.

[–] Case@unilem.org 25 points 1 year ago (2 children)

If an attacker has physical access then you're already screwed in most cases.

[–] nyan@lemmy.cafe 13 points 1 year ago (1 children)

Pretty much. Even if an attacker can't boot your system, if they have physical access they can just pull your hard drive and mount it on a system they can boot. Only encryption can prevent this. Linux security was originally meant for keeping unprivileged accounts on multiuser systems from messing things up for others on the same machine. It can stretch to some other use cases, but is not a panacea for everything.

[–] tetha@feddit.de 3 points 1 year ago* (last edited 1 year ago)

And even password based disk encryption can be defeated with 2-3 physical accesses if an organization wants to hard enough. Keyloggers can be very, very sneaky.

At that point you'd have to roll something like Yubikey-based disk encryption to be safe, because this re-establishes control over some physical parts of the system. Until they find the backup Yubikey you had to not lose all data by losing the primary key you're carrying around to maintain control over it.

It's not a battle the defending side can win.

[–] Chickerino@feddit.nl 10 points 1 year ago

that is unless you're running disk encryption, in which case your data (and in most cases your OS) is safe from unauthorized access, although there is not much to stop them just wiping it or running their own os on it lol

[–] zero_gravitas@aussie.zone 21 points 1 year ago* (last edited 1 year ago)

New to Linux so I’m sorry if I’m being ignorant, but it does seem crazy you can get access to a machine without the password.

This is always the case, no matter what OS you use, unless you use full-disk encryption. User credentials are all just data on a disk, so if someone has physical access to your machine, and your disk isn't encrypted, then they can access (and change) those credentials or any other data.

See also: https://ostechnix.com/reset-windows-password-with-linux-live-cd/

What’s even the point of having a password

As you say, preventing remote access is one, but also a password will slow someone down a bit, and stop low-knowledge adversaries entirely, possibly. Also you will at least know someone has messed with your machine if they change the password.

Really, though, there's nothing malicious someone can do to an unencrypted computer by changing the password that they couldn't do without changing the password (copy all your files, delete all your files, install malicious software). Except I guess annoying you by making you change your password back. 😆

[–] nan@lemmy.blahaj.zone 15 points 1 year ago* (last edited 1 year ago)

Linux can do it to Windows machines too. If it’s not encrypted, USB drive is all it takes.

If it’s not encrypted, a live usb can read all the data on any machine anyway.

[–] ourob@discuss.tchncs.de 9 points 1 year ago

Account passwords have never had the purpose of protecting data from physical access - on Linux or any other operating system that I’m aware of. Physical access means an attacker can pull your drive and plug it into their computer, and no operating system can do anything to block access in that scenario, because the os on disk is not running.

You need disk encryption to protect your data. The trade off is that if you forget the encryption password, your data is unrecoverable by you. But that’s what password managers are for (or just writing it down and putting it in a safe).

[–] TheOctonaut@mander.xyz 8 points 1 year ago

I believe it's better not to pretend that an OS password is a secure protection of your data when physically access can just mean - I don't like that OS, I'm going to put on this OS instead, or indeed, I don't like this PC, I'm going to put your data in this PC instead.

Remember, most PCs can become someone else's PC just by plugging in the right USB key. In fact most Linux users will know that, having literally done this themselves.

[–] Auli@lemmy.ca 6 points 1 year ago* (last edited 1 year ago)

Just as easy or easier on Windows since it has a GUI. If someone has physical access to your machine your basically screwed. Unless encrypted they could just pop the drive out and put it in another machine also. Also what is more likely for the average user someone comes in and tries to hack your password physically or something gets into your machine and someone tries remotely.

[–] MJRul3s@lemm.ee 5 points 1 year ago (1 children)

I quess if you really want to secure your device you shloud use encryption to encrypt your data and/or make something that wipes all your data in case someone tries to log into your device but that's only when you have something really important to hide.

[–] Agility0971@lemmy.world 1 points 1 year ago

well, a computer contains sensitive information so it should always be encrypted. Even if you think you have nothing to hide

[–] sznio@lemmy.world 5 points 1 year ago

Unix was originally a networked system that many terminals would connect to. Being able to actually reach the machine meant that you had authority.

It's the same today. If someone has physical access, the system is so screwed that you can just give total privileges anyways.

[–] dark_stang@beehaw.org 4 points 1 year ago

If somebody had physical access to a machine, they can get into it. If you want your data secured l, use encryption as others have suggested.

[–] NaibofTabr@infosec.pub 15 points 1 year ago (3 children)

I will also offer some help...

Next time you're "testing things" set up a VM and test there. Don't test things on your primary OS/place you can't just wipe and start over.

[–] MJRul3s@lemm.ee 8 points 1 year ago (1 children)

That is a great advice. Thanks for the tip my man.

