Does Zimbra needs root login enabled ?

General discussion about Zimbra Desktop.
gustavobap
Posts: 22
Joined: Mon Aug 17, 2015 7:34 am

Does Zimbra needs root login enabled ?

Postby gustavobap » Mon Aug 17, 2015 7:43 am

I have disabled the root login in my server for security reasons. Now there are some logs at /var/log/auth.log



Aug 17 09:25:01 angra CRON[29127]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 17 09:25:01 angra CRON[29127]: pam_unix(cron:session): session closed for user root
Aug 17 09:25:54 angra sudo: zimbra : TTY=unknown ; PWD=/opt/zimbra ; USER=root ; COMMAND=/opt/zimbra/libexec/zmmailboxdmgr status
Aug 17 09:25:54 angra sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Aug 17 09:25:54 angra sudo: pam_unix(sudo:session): session closed for user root



this is repeate every 2 minutes. Is this related to disabling the root ? 



Thank you



phoenix
Ambassador
Ambassador
Posts: 26448
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Does Zimbra needs root login enabled ?

Postby phoenix » Mon Aug 17, 2015 7:48 am

Yes, you need it enabled.


Regards

Bill

Rspamd: A high performance spamassassin replacement

If you'd like to see this implemented in a future version of ZCS then please vote on Bugzilla entries 97706 & 108168
gustavobap
Posts: 22
Joined: Mon Aug 17, 2015 7:34 am

Does Zimbra needs root login enabled ?

Postby gustavobap » Mon Aug 17, 2015 7:56 am

Thanks for the response. I have diabled it because I hava accidentally set the password with sudo passwd

But I belive initally the login was already not allowed by default.

I ran the following (ubuntu server 14.04)



sudo usermod -p '!' root

sudo passwd -l root



Do you know how to enable it again without setting a password ? I didn't get how these are related because zimbra does not know the password.
gustavobap
Posts: 22
Joined: Mon Aug 17, 2015 7:34 am

Does Zimbra needs root login enabled ?

Postby gustavobap » Tue Aug 18, 2015 9:55 am

phoenix, are you sure zimbra needs it ? Can you point me some documentation I can't find anything on docs or google
chauvetp
Outstanding Member
Outstanding Member
Posts: 350
Joined: Fri Sep 12, 2014 11:28 pm

Does Zimbra needs root login enabled ?

Postby chauvetp » Fri Aug 21, 2015 8:26 am

Postfix runs as root at the very least. Root access is needed to start Zimbra since Liunx/UNIX requires low ports (below 1024) to be started by (not necessarily running as) root.



That being said, I don't think Zimbra needs to login as root, but it needs to have sudo access to run certain commands. You should easily be able to set a different password for root if your're concerned about the password. You can also review the commands that Zimbra runs as root via the /etc/sudoers file (though I would strongly recommend not changing anything placed there by Zimbra's setup).

Return to “General Questions”

Who is online

Users browsing this forum: No registered users and 7 guests