How to disable root access?
 

Hey everyone,

I've installed rootsh to mess around a bit. However, I realized that its been more than 6 years since I've used linux extensively, and I don't want to make my n900 a test device for that.

I tried to uninstall rootsh, but the uninstall does not work.

The quetion is how can I disable the root access now?

I've searched extensively but was unable to find an answer.

Re: How to disable root access?
 

Just dont use it. Its not like it permanently locks you in a root shell, you have to explicitly ask to become root.

Re: How to disable root access?
 

yeah that's true, until a curious friend or relative bricks it :P

Re: How to disable root access?
 

To be fair, a non-root user could still cause some nasty damage..

Assuming the rootsh package was used. The postinst script (which is run as part of the package installation) is:

#!/bin/sh -e

cp /usr/sbin/gainroot /usr/sbin/gainroot.old
echo '
#!/bin/sh
#From Andrey Gubarev easyroot.
trap exit SIGHUP SIGINT SIGTERM
PATH=/bin:/usr/bin:/sbin:/usr/sbin
if [ "$1" = "--use-su" ]
then
exec su -
else
echo "Root shell enabled"
/bin/sh
fi
' > /usr/sbin/gainroot
chmod 4755 /usr/bin/rootsh
exit 0

It seems that the package replaces the gainroot file in /usr/sbin
But the prerm script (which is called when the package is removed) does:

mv /usr/sbin/gainroot.old /usr/sbin/gainroot


But only if /usr/sbin/gainroot is executable..

try the following:

[ -x /usr/sbin/gainroot.old ] && echo "yeah, it is"

If it is executable, removing the package should remove root access.. If it isn't executable, the cp line in the postinst script is wrong.. it should be cp -p to ensure executable flags are copied too..

long and short, removing the rootsh package should remove root access via sudo gainroot

Re: How to disable root access?
 

I wasn't able to execute the script any other suggestions?

Re: How to disable root access?
 

That is a bit freaky!

On my device, the gainroot.old file (created with rootsh is installed) is executable..

Try this..
uninstall rootsh using package manager

sudo gainroot
(which is apparently still working, if not.. job done! :) )

dpkg -l |grep rootsh
(make sure it isn't installed anymore)

chmod 755 /usr/sbin/gainroot.old
chown root:root /usr/sbin/gainroot.old
mv /usr/sbin/gainroot.old /usr/sbin/gainroot

exit

that'll probably do it!

Can't see a reason why it wouldn't uninstall sucessfully! I still think the cp in the install script should be cp -p, but there you go!

Re: How to disable root access?
 

OT: is it me or is this programming language and stuff major boring *****?

i mean i am not dumb but seriously. its just friggin letters and symbols and combinations of it. i study math, which is quite the same actually. just dont see why i am doing that. and reading the coding stuff. cant get there with my mind.

Re: How to disable root access?
 

using the package manager I get the message: Unable to uninstall 'rootsh'

Re: How to disable root access?
 

Post the log from application manager here. And what does "I wasn't able to execute the script" mean anyway?

Re: How to disable root access?
 

ok

sudo gainroot
(which is apparently still working, if not.. job done! )
- this one still works

dpkg -l |grep rootsh
(make sure it isn't installed anymore)
- it's still installed

chmod 755 /usr/sbin/gainroot.old
chown root:root /usr/sbin/gainroot.old
mv /usr/sbin/gainroot.old /usr/sbin/gainroot
I run these and the old file is replaced. However, rootsh is still installed and even after a device restart I'm still able to gain root. Also in the package manager, rootsh is still shown as installe.

Re: How to disable root access?
 

That's because you didn't remove it at any point. Try to remove it as root from command line:
dpkg -r rootsh

If it doesn't work, copy&paste the output here.

Re: How to disable root access?
 

it didn't work.

The output is below:
(reading database ... 25649 files and directories currently installed)
Removing rootsh ...
/var/lib/dpkg/info/rootsh.prerm: line 5: syntax error: "fi" unexpected (expecting "then")
dpkg: error processing rootsh (--remove):
subprocess pre-removal script returned error exit status 2 Errors were encountered while processing:
rootsh

/home/user # ..............

ok any suggestions now? :P

Re: How to disable root access?
 

OK, rootsh package is broken, unbelievable.

But because you already manually did prerm script command, you can just delete it.

rm /var/lib/dpkg/info/rootsh.prerm

and then remove rooths package

Re: How to disable root access?
 

rm /var/lib/dpkg/info/rootsh.prerm worked.

finally rootsh succesfully uninstalled, thanks everyone :)

Re: How to disable root access?
 

Ok it's uninstalled now but I'm stil able to gain root access

Re: How to disable root access?
 

What is the content of gainroot files?

cat /usr/sbin/gainroot.old
cat /usr/sbin/gainroot

Re: How to disable root access?
 

The two files are identical.

Their content is below:


#!bin/sh
#From Andrey Gubarev easyroot
trap exit SIGHUP SIGINT SIGTERM
PATH=/bin:/usr/bin:/sbin:/usr/sbin
if [ "$1" = "--use-su" ]
then
exec su -
else
echo "Root shell enabled"
/bin/sh
fi

Re: How to disable root access?
 

Somebody bought the wrong phone.

Re: How to disable root access?
 

mark it. and waiting for study more.

Re: How to disable root access?
 

It sounds like there is a problem with your first premise. Unless there is a joke we missed??

Re: How to disable root access?
 

You should get the original file somewhere and copy it there. and remove gainroot.old. Unfortunately I have the same situation so I don't know the original file.

You coulld just place empty file as gainroot too.

Re: How to disable root access?
 

http://chris.intrepid.cx/N900/gainroot.old

Just scp'd from my phone :)

If you download it, remember to set it chmod 755

You can use it to replace /usr/sbin/gainroot (which appears to be the rootsh version! rootsh package needs some work :)

Before you copy it over, it might be worth pasting a copy of the file into a post here.. someone independent can verify I've not put something malicious in it :)

The md5 hash of the file can be verified using md5sum gainroot.old

8d30ec03fc1b8e6009b2e25c78fbc339

use md5sum gainroot.old to check your downloaded file matches this post

Re: How to disable root access?
 

haven't tried but this should work :P

#!/bin/sh -e
trap exit SIGHUP SIGINT SIGTERM
PATH=/bin:/usr/bin:/sbin:/usr/sbin

if [ -x /mnt/initfs/usr/bin/cal-tool ]; then
CALTOOL="/usr/sbin/chroot /mnt/initfs cal-tool"
else
CALTOOL="cal-tool"
fi

MODE=`$CALTOOL --get-rd-mode`
if [ x$MODE = xenabled ]
then
echo "Root shell enabled"
/bin/sh
else
echo "Enable RD mode if you want to break your device"
fi

Re: How to disable root access?
 

ok this worked last week perfectly and rootsh was uninstalled + root access disabled.

today i tried to reinstall rootsh, it installed but sudo gainroot is still asking for a password and just like last time the uninstaller through the app manager failed.

Re: How to disable root access?
 

Did you figure out how to disable it? I got it to uninstall the same way you did but I still have root access...