Root, Sudo, and SU

From Archive Debian Forums
Jump to navigation Jump to search

The Concept of Root and User:

"root is the user name or account that by default has access to all commands and files on a Linux or other Unix-like operating system. It is also referred to as the root account, root user and the superuser. [1]

An ordinary user only has control over files in his/her own "home" directory, though they may be "allowed" access to other files and applications.

su, su -, and sudo:

The su, su -, and sudo commands are used in a terminal to give you root access to the system. You can of course log on as root but this is not generally a good idea; once logged on in a particular identity, you tend to continue in that identity until you log off again, and it is bad practice to work as root for long periods.

Instead you should use su to become root "for the duration". You will need to give the root password which you set when you installed Debian. Your prompt will change to show that you are now root. When you have done what you need to do as root, type exit to get back to your own identity.

Debian has adopted specific variations for the su command:

su will give access to all commands except for critical system commands in the /usr/sbin directory. This is a function of the environment which the su command invokes - if you switch from user account to root with su, you retain that user's environment.

su - will also switch you to root account but invokes the root environment which is required for any commands in the /usr/sbin directory. 

    For example, you can run the chown command after elevating to root privileges with su, but to run the adduser command you need to get root with su -

sudo should also allow running commands which require root environment like those in /usr/sbin/ eg. sudo blkid (PM me if you have a different experience; it works here).

The sudo command is a more selective alternative to su, particularly useful if there are several users of your system.

By editing, as root, the file /etc/sudoers, you can give root access to a specific individual for specific commands only. This is much safer than letting them know the root password.

The man page for sudoers gives details of the syntax for this file.

The Debian installer will ask if you wish to add your user to sudo and if you wish to create a root password. If you don't specify a root password, your user will automatically be added to sudo. If you didn't add you user to sudo during install, you can do it afterwards with the command (run as su - and entering the root password):

adduser <username> sudo of course replace <username> with your actual user name.

To use sudo, simply preface the command you wish to execute as root with the word sudo. You will be asked to enter your own user password to prove your identity.

The system will then check whether you have been given permission to execute this particular command as root; if so, it will be executed. sudo "remembers" you for a short time so that you can give a group of sudo commands without entering your password each time.


This thread was original posted on the Debian User Forums by @The Beginners guide, curated by @sunrat: http://forums.debian.net/viewtopic.php?f=32&t=58557&p=338548


Ref 1: http://www.linfo.org/root.html

  1. root Definition "http://www.linfo.org/root.html
Retrieved from "https://archive.forums.debian.net/index.php?title=Root,_Sudo,_and_SU&oldid=183"