How to run a complete GUI as root?

Question

I don't care if I mess up the system (which is likely if I do things like this), or the potential security issues that this could imply. Note, that I don't just want to "enable root login?", but run my GUI from bottom-up as root. I don't want to type my password for anything but just for login and have total control over it.

Of course, I want any application running as root, like Firefox, LibreOffice, etc. without having to mess up with the terminal. So, how do I do this?

This question tries to address users that do not like the current permission system with root being separated from normal users. I do not endorse such behaviors, but if a user wants to, for whatever reason, this question should fit their corncerns.

Not advisable for new users

Answer 1

Read this before doing anything Why is it bad to log in as root?

First of all, you must set root 's password.

sudo passwd root
Enter new UNIX password:

Now you have root password. Now activate the root account:

sudo usermod -U root

Then you should allow lightdm, gdm or kdm to allow logging in as root.

To enable this:

In GDM

Edit /etc/gdm/custom.conf file and include AllowRoot=true.

Additionally, in newer versions of Ubuntu, you need to edit /etc/pam.d/gdm-password and comment out the line containing:

auth required pam_succeed_if.so user != root quiet_success

so that it looks like this:

#auth required pam_succeed_if.so user != root quiet_success

In KDM

Edit either /etc/sddm.conf or create the file /etc/sddm.conf.d/uid.conf and add/change MinimumUid for MinimumUid=0. It will show all users on the system including root.

In LightDM

This procedure enables the "Other" menu, so you can type the username root and login. You must edit /etc/lightdm/lightdm.conf and add greeter-show-manual-login=true. Then reboot.

Others session managers have other methods to accomplish this.

As you have noticed I gave the instructions but by any circumstance you should not run the GUI as root. Murphy's Law says that it is likely that you mess up somehow and will be annoyed starting again.

I played around enough, how do I go back?

To disable root login just type:

sudo passwd -dl root

Then revert the changes on the files above. Did it feel good having super-cow powers?

Answer 2

The top answer may have been accurate before, but I'm guessing Ubuntu has made changes for Kubuntu or Kubuntu just runs differently. I honestly find it a little annoying that Ubuntu keeps trying to take away or hide this option like any user who is insane enough to do this is not aware of the risks.

That being said, the directory /etc/kde4/kdm/kdmrc/ doesn't exist on Kubuntu 21.10. So, I found a work around in frustration. The first steps to set root password remain the same, obviously.

Using command, sudo passwd root to set a new root password. It's advisable to set a root password that's different from your user password and hard to guess for obvious reasons.

Preview of me setting a root user password:

Then run sudo usermod -U root to activate the root account

Now here's the major difference in Kubuntu. The directory /etc/kde4/ or any /etc/kde.../ does not exist in Kubuntu. /etc/pam.d/ exists, but the file you'll be editing is named sddm, not gdm-password

There's no such thing as /etc/kde/... :

You'll be editing one or both of the files under /etc/sddm/. Their contents are the same and so is the edit.

Preview of the contents in /etc/sddm/ directory:

• The file ./wayland-session (To enable root login if you're logging in with Wayland session in the Desktop Environment)
• The file ./Xsession (To enable root login if you're logging in with Xsession in the Desktop environment. This is usually the default when you install Kubuntu and most likely what you're using).
• Or you can edit both files.

Using the Terminal/console, navigate to /etc/sddm/ and open one of the files (I'll be using Xsession) by running sudo nano Xsession (Alternatively, you can just run sudo nano /etc/sddm/Xsession from any terminal screen).

Preview of the nano file editor commands and navigation commands:

The file opens. Using the arrow keys, carefully navigate to near the end of the text context (like the last 3 or 4 lines) just under;

esac

Add the following text as one line and save the file/changes (using ^X [i.e. CtrlX] and saying 'Yes/Y').

AllowRoot=true  

Preview of the file ./Xsession after editing:

The steps are the same if you chose to edit the file ./wayland-session instead.

The last step is to navigate to directory /etc/pam.d/ in the Tterminal and opening the file ./sddm using the command: sudo nano sddm

(Or just run command the single command sudo nano /etc/pam.d/sddm)

Preview of contents in the directory /etc/pam.d/ showing ./sddm:

In the opened file (./sddm), near the top (like the first 3 lines or so) we'll add the "#" symbol in front of the line:

auth    required        pam_succeed_if.so user != root quiet_success

This turns it into a comment so the computer ignores that line, so it becomes:

#auth    required        pam_succeed_if.so user != root quiet_success

Again close/save the file (with ^X/CtrlX).

file ./sddm before edit:

file ./sddm after edit:

Now go back to the lockscreen (log out or switch user) and log in as root. You may have to manually type "root" as username and use the root password you set earlier.

Now you're root.

When you're done, it's highly recommended to undo the file changes you made and deactivate root user password by running sudo passwd -dl root.

Answer 3

I've used nodm for this purpose on a LiveCD respin I had put together once upon a time.

sudo apt-get install nodm

Then configure it to enable and configure the user to use:

sudo vi /etc/default/nodm

Answer 4

My VPS Server is set up so I start with a terminal prompt which prompts me to login. The non-root account does not have sudo privileges. I have to login with the non-root account or the root account. Then I can start the GUI (Graphical desktop which uses xfce) by running startx. When I log out it closes the GUI and drops me back to the terminal.

To be clear I can run startx after logging in as root and it I will be running the entire desktop environment as root. Which as others have said is very dangerous because all software runs as root. So bad code in a program whether a security bug or malicious code can cause bad problems possible even letting a hacker in. So you don't really want to be using the web browser to browse the web. Maybe if you visit a webpage you own and manage it would be ok, but no one else's not even Google. If you just use it to manage and edit your files that should be OK. I can also run startx from a non-root account of course.

I set this up this way by stopping and disabling my display manager. This Linux OS is Ubuntu Server with xfce installed using tasksel.

Basically it was just a mater of switching from the TTY that had xfce running to a TTY that was terminal only. Then logging is as root and running:

systemctl stop lightdm
systemctl disable lightdm

Then restarting. Those 2 commands stop and disable the display manager.

You should be able to change it back to normal by running:

systemctl enable lightdm

Then restarting.

Now I said lightdm, but in your case it could be a different display manager instead, so you would put the name of that in place of "lightdm".

If you are using Wayland instead of The X Windows System the steps may be significantly different, I think Wayland uses a different command then startx to start the GUI.

Before I even saw this question I had already posted a tutorial on how to do this: https://www.deltafoxdesign.com/how-to/configure-linux-start-and-exit-gui.htm