Administrative access on linux systems

Tux magazine has a comparison of su and sudo as ways to administer a linux system. Many people are under the mistaken impression that you just login as root (gui or otherwise) and that’s the only way to do it. In fact, I’ve used su primarily. Although in some circumstance sudo has it’s benefits.

su allows you to become another user. So, simply typing su with no username afterwards will assume you want to become the administrator (root) (or superuser). It prompts you for the root password and then you have full root access.

(Type su – (with a space and then a hyphen) to change your environment to that of the user you’re becoming.)

sudo on the other hand is a more controlled way of accessing this. Let’s say you have a dozen uses on a system and two are allowed to administer certain specific areas. With sudo you (the real administrator) can add their names to the sudo list and configure specific permissions (what are THEY allowed to do. For instance, it’s possible to allow them to restart services, but not install softare, or vice versa.

If you’re on the sudo list, you type sudo at the prompt and are asked for YOUR password. (Not the root password). After the authentication (used to protect against just anyone walking over to your open session and taking root access), you’re able to act as root (to the extent that you’re allowed to in /etc/sudoers). It’s possible to give someone unrestricted sudo access as well. Typically the sudo command gives you access for about 10 minutes without needing to enter your password each and every time.

There are ways within the GUI of running commands as another user and prompting for su (or sudo) password, so this is not a Command line only trick. For instance under Mandrake, when trying to run the control panel you’re prompted for the administrator (root) password. This is essentially a su to root for the purposes of administering the machine.

   Send article as PDF   

Similar Posts