Hey guys. I’m new to Linux and I’m running Linux Mint 21.2 Cinnamon. Yesterday I have f*cked up. I was testing things in users and geve myself standart priveledges insted of Admin ones I had from beggining and then restarted PC. I then tried log back into users tab and change myself back to Admin but even tho the password is correct It says that it is not. /So at this point there is only one user in PC who has standart privliedges and no Admin./ I then tried to access root via terminal and this time It said that I don’t have permision to do that. And this is where I’m at right now. Please help get back my admin privliedges.

Edit: Issue is fixed. I started GRUB and changed my password which fixed the whole issue. Once again big Thank you to everyone who gave me tips and also big thank you to the guy who started posting about rowing machines. You all wonderful.

    • MJRul3s@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      11
      ·
      1 year ago

      Thanks. I will try that when I get home from work and give you my feedback.

    • timespace@lemmy.ninja
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      7
      ·
      edit-2
      1 year ago

      Wait wtf? You can just reset root password that easy? What’s even the point of having a password, if all of your data and info is so easily accessed if someone gets physical hold of the machine. I guess so software/remote hackers can’t get your stuff, but still. This seems wild to me, I dunno.

      New to Linux so I’m sorry if I’m being ignorant, but it does seem crazy you can get access to a machine without the password.

      Edit: Thanks for all the comments below! I guess I’ve been spoiled by BitLocker in Windows being enabled by default and not having to think of disk encryption. Appreciate everyone’s time and responses!

      • Wangus@startrek.websiteB
        link
        fedilink
        arrow-up
        48
        ·
        1 year ago

        There needs to be some mechanism to recover your machine should this happen. It’s not that much more difficult to do it on a windows machine either.

        The truth of the matter is is if somebody has physical access to your machine it’s not your machine anymore. They can pull out the hard drive and plug it into a machine that they have a password for and read from it if it’s not encrypted. So on and so forth.

        • Resolved3874@lemdro.id
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Which is why you never throw away a computer with the drives in it and you never throw drives away without physically destroying them. Don’t give other people the chance to see your weird shit.

      • Case@unilem.org
        link
        fedilink
        English
        arrow-up
        31
        ·
        1 year ago

        If an attacker has physical access then you’re already screwed in most cases.

        • nyan@lemmy.cafe
          link
          fedilink
          English
          arrow-up
          15
          ·
          1 year ago

          Pretty much. Even if an attacker can’t boot your system, if they have physical access they can just pull your hard drive and mount it on a system they can boot. Only encryption can prevent this. Linux security was originally meant for keeping unprivileged accounts on multiuser systems from messing things up for others on the same machine. It can stretch to some other use cases, but is not a panacea for everything.

          • tetha@feddit.de
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            1 year ago

            And even password based disk encryption can be defeated with 2-3 physical accesses if an organization wants to hard enough. Keyloggers can be very, very sneaky.

            At that point you’d have to roll something like Yubikey-based disk encryption to be safe, because this re-establishes control over some physical parts of the system. Until they find the backup Yubikey you had to not lose all data by losing the primary key you’re carrying around to maintain control over it.

            It’s not a battle the defending side can win.

        • Chickerino@feddit.nl
          link
          fedilink
          arrow-up
          10
          ·
          1 year ago

          that is unless you’re running disk encryption, in which case your data (and in most cases your OS) is safe from unauthorized access, although there is not much to stop them just wiping it or running their own os on it lol

      • zero_gravitas@aussie.zone
        link
        fedilink
        English
        arrow-up
        25
        ·
        edit-2
        1 year ago

        New to Linux so I’m sorry if I’m being ignorant, but it does seem crazy you can get access to a machine without the password.

        This is always the case, no matter what OS you use, unless you use full-disk encryption. User credentials are all just data on a disk, so if someone has physical access to your machine, and your disk isn’t encrypted, then they can access (and change) those credentials or any other data.

        See also: https://ostechnix.com/reset-windows-password-with-linux-live-cd/

        What’s even the point of having a password

        As you say, preventing remote access is one, but also a password will slow someone down a bit, and stop low-knowledge adversaries entirely, possibly. Also you will at least know someone has messed with your machine if they change the password.

        Really, though, there’s nothing malicious someone can do to an unencrypted computer by changing the password that they couldn’t do without changing the password (copy all your files, delete all your files, install malicious software). Except I guess annoying you by making you change your password back. 😆

      • NaN@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        16
        ·
        edit-2
        1 year ago

        Linux can do it to Windows machines too. If it’s not encrypted, USB drive is all it takes.

        If it’s not encrypted, a live usb can read all the data on any machine anyway.

      • The Octonaut@mander.xyz
        link
        fedilink
        arrow-up
        11
        ·
        1 year ago

        I believe it’s better not to pretend that an OS password is a secure protection of your data when physically access can just mean - I don’t like that OS, I’m going to put on this OS instead, or indeed, I don’t like this PC, I’m going to put your data in this PC instead.

        Remember, most PCs can become someone else’s PC just by plugging in the right USB key. In fact most Linux users will know that, having literally done this themselves.

