# How do I create a non root user and still execute programs?

## dman777

I made an non root account for myself. The only problem is that I am having problems executing programs. All the programs that I have checked have r-x for 'other users' in permissions. But there are many programs that I can not run still. For starters, when I run compiz fusion I get a "error: can not load plug in dbus". And when I try to execute firefox I get a "can not find an open window". I edited my /etc/group file and put non-root user name on everything that has the word root on it(except the actual root profile itself) and this helped out alot. But I am still having problems. I am not using a Desktop manager, strictly command line. So, how do I create a non root user and be able to execute programs?

----------

## bunder

can we see the output of "id"?

cheers

----------

## dman777

sure.

 uid=1000(dman) gid=1000(dman) groups=1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),27(video),33(xfs),1000(dman)

----------

## bunder

you shouldn't need all that...

```
uid=1001(chris) gid=100(users) groups=10(wheel),16(cron),18(audio),19(cdrom),27(video),80(cdrw),85(usb),100(users),250(portage),1005(wireshark)

```

you probably only need wheel and users,  audio/cdrom/cdrw/video/usb if you use the machine as a desktop.  to do any root stuff, just run "su" and enter the root password.  or you can install sudo.   :Wink: 

to get you going, i would drop the "dman" group and add yourself to the "users" group.

cheers

----------

## schiotz

 *dman777 wrote:*   

> I made an non root account for myself. The only problem is that I am having problems executing programs. All the programs that I have checked have r-x for 'other users' in permissions. But there are many programs that I can not run still. For starters, when I run compiz fusion I get a "error: can not load plug in dbus". And when I try to execute firefox I get a "can not find an open window". I edited my /etc/group file and put non-root user name on everything that has the word root on it(except the actual root profile itself) and this helped out alot. But I am still having problems. I am not using a Desktop manager, strictly command line. So, how do I create a non root user and be able to execute programs?

 

The two things are different problems.  The dbus stuff might have something to do with dbus not being installed or not running (but I admit that I am guessing here).  Try starting it (as root) with the command

```

/etc/init.d/dbus start

```

Then try your program again.  If it works, that was indeed the problem, and you need to make dbus start automatically on boot:

```

rc-update add dbus default

```

(again, do this as root).

The message from firefox is not an error.  When firefox starts, it checks if it is already running, and if so it just opens a new window without starting firefox again.  If it is not running, it prints something like the message you quote, and starts a new process.  It can take 10-15 seconds from the message till firefox starts.

/Jakob

----------

## dman777

No, the dbus is running. I double checked. Thanks though.

Man, with my non root user account, the only thing I can execute is Xinit(I can't even do a reboot). Everything else will not execute. Even after I put my account name everywhere in /etc/group (except next the root::0 :Smile: . All the executables have r-x listed for 'other users' in permissions. So it makes no sense. Gentoo is pretty hard core about security so this has to be a Gentoo thing somewhere. Is it possible gentoo has some kind of extra flag somewhere that I need to change?

----------

## bunder

okay, lets start fresh.

userdel dman

rm -rf /home/dman (note: if you have any stuff you put there yourself, you might want to back it up somehow beforehand)

useradd -m -g users -G audio,video,usb,cdrom,cdrw,wheel dman

passwd dman (set your password)

log in as dman and run startx (or if you use xdm/kdm/gdm, just log in)

cheers

----------

## Hu

 *dman777 wrote:*   

> (I can't even do a reboot).

 

That is normal.  A regular user should not have the right to bring down the machine.

 *dman777 wrote:*   

> Everything else will not execute.

 

Please provide the exact error message from such a program.

 *dman777 wrote:*   

> All the executables have r-x listed for 'other users' in permissions.

 

That is normal, also.  That says that "other users" have permission to read the content of the file and to run the file as a program.

----------

## dman777

 *Quote:*   

> That is normal, also. That says that "other users" have permission to read the content of the file and to run the file as a program

 

Isn't my non-root account an 'other user'? If so, with the r-x it should be able to execute a progam- right?

----------

## Genone

 *dman777 wrote:*   

>  *Quote:*   That is normal, also. That says that "other users" have permission to read the content of the file and to run the file as a program 
> 
> Isn't my non-root account an 'other user'? If so, with the r-x it should be able to execute a progam- right?

 

Yes. The permissions aren't your problem if you really can't execute most programs as non-root. As has been said, exact error messages are needed to figure out what's wrong with your setup.

----------

## dman777

 *bunder wrote:*   

> okay, lets start fresh.
> 
> userdel dman
> 
> rm -rf /home/dman (note: if you have any stuff you put there yourself, you might want to back it up somehow beforehand)
> ...

 

Of course this worked....thanx. But why wouldn't it work when I directly edited the /etc/group file?

----------

## tarpman

 *dman777 wrote:*   

> Of course this worked....thanx. But why wouldn't it work when I directly edited the /etc/group file?

 

Probably the changes weren't synced over to the corresponding shadow file, gshadow(5).  Manually running grpconv(8) would have fixed that problem.

Also - you didn't specifically say that you did this, but I'll mention it for safety's sake: don't directly edit /etc/passwd or /etc/group; use the vipw(8) and vigr(8) commands instead.  Even better, to modify group membership, use gpasswd(1).

----------

