From Fedora Project Wiki

No edit summary
(add a reference to configuring sudo)
Line 1: Line 1:
By default, from Fedora 10 onwards, root user is not allowed to login via GNOME Display Manager (GDM) by default. Logging in as root in the graphical environment is typically not necessary and not recommended at all for security reasons and also because it is easy to accidentally trash your system when using your system with full elevated privileges and administrator access. Graphical administration tools requiring root or user password will usually prompt on demand and we strongly recommend that you use switch user (su -) to run specific commands as root if needed or configure sudo instead. However if you must login as root in GDM despite the increased security risks of doing so, follow the steps outlined below
By default, from Fedora 10 onwards, root user is not allowed to login via GNOME Display Manager (GDM) by default. Logging in as root in the graphical environment is typically not necessary and not recommended at all for security reasons and also because it is easy to accidentally trash your system when using your system with full elevated privileges and administrator access. Graphical administration tools requiring root or user password will usually prompt on demand and we strongly recommend that you use switch user (su -) to run specific commands as root if needed or [https://fedoraproject.org/wiki/Configuring_Sudo configure sudo] instead. However if you must login as root in GDM despite the increased security risks of doing so, follow the steps outlined below


Login in as a regular user and open the terminal (command line) and edit the configuration text file
Login in as a regular user and open the terminal (command line) and edit the configuration text file

Revision as of 04:10, 29 March 2009

By default, from Fedora 10 onwards, root user is not allowed to login via GNOME Display Manager (GDM) by default. Logging in as root in the graphical environment is typically not necessary and not recommended at all for security reasons and also because it is easy to accidentally trash your system when using your system with full elevated privileges and administrator access. Graphical administration tools requiring root or user password will usually prompt on demand and we strongly recommend that you use switch user (su -) to run specific commands as root if needed or configure sudo instead. However if you must login as root in GDM despite the increased security risks of doing so, follow the steps outlined below

Login in as a regular user and open the terminal (command line) and edit the configuration text file


su -c 'gedit /etc/pam.d/gdm'

Locate the line that that read as follows:


auth required pam_succeed_if.so user != root quiet

Remove or comment out line by prefixing #.


# auth required pam_succeed_if.so user != root quiet

Save and close the editor. You should be able login as root user using GDM now.

How does this work?

Fedora uses Password Authentication Module (PAM) called pam_succeed_if.so. This module is designed to succeed or fail authentication based on characteristics of the account belonging to the user being authenticated. One use is to select whether to load other modules based on this test. This module blocks root login for GDM. You can toggle it on or off as necessary.