Debian, GDM, Gnome and Root Login

Published by Torry Crass on

First, since I am a bit biased, I feel obligated to state that I truly loath GUIs on linux from the standpoint that I can do more with commandline both faster and more accurately than I can through any linux based GUI I've ever used.  Yes the graphics can be pretty from time to time but the cold black terminal screen is definitely my best friend.

So, I ran into a problem working on a Debian system this evening.  The problem was that I loaded a test (very much not production and very much temporary) Debian system and decided to toss Gnome on it for no real reason other than to give it a whirl and see if it made what I needed to do any easier.

About 1.5 hours later I had a shiny new Debian system with Gnome sitting there just waiting for me to take it for a spin.  I logged in as a local user first and quickly decided that I really did need to log in as root since everything I needed to do on the machine at this point required root.  I tried and was immediately smacked by an Authentication Failure error message.  My first reaction was, great, they paid attention to some basic security so I logged back in to change the configuration only to find it wasn't changable in the GUI.  So along comes my trusty steed ye 'ol terminal and I finally got it changed.  Here's the instructions since there are two locations that need to be edited to make this work right.

Edit the file and add the bold entries into it in the respective locations: /etc/gdm3/daemon.conf

[security]
AllowRoot=true

[xdmcp]
AllowRemoteRoot=true

Now edit the file and comment out the 5th line as shown below: /etc/pam.d/gdm3

#%PAM-1.0
auth    requisite       pam_nologin.so
auth    required        pam_env.so readenv=1
auth    required        pam_env.so readenv=1 envfile=/etc/default/locale
#auth   required        pam_succeed_if.so user != root quiet_success
@include common-auth
auth    optional        pam_gnome_keyring.so
@include common-account
session required        pam_limits.so
@include common-session
session optional        pam_gnome_keyring.so auto_start
@include common-password

Now restart the system or log out and restart gdm by doing /etc/init.d/gdm3 restart and you should be good to go.  Happy linuxing!


1 Comment

Barry Sprajc · August 27, 2012 at 9:17 pm

Thanks for the complete answer w/o being subject to the endless warnings of why one should not log in as root.
Barry

Leave a Reply