What is root account in linux
root is the user name or account that by default has access to all commands and files on a Linux or other Unix-like operating system. It is also referred to as the root account, root user and the superuser.
The word root also has several additional, related meanings when used as part of other terms, and thus it can be a source of confusion to people new to Unix-like systems.
One of these is the root directory, which is the top level directory on a system. That is, it is the directory in which all other directories, including their subdirectories, and files reside. The root directory is designated by a forward slash ( / ).
Another is /root (pronounced slash root), which is the root user’s home directory. A home directory is the primary repository of a user’s files, including that user’s configuration files, and it is usually the directory in which a user finds itself when it logs into a system. /root is a subdirectory of the root directory, as indicated by the forward slash that begins its name, and should not to be confused with that directory. Home directories for users other than root are by default created in the /home directory, which is another standard subdirectory of the root directory.
Root privileges are the powers that the root account has on the system. The root account is the most privileged on the system and has absolute power over it (i.e., complete access to all files and commands). Among root’s powers are the ability to modify the system in any way desired and to grant and revoke access permissions (i.e., the ability to read, modify and execute specific files and directories) for other users, including any of those that are by default reserved for root.
A rootkit is a set of software tools secretly installed by an intruder into a computer that allows such intruder to use that computer for its own, usually nefarious, purposes when desired. Well designed rootkits are able to obtain root access (i.e., access to the root account rather than just to a user account) and to hide most or all traces of their presence and activities.
The use of the term root for the all-powerful administrative user may have arisen from the fact that root is the only account having write permissions (i.e., permission to modify files) in the root directory. The root directory, in turn, takes its name from the fact that the filesystems (i.e., the entire hierarchy of directories that is used to organize files) in Unix-like operating systems have been designed with a tree-like (although inverted) structure in which all directories branch off from a single directory that is analogous to the root of a tree.
The original UNIX operating system, on which Linux and other Unix-like systems are based, was designed from the very beginning as a multi-user system because personal computers did not yet exist and each user was connected to the mainframe computer (i.e., a large, centralized computer) via a dumb (i.e., very simple) terminal. Thus it was necessary to have a mechanism for separating and protecting the files of the individual users while allowing them to use the system simultaneously. It was also necessary to have a means for enabling a system administrator to perform such tasks as entering user directories and files to correct individual problems, granting and revoking powers for ordinary users, and accessing critical system files to repair or upgrade the system.
Every user account is automatically assigned an identification number, the UID (i.e., user ID), by a Unix-like system, and the system uses these numbers instead of the user names to identify and keep track of the users. Root always has a UID of zero. This can be verified by logging in as root (if using a home computer or other system that permits this operation) and running the echo command to display the UID of the current user, i.e.,
echo is used to repeat on the screen what is typed in after it. The dollar sign preceding UID tells echo to display its value rather than its name.
The UID for root (as well as for all other users) can also be seen by looking at /etc/passwd, which is the configuration file for user data. This file can be viewed (by default by all users) by using the cat command (which is commonly employed to read files), i.e.,
The output of cat /etc/passwd in this example is piped (i.e., transferred) to the less command to allow it to be read one screenful at a time, which is useful if the file is a long one. The line of output for root will look something like root:x:0:0:root:/root:/bin/bash. The first column shows the user name and the third column shows the UID, which can be seen to be zero.
The permissions system in Unix-like operating systems is set by default to prevent access by ordinary users to critical parts of the system and to files and directories belonging to other users. Thus, it can be very tempting for users new to such systems, especially those who are accustomed to systems with a weak permissions system or without any permissions system (e.g., Microsoft Windows or the older versions of the Macintosh), to bypass this permissions system on their personal computers by logging directly into the root account and staying there. Although this provides momentary relief, it should be avoided and ordinary work on the system should be done via an ordinary user account.
This is because it is very easy to damage a Unix-like system when using it as root — much easier than to damage most other types of operating systems. The designers of most other operating systems devised methods of protecting the system and data to compensate for the lack of a robust permissions system.
However, an important principle of Unix-like operating systems is the provision of maximum flexibility to configure the system, and thus the root user is fully empowered. Unix-like systems assume that the system administrator knows exactly what he or she is doing and that only such individual(s) will be using the root account. Thus, there is virtually no safety net for the root user in the event of a careless error, such as damaging or deleting a critical system file (which could make the entire system inoperable).
Adding to the danger of routinely using the system as root is the fact that all processes (i.e., instances of programs in execution) started by the root user have root privileges. Because even the most widely used and well-tested application programs contain numerous programming errors (due to the huge amount of code required and its great complexity), a skilled attacker can often find and exploit such an error to obtain control of a system when a program is run with root privileges rather than using an ordinary user account, with its very limited privileges.
