HPE Community
Operating System - HP-UX
1819803 Members
3098 Online
109607 Solutions
New Discussion юеВ

reasons for /root as home directory for root

 
NMCI Group
Advisor

тАО04-14-2004 02:59 AM

тАО04-14-2004 02:59 AM

reasons for /root as home directory for root

I am curious about the reasons for making root's home directory /root. I know one reason is simply less clutter in /. This makes sense to me and is a good enough reason for me, however, I have also seen people claim it should be done for security reasons. I have not seen what those reasons are though. If anyone knows the security reasons for doing this or any other reasons please post them.
0 Kudos
Reply
11 REPLIES 11
Naveej.K.A
Honored Contributor

тАО04-14-2004 03:03 AM

тАО04-14-2004 03:03 AM

Re: reasons for /root as home directory for root

I don't see any security reasons, but something you boot in single user mode or lvm maintenance mode, the shell and the home directory should be accessible. One reason i find a / and /sbin/sh entries in the /etc/passwd for the root.

with best wishes
Naveej
practice makes a man perfect!!!
0 Kudos
Reply
Patrick Wallek
Honored Contributor

тАО04-14-2004 03:11 AM

тАО04-14-2004 03:11 AM

Re: reasons for /root as home directory for root

I actually like to have root's home directory in /home/root. I do this so that I don't accidentally fill up / if I write something to root's home directory. I am not a big fan of just using /root for this reason.

The home directory does NOT have to be available when booting in single-user mode. On machines I have /home/root I have never had a problem booting in single-user mode.
0 Kudos
Reply
Ashwani Kashyap
Honored Contributor

тАО04-14-2004 03:18 AM

тАО04-14-2004 03:18 AM

Re: reasons for /root as home directory for root

one reason I could see is if you are trying to remove files or directories specially from within a script and something has to go wrong , only /root will be effected rather than the whole / .
0 Kudos
Reply
Jeroen Peereboom
Honored Contributor

тАО04-14-2004 03:19 AM

тАО04-14-2004 03:19 AM

Re: reasons for /root as home directory for root

L.S.

If you have a /root directory you can protect it as you wich (e.g. chmod 700 /root). I don't know how far you can protect /.
All your .-files (.dt, .profile, .sh etcetera) will be in the new homedir of root i.s.o. /.

I recently switched my root homedir to /root.
The main reason is that I want a separate directory for root's files (documents and .-files), so I made it a homedir.

JP.
0 Kudos
Reply
Massimo Bianchi
Honored Contributor

тАО04-14-2004 03:25 AM

тАО04-14-2004 03:25 AM

Re: reasons for /root as home directory for root

Hi,
one simple reason is to prevent accidental destruction of your system.

let's suppose that you issue a

cd NOT_EXISTENT_DIRECTORY

in some system this will lead you to your home directory, or leave you there (in your home). It could be the first line of a script, for example...

What if the second command would be a "rm -rf *", to do a proper cleanup ?

There are also the other reasons, to prevent the filling up of /, of course...

Regards,
Massimo
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО04-14-2004 03:37 AM

тАО04-14-2004 03:37 AM

Re: reasons for /root as home directory for root

Just to drive you mad, i kinda use both.

The actual home directory is /root

The reasons are similar to those noted above. It removes clutter. Its there if the /home filesysem is gone, ie single user mode. Anything i really might need in single user mode, even if its basic documentation, thats were it goes, because in single user mode, or lvm maintenance mode, you may not be able to mount any other filesystems.

In /home/root I store bigger stuff, scripts in progress and stuff i probably won't need in single user mode.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Fred Ruffet
Honored Contributor

тАО04-14-2004 04:13 AM

тАО04-14-2004 04:13 AM

Re: reasons for /root as home directory for root

Another point is that many security file for one user resides in his home directory : .profile, .rhosts, .procmailrc and so on.
If you have .rhosts for root world readable in / directory, users will see what machine name, and username you grant access to. Then install a Linux box with the good name, create a user with the right name, and let's rsh... It might not be a security hole, but it might let see where are security potential holes.
--

"Reality is just a point of view." (P. K. D.)
0 Kudos
Reply
Mark Greene_1
Honored Contributor

тАО04-14-2004 04:26 AM

тАО04-14-2004 04:26 AM

Re: reasons for /root as home directory for root

I, too, use both / and /home for root. I have the commandline history log to a directory under /home. If I ever have a problem with this, I can unset the FCEDIT and HISTFILE variables.

Another trick that I've not tried is to make /home/root the home dir, and actually create a /home/root directory with the /home file system not mounted. The net affect is that when /home is mounted, things work as expected, and when /home is unmounted, the directory path is still really there.

mark
the future will be a lot like now, only later
0 Kudos
Reply
dirk dierickx
Honored Contributor

тАО04-14-2004 06:46 PM

тАО04-14-2004 06:46 PM

Re: reasons for /root as home directory for root

you should put your root home in /root. /home/root is not always a good idea because /home can be another filesystem which might cause problems if you boot into single user mode once every two years ;)

ofcourse just creating /root and putting everything in there does not cut it. by default all home directories are accessable by all users, if you leave the defaults like that it is not that much more secure (chmod 700 like mentioned in previous post).

also it is nice to keep a seperate home for root not to clutter up your / view. (try doing an ls on / on a busy system running for +3 years)
0 Kudos
Reply
Fred Martin_1
Valued Contributor

тАО04-15-2004 02:19 AM

тАО04-15-2004 02:19 AM

Re: reasons for /root as home directory for root

This is from the HP manual "HP-UX 11i Version 1 Installation and Update Guide" under "Cold Install" ...

"Consider creating a root home directory that is not /. This keeps the user root dot files out of the / directory. Make sure it is on the root volume by not locating it under the mount point of the file system. A good name to use is /homeroot (not /home/root) as /home is often a mount point. This is especially important if you are using LVM or VxVM and /home is a seperate volme."

Not much there for a reason other than the dot files.
fmartin@applicatorssales.com
0 Kudos
Reply
Rory R Hammond
Trusted Contributor

тАО04-15-2004 03:27 AM

тАО04-15-2004 03:27 AM

Re: reasons for /root as home directory for root

If you are working constantly on the system. It is likely that you will make a mistake that compromises security with root's home as /.
You have to make sure your umask is strong. As root you might want a private work area, /, /tmp, /var/tmp is not the place.
(a comment) I know that .sh_history is a nice. If you are careless and make it readable by world, It may help intruders look for possible weakness.

My root home is /. However, I do most of my work as my regular user ID and sudo to root. for the admin things. IF I camped out on the systems as root, I would have roots home /root.

Rory
There are a 100 ways to do things and 97 of them are right
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.