Hi,
These last two weeks I've been fiddling extensively with Proxmox installed on a pair of servers, a local and a public sandbox machine. So far things are running nicely. Currently I'm fine-tuning everything and sanding down the edges.
One of the steps suggested in many online tutorials is to replace the root account by a non-root account with admin rights. So this is what I did, and following the docs, I have a 'microlinux' user with admin rights. This user can connect to the web interface, create VMs and start and stop them, so everything seems fine. So I thought from there I could simply disable my root account altogether and manage things with my 'microlinux' user in the web interface and by using 'sudo' in the console.
Apparently the root user is still required to manage some operations. I just tried to generate a LetsEncrypt certificate on my public machine. This is an operation I have already successfully handled in the past on another public machine, using the root account.
But this time, when I try to make the first step and register an ACME account, I get the following error:
So I have to conclude that after all it's a bad idea to disable the root account, since it's apparently needed for some operations.
Any suggestions ?
These last two weeks I've been fiddling extensively with Proxmox installed on a pair of servers, a local and a public sandbox machine. So far things are running nicely. Currently I'm fine-tuning everything and sanding down the edges.
One of the steps suggested in many online tutorials is to replace the root account by a non-root account with admin rights. So this is what I did, and following the docs, I have a 'microlinux' user with admin rights. This user can connect to the web interface, create VMs and start and stop them, so everything seems fine. So I thought from there I could simply disable my root account altogether and manage things with my 'microlinux' user in the web interface and by using 'sudo' in the console.
Apparently the root user is still required to manage some operations. I just tried to generate a LetsEncrypt certificate on my public machine. This is an operation I have already successfully handled in the past on another public machine, using the root account.
But this time, when I try to make the first step and register an ACME account, I get the following error:
Code:
Permission check failed (user != root@pam) (403)So I have to conclude that after all it's a bad idea to disable the root account, since it's apparently needed for some operations.
Any suggestions ?