Missing login screen on startup, not even user selection.

Hello,

My uncle installed Zorin Lite onto an old laptop for my mother, and there's one issue that stumps us.

The laptop has two users - my own with admin privileges, and my mother's. On startup, it bypasses the login screen and always logs into my user, and doesn't even ask for the password. I can log off and log into my mom's user, then shut down and it'll still log into my user on startup. Neither my nor my mother's user settings have the "don't ask for password on login" box checked.

Any idea how to fix this issue?

On a separate note, to avoid creating a separate topic, is an antivirus needed on Zorin OS, and if so what would be the recommended one? I know most viruses are made for windows, but some might be platform-agnostic and take advantage of Firefox or Chrome vulnerabilities, right?

Is the graphics chipset intel?:

https://forum.xfce.org/viewtopic.php?id=13413

Also check the settings that something has not come undone - you said your uncle installed and not you.

As for AV install Clam Gtk and set it to autoupdate.

You should also install rootkit checkers - chrootkit and rkhunter.

My preferred secure browser is Firefox.

Is the graphics chipset intel?:

https://forum.xfce.org/viewtopic.php?id=13413

It's an intel (4500mhd to be precise), but the problem is very different from the one you linked. For me it has nothing to do with suspend but with full shutdown, plus it doesn't come up as "locked" but simply skips the login screen entirely and logs in by itself into my account.

Also check the settings that something has not come undone - you said your uncle installed and not you.

I checked the User settings, what other settings could be at fault? My only experience with Linux has been supporting applications as a developer at work - terminal only. No experience with Linux GUI or Linux administration

As for AV install Clam Gtk and set it to autoupdate.

You should also install rootkit checkers - chrootkit and rkhunter.

My preferred secure browser is Firefox.

Thank you for the recommendations!

Hello,

My uncle installed Zorin Lite onto an old laptop for my mother, and there's one issue that stumps us.

The laptop has two users - my own with admin privileges, and my mother's. On startup, it bypasses the login screen and always logs into my user, and doesn't even ask for the password. I can log off and log into my mom's user, then shut down and it'll still log into my user on startup. Neither my nor my mother's user settings have the "don't ask for password on login" box checked.

Any idea how to fix this issue?

Honestly... If it was me, I would back up any personal data and do a complete wipe and reload. For a log in issue as you describe, it would be more problematic to try to fix it than to do a fresh installation.
I got in the habit of saving a list of the software I always install after doing a wipe and reload, as well. That way if I have to re-install my O.S., I go down the list and add all my needed software in one go, too.

Hello again, been busy so haven't gotten around to working on the laptop until now. For the login issue, I think rather than trying to fix it I'll try the workaround of creating a new admin user with all the privileges and setting my current user to be non-admin.

Are there tutorials on where to get / how to install programs (Clam Gtk, chrootkit, rkhunter) on Zorin for someone who's never installed a Linux program before?

I assume firewall wise, default firewall in Zorin Lite is sufficient (once enabled)?

Hello again, been busy so haven't gotten around to working on the laptop until now. For the login issue, I think rather than trying to fix it I'll try the workaround of creating a new admin user with all the privileges and setting my current user to be non-admin.

Neat solution.

I assume firewall wise, default firewall in Zorin Lite is sufficient?

For normal use, yes. You may want to ramp it up if you are doing something special.

Are there tutorials on where to get / how to install programs (Clam Gtk, chrootkit, rkhunter) on Zorin for someone who's never installed a Linux program before?