[–] tubbadu@lemmy.kde.social 9 points 1 year ago* (last edited 1 year ago) (1 children)

Also setting up a periodic snapshot with tools like timeshift can save your life

[–] MJRul3s@lemm.ee 3 points 1 year ago (1 children)

Already tried that yesterday and my last back up is three days old. But timeshift needs password and when I entered it. The Timeshoft said that I don't have permision to open it.

[–] Reborn2966@feddit.it 1 points 1 year ago

right it still require root privileges...

well if you boot from a usb key and you have a btrfs file system, you could manually restore the snapshot. this would bypass the password

[–] axzxc1236@lemmy.world 2 points 1 year ago

If there is docker image for what you need, use docker image.

If not I would recommend systemd-nspawn, it's chroot but can run systemd init, with efforts you can run GUI applications from it too., wiping that is just sudo rm -rf.

[–] jackpot@lemmy.ml 2 points 1 year ago (1 children)
[–] Bene7rddso@feddit.de 3 points 1 year ago

KVM/Qemu with Virt-Manager as GUI. There's also Virtualbox, but it's Oracle

[–] joyofpeanuts@beehaw.org 13 points 1 year ago (2 children)

I have fucked up somewhat like you in the past and needed to repair my system. In Linux you can boot into runlevel 1, single-user mode, where you are effectively root and can remove the root password, the re-enter one after you boot in the usual runlevel again. See these links: https://www.debuntu.org/how-to-recover-root-password-under-linux-with-single-user-mode/ https://www.debuntu.org/how-to-change-boot-runlevel-with-grub2/ https://www.geeksforgeeks.org/run-levels-linux/

[–] MJRul3s@lemm.ee 4 points 1 year ago

Will try and give you feedback once I'm home. Thanks man.

[–] yum13241@lemm.ee 1 points 1 year ago

Runlevels don't exist on systemd. multi-user.target is what you want.

[–] GorbinOutOverHere@hexbear.net 11 points 1 year ago (2 children)

you can say fuck on the internet but that's all the help im qualified to give you unless you would like for me to extol the benefits of owning a rowing machine

[–] giantfloppycock@lemm.ee 8 points 1 year ago (2 children)

I’m here for the rowing machine benefits. Lay them on me, brother.

[–] antrobus@kbin.social 6 points 1 year ago (2 children)

Not OP, just an admirer, but:

  1. If you have the cheese for a WaterRower, it’s quiet enough that you can haul ass in your studio apartment for 90 minutes without bothering your neighbors
  2. Rowing burns a fabulous amount of calories with the smallest possible footprint - you take up a rectangle of space for the entirety of your workout and at the end you’re still exhausted
  3. Full-body workout baby
  4. Naturally builds a functional-looking body, not too grotesque, very 3D
  5. As long as you keep it clean, no one will notice you’re not using your rowing machine - it’s pretty obvious when you’re not using the 32 kg kettlebell in the corner
  6. There are cool apps out there for rowing machines, but without the prohibitive expense of Peloton
[–] giantfloppycock@lemm.ee 2 points 1 year ago

Hnnngggg yeah this is the shit I come here for. Now just need to toss out my couch to make room in my tiny ass studio for a rowing machine.

[–] MJRul3s@lemm.ee 2 points 1 year ago

I know I said I didn't need no rowing machine facts but I changed my mind xD Good summary.

[–] GorbinOutOverHere@hexbear.net 3 points 1 year ago* (last edited 1 year ago)

Oh man you should get a rowing machine, I got one for Christmas and have used it for like 180 days so far and let me tell you Im getting absolutely shredded. My beer belly has turned into shoulder and chest and bicep muscle and is now totally gone. My torso is like an inverted triangle, my lats are poppin, i got like dimples in my shoulders now above my armpit, shit's wild.

The key is doing it like every day and turning up the resistance if it gets easy. Also stretch a lot and look up what you're doing so you don't hurt yourself

[–] MJRul3s@lemm.ee 5 points 1 year ago (1 children)

I'm kinda used to people being sensitive even to the most minor of profanities but If it's alright I won't fucking hold back. I'm not intersted in rowing machines right now but thanks anyway.

[–] GorbinOutOverHere@hexbear.net 2 points 1 year ago

I'm not intersted in rowing machines

Okay well they'll still be there when you decide you wanna get jacked stalin-heart

[–] ghulican@lemmy.ml 6 points 1 year ago (1 children)
[–] MJRul3s@lemm.ee 2 points 1 year ago

Basically same method Saik0 posred later on. Will try that when I'm home and give my feedback. Thanks.

[–] curioushom@lemmy.one 2 points 1 year ago (9 children)

Are you trying the terminal commands with sudo? You could also try logging in as root user with the password you used during setup.

load more comments (9 replies)
[–] Zeppo@sh.itjust.works 1 points 1 year ago (1 children)

One of my favorites has always been “sudo passwd”, which works for some reason

[–] MJRul3s@lemm.ee 1 points 1 year ago

I might try that later on.

load more comments
view more: next ›