      • Nibodhika@lemmy.world
        link
        fedilink
        arrow-up
        10
        ·
        1 year ago

        Yes, there are other ways of doing it as well, you can plug in a live iso and chroot into your proper root and change it for example. This is why you can put a password on GRUB and on your BIOS, even if both of them have passwords, someone can remove your disk plug it into another machine and access your data. Long story short if someone has physical access to your machine is essentially game over. And BTW this is also true for Windows, physical access to the machine has always been considered game over because the person can simply remove the disk and plug it in another system, so any software solution is useless.

        This is why encryption is important, if your disk is encrypted putting it in another machine gives garbage unless you know the encryption key, making root rw (as in the link) is useless because you still need to decrypt the disk to access it, plugging a live iso is pointless because unless you know the encryption key you won’t be able to chroot into the system. But for most people the fact that no one untrustworthy will ever be physically near your computer is enough to not warrant extra measures of security, not to mention that most people don’t have data that could be problematic if leaked (e.g. source code for a large company) and those who do have their drives fully encrypted.

        • timespace@lemmy.ninja
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          Not exactly true on Windows. BitLocker is enabled by default when signing in with an MS account, which is what I’ve done for nearly a decade and I think is the cause of my confusion. I’m just use to encryption being enabled by default and not having to think about it.

          • Nibodhika@lemmy.world
            link
            fedilink
            arrow-up
            1
            arrow-down
            2
            ·
            1 year ago

            I have NEVER seen personal windows with encryption, I have dual booted and retrieved data from windows computers for everyone else since forever and have never ever seen an encrypted drive. I’m sure some people do encrypt theirs but it’s definitely not on by default, same as on Linux where it’s one click during the installation that most people don’t click.

            • timespace@lemmy.ninja
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              1 year ago

              It’s enabled by default when you login to windows with a Microsoft account, which they very rudely push on you and make it very difficult to login with a regular local account.

              • Auli@lemmy.ca
                link
                fedilink
                arrow-up
                1
                arrow-down
                3
                ·
                edit-2
                1 year ago

                Not as far as I know. I’ve logged in with MS accounts on Windows and still been able to read the disks. Ok Windows 10 and above last one I used was 8.

      • ourob@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        Account passwords have never had the purpose of protecting data from physical access - on Linux or any other operating system that I’m aware of. Physical access means an attacker can pull your drive and plug it into their computer, and no operating system can do anything to block access in that scenario, because the os on disk is not running.

        You need disk encryption to protect your data. The trade off is that if you forget the encryption password, your data is unrecoverable by you. But that’s what password managers are for (or just writing it down and putting it in a safe).

      • Auli@lemmy.ca
        link
        fedilink
        arrow-up
        6
        ·
        edit-2
        1 year ago

        Just as easy or easier on Windows since it has a GUI. If someone has physical access to your machine your basically screwed. Unless encrypted they could just pop the drive out and put it in another machine also. Also what is more likely for the average user someone comes in and tries to hack your password physically or something gets into your machine and someone tries remotely.

      • sznio@lemmy.world
        link
        fedilink
        arrow-up
        6
        ·
        1 year ago

        Unix was originally a networked system that many terminals would connect to. Being able to actually reach the machine meant that you had authority.

        It’s the same today. If someone has physical access, the system is so screwed that you can just give total privileges anyways.

      • MJRul3s@lemm.eeOP
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        I quess if you really want to secure your device you shloud use encryption to encrypt your data and/or make something that wipes all your data in case someone tries to log into your device but that’s only when you have something really important to hide.

        • Agility0971@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          well, a computer contains sensitive information so it should always be encrypted. Even if you think you have nothing to hide

      • dark_stang@beehaw.org
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        If somebody had physical access to a machine, they can get into it. If you want your data secured l, use encryption as others have suggested.

  • Nibodhika@lemmy.world
    link
    fedilink
    arrow-up
    29
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Someone has already given you a guide on how to change the password via grub params, however that might not be necessary. It’s important that when you ask these questions you provide the exact command you’re using and the exact things you changed, what I assume happened is that you removed yourself from the wheel group (which in Mint might be listed as Admin privileges), this is important because the sudo command (unless you’ve customised it) only works for members of the wheel group. Then you said you tried to access the root via terminal and it told you you didn’t have permissions, I’m 99% sure that you tried something with sudo here, which will no longer work because your user is not an admin anymore.

    So are you screwed? Nope, you can access the root user without the need for sudo. Most people when they want to have a root shell use sudo su, in that command su is the actual part that lets you login as root (in fact su is short for Switch Substitute User, and you can switch to any user using it. Fun fact sudo is a short for Switch Substitute User and DO, so that you can run things as root without needing to login as root). As you might have already guessed just running su and putting the root password should work. Then why do people use sudo su? Because sudo su will ask you for YOUR password, whereas su asks you for the ROOT password (which in most servers is different, but most home computers is the same). You set the two of them when installing the system (in fact it’s very likely that you ticked a checkbox that said something like “use the same password for the root account”).

    Edit: The correct therm used in the su manual is Substitute not switch as someone mentioned in a reply.