I am sure they exist but I do not know specifically where.
This site has excellent tutorials in general:
https://www.linuxbabe.com/
But, we can cover that here and now and you can keep on asking questions for clarity.
Unlike MS, there are many methods of installation on Linux.
Let's not worry about Manual installs for now. But we can cover that later if you like.
First, if you haven't already, install Synaptic Package Manager:

Code:

sudo apt-get install synaptic

Synaptic opens with your password.
Once you have the screen loaded, use SEARCH to search for the package you want. You will get a list- so navigate to the Actual Package Name that you want. Click and select Mark for Installation and it will then give a list of any dependencies it must install along with it. You can then accept.
To complete the installation, select Apply on the upper toolbar.
The same goes for Uninstallation- But ALWAYS READ WHAT IT IS UNINSTALLING ALONG WITH IT. Some integrated packages can take your desktop environment with it. If in doubt, wait and ask.
You may download packages that have the extension ".deb" for debian packages. On Zorin, you may double click these or right click them and select "open With" to open them with Software Installer.
Last and Most Used:
Repository and Terminal installations. In order to install from terminal, you must have access to the repository for that package. You may get access by downloading and installing a key or by adding the repository openly in your /etc/apt/sources.list.
Simply,

Code:

sudo apt-get install <PACKAGE NAME>

will work for anything in the Ubuntu Main repository, such as the above example to install synaptic. Often, I find out if it is there simply by trying to install it from terminal first.
So,

Code:

sudo apt-get install clamav

Code:

sudo apt-get install rkhunter

If it cannot find the package, you can search on the Duck (duckduckgo) to find its repository and use

Code:

sudo add-apt-repository ppa: <REPOSITORY URL>

OR, you can try searching for it in Synaptic.

You can search for debian packages here:
https://pkgs.org/
I use this source a LOT. Primarily because I have many packages held, and do not want them "upgraded."
You can install the packages from that site using the double click method I mentioned above and using Software Installer.
Or, in terminal with

Code:

sudo dpkg -i <PACKAGE NAME>

To get the exact package name for the above, I right click the package I downloaded, select "rename" and then just copy the full name and paste into terminal after sudo dpkg -i

Thank you very much!

To make sure I understand, these are three completely separate ways to install?

1. Install Synaptic Package Manager through apt-get, then run it to browse package and choose which ones to install. (Is this separate from or the same as the Software Installer used both this method and the pkgs.org one?)

2. Assuming I know the application package name, use apt-get to install it directly. Search for and add the repository first if the package isn't in the default Ubuntu Main repository.

3. Browse https://pkgs.org/, search for, download and install any debian packages. Installation by double clicking or terminal.

What about package versions - would some or all of these methods automatically select the latest stable version compatible with my Zorin Lite version?

Also, regarding "sudo apt-get install clamav" - would this install clamav with the GTK front end, or would I need to do something extra to get that?

Thank you very much!

To make sure I understand, these are three completely separate ways to install?

Separate actions you can take. What the computer does with each method is generally the same.

1. Install Synaptic Package Manager through apt-get, then run it to browse package and choose which ones to install. (Is this separate from or the same as the Software Installer used both this method and the pkgs.org one?)

Yes, that is one separate method that you can do.

2. Assuming I know the application package name, use apt-get to install it directly. Search for and add the repository first if the package isn't in the default Ubuntu Main repository.

Correct.

3. Browse https://pkgs.org/, search for, download and install any debian packages. Installation by double clicking or terminal.

Correct.

What about package versions - would some or all of these methods automatically select the latest stable version compatible with my Zorin Lite version?

With your current setup, yes, it would default to the latest stable version. However, you can change that if you like. You may change it to unstable testing branches or to Older stable versions.

Also, regarding "sudo apt-get install clamav" - would this install clamav with the GTK front end, or would I need to do something extra to get that?

That would install the complete Ubuntu Package.

Thank you!

Also, regarding "sudo apt-get install clamav" - would this install clamav with the GTK front end, or would I need to do something extra to get that?

That would install the complete Ubuntu Package.

Does the complete Ubuntu Package include the GTK front end? Or do I need to install clamtk after clamav?

Does the complete Ubuntu Package include the GTK front end? Or do I need to install clamtk after clamav?

I am honestly not sure. I go about that with an entirely different technique.
Easy enough, though: Try installing clamtk, as well, and see what happens.

Ok, installed clamav, clamtk, rkhunter and chkrootkit

Do the rootkit checkers need to be run manually or what?