A critical means for preventing users from directly damaging Unix-like systems or increasing the vulnerability of such systems to damage by others is the avoidance of using the root account except when absolutely necessary, even by knowledgeable and experienced system administrators. That is, rather than routinely logging into the system as root, administrators should log in with their ordinary user accounts and then use commands, such as su, kdesu and sudo, that provide them with root privileges only as needed and without requiring a new login.
For example, to become root with su merely requires typing
at the command line (i.e., in the all-text mode), pressing the Enter key and supplying the root password. The account of the previous user can be returned to by pressing the Ctrl and d keys simultaneously or by typing the word exit and then pressing the Enter key.
The security associated with using su can be increased by using its -c option, which terminates it and causes an immediate return to the former user account after the current command has completed execution or after any program that it has launched has been closed.
Tasks that require root privileges include moving files or directories into or out of system directories (i.e., directories that are critical to the functioning of the operating system), copying files into system directories, granting or revoking user privileges, some system repairs, and the installation of some application programs. By default, it is not necessary to be root to be able to read most configuration files and documentation files in system directories, although it is necessary to be root to modify them.
Root privileges are usually required for installing software in RPM (Red Hat Package Manager) package format because of the need to write to system directories. If an application program is being compiled (i.e., converted into runnable form) from source code (i.e., its original, human-readable form), however, it can usually be configured to install and run from a user’s home directory. Root privileges are not needed by an ordinary user to compile and install software in its home directory. Compiling software as root should be avoided for security reasons.
On large systems used by businesses and other organizations, there will likely be several system administrators. Each will have its own account in which it will ordinarily work (and the activities of which will be automatically recorded in system logs for security and repair purposes) but will also have access to the root account for use when necessary. The system administrator(s) might grant limited root privileges to some individuals, such as assistant administrators.
Created May 29, 2005. Updated October 27, 2007.
Copyright © 2005 — 2007 The Linux Information Project. All Rights Reserved.
Источник
How Can I Log In As root User?
| Tutorial details | |
|---|---|
| Difficulty level | Easy |
| Root privileges | Yes |
| Requirements | su/sudo |
| Est. reading time | Less than a minute |
It is not good a practice for anyone to use root as their normal user account, because of security risks. Therefore, you use a normal user account instead. You need to use the su or sudo command to switch to root user account.
su command
The su command is use to change user ID or become super-user during a login session i.e. it allows you to become a super user or substitute user, spoof user, set user or switch user.
Note: su only works if you know the target or root user’s password.
su command syntax
If invoked without a user-name, su defaults to becoming the super user. The user will be prompted for a password, if appropriate.
To log in as root user type the following command (you need to supply root user account password when prompted):
$ su —
Sample outputs:
Once logged in, your prompt should change from $ to #. To log in as another user say nixcraft, type the following command (you need to supply nixcraft user account password when prompted):
$ su — nixcraft
Sample outputs:
Remote root login over the ssh session
You can use the ssh client as follows:
$ ssh root@server.ip-address-here
$ ssh root@server1.cyberciti.biz
$ ssh root@1.2.3.4
However, remote root login over ssh session is disabled in most cases for security reasons. First, login as a normal user and then switch to root account using the su command:
su command and log files
The su command logs its usage in a system log file. This is useful to find out su login information. If you are RHEL / CentOS / Fedora Linux user type the following as root to see the contents of /var/log/secure:
# tail -f /var/log/secure
Debian / Ubuntu Linux user try:
# tail -f /var/log/auth.log
Sample outputs:
Say hello to sudo command
The sudo is a program for Linux / Apple OS X / *BSD / Unix-like computer operating systems that allows users to run programs with the security privileges of another user, normally the superuser (root). By default, sudo will prompt for a user password but it may be configured to require the root password or no password at all. Apple Mac OS X and Ubuntu Linux and many other oses uses sudo command for many administrative tasks.
- No ads and tracking
- In-depth guides for developers and sysadmins at Opensourceflare✨
- Join my Patreon to support independent content creators and start reading latest guides:
- How to set up Redis sentinel cluster on Ubuntu or Debian Linux
- How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F/FIDO2)
- How to set up Mariadb Galera cluster on Ubuntu or Debian Linux
- A podman tutorial for beginners – part I (run Linux containers without Docker and in daemonless mode)
- How to protect Linux against rogue USB devices using USBGuard
Join Patreon ➔
sudo executes a command as another user but follows a set of rules about which users can execute which commands as which other users. This is configured in a filed named /etc/sudoers. Unlike su, sudo authenticates users against their own password rather than that of the target user. See how to configure and use sudo tool under Linux operating system.
For example, to login as root under Linux or Unix like operating system, type:
$ sudo -s
Sample sudo command session
Fig.01: Switching to root account using sudo command
Sudo and log file
The sudo log can be viewed by issuing the following command as root user:
See also
- Linux Run Command As Another User – Explains how to run run Linux commands as another user or run commands as root user using runuser, su, and sudo utilities.
