Linux-Account Permissions with sudo and root

[RoboTechGaming]

Hello everyone. I am trying to understand how exactly account permissions work in relation to the root user and the sudo command. I had thought that using the sudo command would elevate you to the root user. However, using the root password that I setup when installing does not work. It accepts my user account password. My account should be a stander user. It should not be able to run elevated commands right? So why does that password work and the root password I set during setup not work? Furthermore, I also tested this by opening a root terminal. Same thing: root password does not work, but my stander user account does. I am getting confused looking into this myself. Is this normal behavior? If so, then why? Does sudo actually run a command as root? Does my user account have some elevated privilege? When does the root password that I set come into play?

 

I am currently running off ParrotOS 4.10 with XFCE; but from what I understand this does not have to do with my specific distro.

 

Thanks!

[Bad5ector]

Now I'm not a Linux expert by any means, but I believe root is a separate account called... you guessed root. If you use sudo command, it assumes you have elevated privileges and asks for the password of the user currently trying to run the command. If that user doesn't have root privileges then it will fail. What happens if you try to SSH into your linux box using:

 

ssh -l root nameorIPofserverhere

 

Then put in your root password? Does it bring you to a prompt similar to this:

 

   

[mahyar]

1. about password well you ae not logging in via root you are doing it with another user
2. yes sudo runs a command as root 
3. yes
4. if you want to login with root user (which you can) or if you type su in terminal

[colonel_mortis]

You can switch to the root user using

su

which will work as you expect, asking for root's password.

 

sudo is subtly different - it allows users that have the requisite permissions (which usually means being in the sudoers or wheel group) to use their own credentials to run a command as root. For single user systems, the advantage is that you just need one password for privileged and unprivileged tasks. For multiuser systems, it has even more benefits: I can allow you to have sudo access this week, but then decide that I don't trust you any more and revoke your sudo access without needing to change the root password, and I can also only allow you to use sudo to run certain commands (for example, I might want to let you do sudo apt update, but not sudo rm -rf /).

[Sauron]

You misinterpreted what sudo does; it's not quite how you think.

 

There's a command called "su". su allows you to login as root from a terminal; this is what you thought sudo would do.

 

What sudo does essentially is tell the root user to do something: you're not logging in as root, you're just asking it to do some task for you. The root user will obey that command if you can prove you're an authorized user, hence why sudo needs your user password.

[RoboTechGaming]

So, root is another account, but other user accounts can have access to it; which is why it wants my user account password? What if I don't want my main user account to have that access? I just want root to have root access. I would have to remove myself from to sudoers group correct? If I understand this right; being apart of the sudoers group gives you access to the root user when using the sudo command. I am still running that command as root right? Or is it me with "elevated privilege mode" turned on? Then anyone apart of the sudoers group can run commands as root. Doing something directly as root; like su root does work with the actual root password, and not my user account password (I am duel booting, not running my box as a server or something so its not really practical for me to SSH into it).

 

Do I have all that right?

Also, thanks for all the replies, I had had to keep changing what I was writing based upon new posts!  

[Kilrah]

9 minutes ago, RoboTechGaming said:

So, root is another account, but other user accounts can have access to it; which is why it wants my user account password?

Yes.

 

9 minutes ago, RoboTechGaming said:

What if I don't want my main user account to have that access? I would have to remove myself from to sudoers group correct?

Correct.

 

10 minutes ago, RoboTechGaming said:

I am still running that command as root right?

Yes

[Wild Penquin]

The answer has been given in this thread but in a bit superficial way. Here are some minor details to those who are interested in the details, and useful tips for future reference (IMO ).

 

The answers to original questions are already on any Linux computer man pages (usually, unless someone chose not to install them). Looking at man pages is generally a good idea, whenever something is not clear. In this case, the relevant information is in the man pages of su, sudo and sudoers. Man pages can be a bit intimidating / difficult to read for a novice, so https://wiki.archlinux.org/index.php/Sudo is another good place to look at and applies (at least roughly) to any distribution in this case - but that might not be true for some other subject. It is very probable any distribution has a similar source online for sudo. But online sources will require an internet access, while man pages are available offline.

 

Usually, su is used to login as root into a shell. However, that command can also be used to run any command as any user - provided the user running su knows the right passwords. It is not tied to the account running 'su' - if a user has the root password, and can run su (one way or another), this is an open hole to the whole system (often, logging in as root by password is prevented in more secure computers for this reason, as another layer of security).

 

Sudo is indeed different, but more versatile. It is often used to run any command as root (and not login to a shell) - but, again, that is just the convention. It, too, can be used to run any command (even a shell) as any user, with two major differences compared to su:

1. it is tied to the user running sudo - i.e. only that users credentials are asked (not the target account credentials).
2. the rights to which commands can be run, by and as which user, is configured by the system administrator in the sudoers file.

The configuration in sudoers can be done according to users and groups (of source account(s)). Many distributions have the default that users in a certain group can run any command as root, but it does not necessarily have to be like this. It could be just a selection of one or more users (or members of a group) can run a collection of (one or more) commands as user X (not necessarily root), or any multiple combinations of such rules.

 

Seems sudo even has some networking capabilities.

 

Also, a disclaimer: there might be errors in what I've written in this post. Look at more authoritative sources (such as the man pages) to make sure you have correct information

Edited September 26, 2020 by Wild Penquin
TYPOs. Minor nitpick clarifications

[Donut417]

On 9/24/2020 at 4:18 PM, RoboTechGaming said:

Hello everyone. I am trying to understand how exactly account permissions work in relation to the root user and the sudo command. I had thought that using the sudo command would elevate you to the root user. However, using the root password that I setup when installing does not work. It accepts my user account password. My account should be a stander user. It should not be able to run elevated commands right? So why does that password work and the root password I set during setup not work? Furthermore, I also tested this by opening a root terminal. Same thing: root password does not work, but my stander user account does. I am getting confused looking into this myself. Is this normal behavior? If so, then why? Does sudo actually run a command as root? Does my user account have some elevated privilege? When does the root password that I set come into play?

 

I am currently running off ParrotOS 4.10 with XFCE; but from what I understand this does not have to do with my specific distro.

 

Thanks!

Root is the Linux equivalent of Administrator. SUDO just gives you admin privileges temporary. Just like how Windows UAC is suppose to work. Instead of getting an Allow or Deny prompt, it asks for your password. Generally you SHOULD NEVER use the root account. Most stuff can be done with the SUDO command. In some distro's Root is actually disabled by default. I think Ubuntu is like that or was at one time.