Root account

Saturday, 13 August 2005, michuk

Root is a UNIX default name for system administrator — a master-user who can do everything in the OS. Because of this, root account should be used with special care. While operating as a root user, we can accidentally do a lot of harm to our system and our precious data.

When do we need to use the root account?

We have to use our root account for certain system operations. Some examples are below:

  • installing system-wide software
  • configuring devices, like printer, scanner or TV card
  • configuring system services, like a web or FTP server
  • adding new users to the system and administering the user data

In general it is used for actions which change the settings of all system users or modify the users’ accounts.

Why logging in as root can be harmful?

One of the key rules of operating systems states that root account should be used only in case when we cannot do something as a normal user. Why can the root account overuse have disastrous effects? The main reason is security. Our security and the security of our private data. If you’re logged in as root, your system is much more vulnerable to the outside attacks. For instance, when a web browser has a security hole (and they do have holes, really, even Firefox!), and you use it from the root account, you expose the whole operating system! If you used an unprivileged account, it could “only” affect our personal configuration and data (if unencrypted). The difference is obvious I believe.

How can I use the root account reasonably?

There are a few methods of operating as root. The easiest is to log into system as root. Continuous working as root is isn’t recommended for the reasons stated above. Still, we can log in as root user in the command line. The magic command is:

su

(which stands for swich user). After entering this command in the console followed by the root password (you are usually asked for it during the system installation), you are temporarily working as root and every command you enter since then is executed with root privileges. Usually, when logged as root, the default command prompt changes from $ (dollar sign) to # (hash).

Another way of executing commands as root it to use a strange command:

sudo

(which amazingly stands for switch user do). This allows us to execute a single command as if we were root without actually logging in as root.

Using sudo command is said to be a little more secure than logging directly as root. However, to be able to use this command we need to configure our system for it. The magic sudo configuration file is:

/etc/sudoers

The syntax of this file is quite simple. The line below enables sudo access for all member of the admin group:

%admin ALL=(ALL) ALL

Note that some distros enable sudo for the first user by default, even disabling the direct root login whatsoever. Ubuntu is an example of this approach.

More about sudo can be found in the Sudo FAQ on our vortal.

Subscribe to RSS feed for this article! | Trackback URI

2 Comments

fold this thread lameck james  Friday, 14 March 2008 o godz. 10:02 am #  Add karma Subtract karma  +0

How am i install softwares like antiviruses and others

(Comments wont nest below this level)
fold this thread Fredrico Sanchez  Tuesday, 15 April 2008 o godz. 2:12 pm #  Add karma Subtract karma  +1

Running antivirus on linux is usually irrelevant because no viruses exists for linux in the wild (meaning all of the security holes exploited by the 40 or so viruses ever made for linux have been fixed). If you really want to scan for viruses (recommended if your running wine emulation) then go to trendmicro.com and use their on-line, Java-based, free antivirus scanner (Housecall) to scan your linux machine. Housecall is the only antivirus scanner that I have found is compatible and user-friendly with linux.

 
 
Name (required)
E-mail (required - never shown publicly)
URI

Adjust field size: shrink | enlarge)


You can use simple HTML in your comments. Some examples are as follows:
  • A hyperlink: <a href="polishlinux.org">GNU/Linux for everyone!</a>,
  • Strong text: <strong>Strong text</strong>,
  • Italic text: <em>italic text</em>,
  • Strike: <strike>strike</strike>,
  • Code: <code>printf("hello world");</code>,
  • Block quote: <blockquote>Block quote</blockquote>

Warning: include(0php’): failed to open stream: No such file or directory in /sites/polishlinux.org/wp-content/themes/jakilinuxorg/page.php on line 70

Warning: include(): Failed opening '0php’' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /sites/polishlinux.org/wp-content/themes/jakilinuxorg/page.php on line 70