🐧 Get the latest tutorials on Linux, Open Source & DevOps via
| Category | List of Unix and Linux commands |
|---|---|
| Documentation | help • mandb • man • pinfo |
| Disk space analyzers | df • duf • ncdu • pydf |
| File Management | cat • cp • less • mkdir • more • tree |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Linux Desktop Apps | Skype • Spotify • VLC 3 |
| Modern utilities | bat • exa |
| Network Utilities | NetHogs • dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • glances • gtop • jobs • killall • kill • pidof • pstree • pwdx • time • vtop |
| Searching | ag • grep • whereis • which |
| Shell builtins | compgen • echo • printf |
| Text processing | cut • rev |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
Comments on this entry are closed.
I have installed ubuntu and always log in as user. I have read the HOW TOO’s but I am confused by the comment ‘Make sure you use the root password.’ How can you use a root password when you haven’t got one (I think) because the only password I use is the password I gave when I installed Ubuntu (dapper Drake). Is this a root password also if you say it’s root as time of login. If you have to have a seperate login root password – How do you get it? Thanks john6.
By default, the root account password is locked in Ubuntu. This means that you cannot login as root directly or use the su command to become the root user. However, since the root account physically exists it is still possible to run programs with root-level privileges.
Hmmm, lets see Can not log in as : \ SU Thought Ubuntu is open source The only why you can adjust the Kernel is as root. what they hiddin willis.
opp’s should have read more of the reply’s. but as a openBSD user never really had this issue.
Thank you very much for this help!
To all the latin people…..here is the answer in spanish:
Escriban “su -” para cambiar al root. Les pedira la clave del root.
Escriban “su – gon” para cambiar al usuario llamado gon. Les pedira la clave.
John.
You can change your root password by typing in console” sudo passwd root ” By doing this i had to enter my user password then set a new root password and repeat it.
Baller. That was perfect. Thank you.
thnx. by default there is no password for root, hve to get by typing ”sudo passwd root”.
Thanks for this article and to AIS/fahim for the additional information about how to change the root password! Just what I was looking for.
AIS, thanks a lot
The question is still unanswered.
To login as root is very convenience and very important for some applications. Without it, you may not be able to run those programs at all. Su is good but with great limitation.
So if anyone who know the answer, please help. We do not need advise about workaround.
After 5 minutes of browsing on the Internet, I found it is very easy to make the changes so you can login as root from GUI. This is for Fedora 11:
First, (dangerous?) you must su and login as root then cd to /etc/pam.d
There are two files: gdm and gdm-password. Use your editor and
Comment this statement for both files:
# auth required pam_succeed_if.so user != root quiet
Save and logout. Try login as root. You should be.
After login as root and play around, I found the above changes were not enough. Thanks to my-guides.net, I found the last piece that fixed the problem.
You need to edit another file: /etc/PolicyKit/PolicyKit.conf
and add
between .
That will do the job.
The missing statement between is
Thanks a tonnnnn Gregory. Somehow I could never find the answer for this , instead of getting ridiculed for wanting this. 🙂
Thanks for command “sudo passwd root” !!
you didn’t answer the question!
you condescendingly gave some “best practices” advice, and then proceeded to explain out how to do something else.
I have to agree that the entire tenor of this conversation is offensive. Crossing the street is dangerous, also, but I do it anyway. My mother taught me the risks when I was quite small, as well as how to do it safely. If you really want to keep UBUNTU safe from learning problems, I suggest that you lock down the entire system and send us all to a Windows app.
Instead, please stop insulting all of us who are adults and capable of taking our own risks. I need to open the folder /etc/openvpn using my GUI and add a file to the folder. Stop patronizing me and tell me how to do this please.
I agree whole-heartedly. Uber-geek Linux users can be extremely condescending. I’ve had them to tell me to RTFM. Which one? The “right” one”? The “other” one. The one that applies to my distro? Oh wait, that distro has tons of bugs, but the upcoming distro gives you a workaround. RTFM!
How bout this? FTFM ! FIX it. Fix all the crappy and conflicting documentation. Yeah, this thing is “free”. But when all the wasted time getting things to work is considered, it’s more expensive than products from The Dark Empire. Bottom line is, if you’re going to do something, whether it’s for free or not, do it right and make it work like you say it does. Or don’t do it at all.
You people have a lot of nerve criticizing Windows when you worship a product that is a stone’s throw away from hieroglyphics and documented in glyphs.
Cheers, ubers …
I agree wholeheartedly. I need Linux for a project, but it, and all other Linux distros I’ve used, seems to be dwelling in the past, and the developers delight in their backward approach and to delight in making things difficult. Personally, I think it’s almost up to the Windows 98 point, but not quite there yet….
Источник