    • Ghoelian@feddit.nl
      link
      fedilink
      arrow-up
      15
      ·
      1 year ago

      Huh, I always thought su stands for super user, but apparently it actually stands for substitute user (according to the manpage)

      • SpaceCadet@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        20
        ·
        1 year ago

        I don’t think “substitute user” is the original meaning, and it’s more like a retroactively applied acronym.

        Looking at various old Unix manpages, it said various things in the past. In the HP-UX documentation it even lists three different variants in the same man page: “switch user”, “set user” and “superuser”.

        “superuser” is probably the original meaning, because that’s what it says in the Unix Manual 1st edition (1971): http://man.cat-v.org/unix-1st/1/su

        NAME	su -- become privileged user
        SYNOPSIS	su password
        DESCRIPTION	su allows one to become the super--user, who has all sortsof marvelous powers. In order for su to do its magic, the user must pass as an argument a password. If the passwordis correct, su will execute the shell with the UID set to that of the super--user. To restore normal UID privileges,type an end--of--file to the super--user shell
        

        I love Unix archeology :)

      • ardorhb@kbin.cafe
        link
        fedilink
        arrow-up
        7
        ·
        edit-2
        1 year ago

        You can do su to change the user in the current shell. Afaik it just defaults to root if no user ist specified. Everytime you run su you actually do su root

        That said I always thought that it stands for switch user so intereresting to know that it‘s substitute.

      • r00ty@kbin.life
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        I’ve heard people call it superuser since before Linux (AIX Unix a long time ago for example).

        But substitute user makes sense since you can su to any user (just root is the default).

    • Bene7rddso@feddit.de
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      Usually the root password isn’t set at all, and the only way to use rootprivileges is sudo. But OP isn’t screwed, they can use a Live CD and chroot

  • NaibofTabr@infosec.pub
    link
    fedilink
    English
    arrow-up
    16
    ·
    1 year ago

    I will also offer some help…

    Next time you’re “testing things” set up a VM and test there. Don’t test things on your primary OS/place you can’t just wipe and start over.

        • MJRul3s@lemm.eeOP
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          Already tried that yesterday and my last back up is three days old. But timeshift needs password and when I entered it. The Timeshoft said that I don’t have permision to open it.

          • Reborn2966@feddit.it
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            right it still require root privileges…

            well if you boot from a usb key and you have a btrfs file system, you could manually restore the snapshot. this would bypass the password

    • axzxc1236@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      If there is docker image for what you need, use docker image.

      If not I would recommend systemd-nspawn, it’s chroot but can run systemd init, with efforts you can run GUI applications from it too., wiping that is just sudo rm -rf.

  • joyofpeanuts@beehaw.org
    link
    fedilink
    English
    arrow-up
    14
    ·
    1 year ago

    I have fucked up somewhat like you in the past and needed to repair my system. In Linux you can boot into runlevel 1, single-user mode, where you are effectively root and can remove the root password, the re-enter one after you boot in the usual runlevel again. See these links: https://www.debuntu.org/how-to-recover-root-password-under-linux-with-single-user-mode/ https://www.debuntu.org/how-to-change-boot-runlevel-with-grub2/ https://www.geeksforgeeks.org/run-levels-linux/

    • MJRul3s@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Basically same method Saik0 posred later on. Will try that when I’m home and give my feedback. Thanks.

  • curioushom@lemmy.one
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Are you trying the terminal commands with sudo? You could also try logging in as root user with the password you used during setup.

    • MJRul3s@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yeah I already tried sudo root via terminal but when I entered the password It said I don’t have permision to do that. I can’t even change my password to something new in desktop. But I can try setup login once I’m back home.

      • Zeppo@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        edit-2
        1 year ago

        sudo should only ask for your user password. What do you mean “sudo root”? Do you mean “su”? That would require the root password.

        • SatanicNotMessianic@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          It’s been a little while but he probably didn’t finish setting up sudo so there’s no sudo users file of approved users.

          I would just try su.

          • Zeppo@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I’ve had to set it up manually. May depend on the distro, I suppose. su won’t work without the root password.

            • SatanicNotMessianic@lemmy.ml
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              When I’d set systems up, creating a password for the automatically created root account was one of the first steps in the process after setting up the basics. You could then set other accounts to have root privileges, or set up sudo to allow your personal account access via sudo, but even sudo acts as UID 0. If your setup didn’t do that, or if you set your account name up as UID 0, then you can always boot off of another source and mount the internal hd, right?

              • Zeppo@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                2
                ·
                1 year ago

                It’s a matter of distro and the installation process. I must note, I installed Linux dozens of times from 1999-2012 and not as much since then. Back then, while of course one set the root password, it didn’t ask about sudo privileges during installation of Debian, Ubuntu or Mandrake. And yes, that’s true, you can always boot from a different installation (such as a Live CD) except it is more complex if it is an encrypted filesystem.

        • MJRul3s@lemm.eeOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Yeah man I tried. But I don’t have permision even tho I entered the right password.

          • curioushom@lemmy.one
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            You can reinstall the OS without overwriting your home partition or any other data partition. That’s always an option.