1

While I know it's useless in practice as such system won't be usable, can't be fixed, no apps can be installed...etc but I would like to know is it possible to have an OS that has no root at all.

Assuming I use the chroot environment via cubic to do the following:

  • Create a normal user with addusr (without adding it sudo).

  • Modify the user root in /etc/passwd to

    `root:x:0:0:root:/root:/sbin/nologin

  • Remove the first line in /etc/shadow.

  • remove the gnome-terminal

  • Use full disk encryption

This leaving the system with only one non-sudo user.

Will there be any way to run commands, execute .sh scripts, install apps or do any harmful actions? in this case is logging in as root completely impossible?

Thanks in advance

user206904
  • 124
  • 3
    Logging as root is disabled in Ubuntu anyway. Normal user doesn't have sudo permissions. You can remove the user with sudo permissions as an experiment. – Pilot6 Aug 21 '19 at 13:39
  • I already did. the system as usable for firefox, thunderbird...etc (which is what I want). But I want to make sure there's no way to run commands or harm the os even after what I did. – user206904 Aug 21 '19 at 13:44
  • 1
    If a user have physical access to the system, they can boot from a LiveUSB or harm the system other ways. It makes no sense. It is better to have an admin user with a good password. – Pilot6 Aug 21 '19 at 13:46
  • is the live-cd/usb thing still valid if we assume that the system is encrypted with LUKS? – user206904 Aug 21 '19 at 13:54
  • 2
    Would you call it a harm if someone with physical access to the machine simply overwrite your drive with zeros so that all data and os is gone? – mook765 Aug 21 '19 at 14:23
  • @mook765, haha nice point you're right when it comes to the literal meaning of 'harm'. But in my case it's perfectly fine if the entire OS is gone, but if the OS shall remain, then it has to remain as is without modifications. Is the only risk in my described situation the format possibility? Also if the password has been leaked for such system and it has been decrypted and successfully logged in, can someone install anything(including key-loggers) without sudo? – user206904 Aug 21 '19 at 14:44
  • Remind that you don't need sudo when you can login as root while booted from USB. That's the point, if someone has physical access to the machine it just depends on the knowledge and effort of this person how far (s)he can go. Also there are unencrypted parts, bootloader for example, one could do something malicious over there. True is, the harder you lock up the system, the harder is it to crack it, I'd say that's out of scope of normal users. In your described case the user is able to run commands or sh-scripts but restricted to harm data he has write-access to. – mook765 Aug 21 '19 at 15:28
  • @mook765 Thanks a lot for your detailed explanation! I appreciate it. May i ask one final question please? ". In your described case the user is able to run commands or sh-scripts but restricted to harm data he has write-access to" Do you mean the user from the live usb, or the I created at step 1? if so, how can they run .sh scripts if they don't have privileges nor the gnome terminal? – user206904 Aug 21 '19 at 15:31
  • 1
    You should be still able to use a tty or a launcher (.desktop-file) to run commands which don't need sudo or a script in the home-directory. And i meant what you created at step 1 – mook765 Aug 21 '19 at 15:44
  • You can also double or right click on scripts to run them if you have nautilus set to execute scripts. – mchid Aug 22 '19 at 17:04
  • 1
    Would a write-locked boot disk that loads a live-cd distribution work for you? If your normal person managed to make changes to the in-memory part of the OS, a simple reboot restores the system to its pristine state. – doneal24 Aug 22 '19 at 17:23

2 Answers2

2

I don't think this is possible if the user has physical access. They can always boot into single user mode, which gives them a root prompt. They could then give any user sudo rights.

mchid
  • 43,546
  • 8
  • 97
  • 150
ianinini
  • 140
  • 6
  • You can always bypass the single user mode problem by setting the font color and background color to the same value in grub so that the user cannot see what they are doing in grub. – mchid Aug 24 '19 at 00:41
1

Will there be any way to run commands, execute .sh scripts, install apps or do any harmful actions?

Yes. See the list below.

in this case is logging in as root completely impossible.

Yes. You do need to do a couple more things.

  1. Encrypt the partitions. That prevents someone taking out the hard disk, cloning it and accessing scripts and data from another machine. Might be optional if all you are interested in that someone can not do it from your machine.
  2. Put up a password for entering bios. Then disable booting from external sources. This disables the ability to boot a live session.
  3. Disable GRUB to show up (ie. grub rescue could be used to get to root). Mind that this does not stop grub from showing a prompt if the boot disk errors out.
Rinzwind
  • 299,756