Anyway, ran rkhunter, got following warnings:

Code:

[23:26:04] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: Perl script text executable

[23:28:36] Warning: The following suspicious (large) shared memory segments have been found:
[23:28:36]          Process: /usr/bin/xfce4-terminal    PID: 1390    Owner: <my user>    Size: 16MB (configured size allowed: 1.0MB)

[23:31:47] Warning: User 'postfix' has been added to the passwd file.

[23:31:48] Warning: Group 'postfix' has been added to the group file.
[23:31:48] Warning: Group 'postdrop' has been added to the group file.

Ran chkrootkit and got following warnings:

Code:

The following suspicious files and directories were found: 
/usr/lib/python3/dist-packages/matplotlib/tests/baseline_images/.keep /lib/modules/5.0.0-37-generic/vdso/.build-id /lib/modules/5.3.0-26-generic/vdso/.build-id
/lib/modules/5.0.0-37-generic/vdso/.build-id /lib/modules/5.3.0-26-generic/vdso/.build-id

Anything I should worry about?

Postfix was probably installed through rkhunter package - there was a Postfix Configuration screen during the install, but I chose "No configuration" option. Maybe I should've gone "local only". Does having postfix on the laptop open any vulnerability?

Edit: Also it seems clamav-daemon needed to be installed for runtime protection, or am I missing something? I installed it, but then on the clamav sight there's also talk about "on-access-protection" which is clamonacc in addition to clamd, but then you need to configure it with paths to scan, and I'm lost now. Isn't there something like Windows AVs (even MSE/Windows Defender) which are always checking runtime / memory / files&scripts being downloaded/accessed by browser, etc? Or is that not needed in Zorin?

Code:

[23:26:04] Warning: The command '/usr/bin/lwp-request' has been replaced by a script: /usr/bin/lwp-request: Perl script text executable.

Anything I should worry about?

No, everything looks fine.
You can stop the warning above with the following:

Code:

SCRIPTWHITELIST=/usr/bin/lwp-request

Postfix was probably installed through rkhunter package - there was a Postfix Configuration screen during the install, but I chose "No configuration" option. Maybe I should've gone "local only". Does having postfix on the laptop open any vulnerability?

As long as it is you that installed it, it is fine. If you did not install it, then it would need further investigation.
In termainl, you can run

Code:

sudo rkhunter --propupd

to deal with the other warnings.

Edit: Also it seems clamav-daemon needed to be installed for runtime protection, or am I missing something? I installed it, but then on the clamav sight there's also talk about "on-access-protection" which is clamonacc in addition to clamd, but then you need to configure it with paths to scan, and I'm lost now. Isn't there something like Windows AVs (even MSE/Windows Defender) which are always checking runtime / memory / files&scripts being downloaded/accessed by browser, etc? Or is that not needed in Zorin?

Hopefully someone more knoledable than I can chime in on this one I do not use Clamav much. As I said before, i go about it in a very different and unorthodox way.
When I used clamav in the past, I installed clamav-deamon. If you want peace of mind, you might open Synaptic and search "clamav" and install any relevant packages to it (check the details on each listing).

I can't remember which one it is but you will get some false positives on the rootkit softwares - one was written for a different file system to .deb so warnings will relate to that, the other looks at your base install at time of adding the application - if you do any updates to your system it might quote false positive there. I have never used on access AV scan even on Windows as it slows the system right down - the main two packages you require are clamav and clam-tk - the front-end of the system and just set to auto-update - it should add a context menu when you right click a file or folder to scan with clam av:

Typo

The rootkit sofware has to be started in a terminal:

Code:

code sudo rkhunter -c

It will check the system then ask you to press 'Enter' key to continue - it then checks for rootkits.
Mine found 4 possible rootkits but that was down to files being greater than 1 Mb - I haven't gone into detail on restructuring this, but based on the fact it was pointing to Firefox and SystemD I don't think there are any issues.

Press Enter again to check for further root-kits.

Enter again to check Network Ports

Thank you to both of you!