Back to the early days of Linuxthings are a lot more complicated. Distributions are much less mature and require a specific system account to do anything. That account is root — and with it, you have unlimited power over your operating system.
Also: Do you need antivirus software on Linux?
To demonstrate the power of the root account, one trick you can always use on unsuspecting users is to ask them to switch to the root user with su command and then ask them to give the following command:
The rm command is used to delete files and directories. Combined with r (recursive) and f (force), you will delete everything from the root directory (/), thus rendering your system unusable.
Also: Don’t remember the Linux command you ran last time? Let history repeat itself
At that point, any command that requires administrative privileges is run through the root user. To do so, you must either change to the root user (using the su command) or log in as the root user. Both of these options are eventually seen as a security issue. The user can do anything if you log in as root user and exit the system.
Access to the root user means that if hackers gain access to your system, they can wreak havoc on your computer.
Finally, it was decided something must giveFrom that need, sudo was born. Sudo stands for “superuser do” and actually gives a regular user (who is in the administrators group) access to the same powers as an administrator. This approach solves two problems:
- Root user can be disabled (thus not easily exploitable)
- Only users in the administrators group (more on this later) can run administrative tasks.
Sudo also allows administrators to add and remove users to or from the sudo group at any time, making it easier to control who has access. This change is a significant step forward for Linux, increasing system security and making users’ lives easier.
Also: Best Linux Distributions for Beginners
With sudo, users no longer have to switch to the root user or log in to that account to run administrative commands, such as installing software. Users can run those administrative operations through sudo with the same effect as running them from the root user account.
Sudo provides greater control over who can do what on any system. When trying to run a command that requires administrative privileges, a user simply enters their user password (also known as the sudo password) and the command will run without any problems, as long as the command is run correctly.
Also: The First 5 Linux Commands Every New User Should Learn
For example, instead of having to switch to the root user using the su command and then issue the update/upgrade command on an Ubuntu-based distribution, the user can issue the following command:
sudo apt-get update && sudo apt-get upgrade -y
By running apt-get through sudo, the user is granted temporary administrative privileges and can issue commands successfully.
What about users who are not in the administrator group?
Any user you want to grant access to must be a member of the administrators group to distribute. For example, on Ubuntu-based distributionsthat group is sudo. On Red Hat based distributionsThat group is called a wheel.
Also: How to Mount a Drive Permanently in Linux (and Why You Should)
If you have users who are not members of the administrators group, when they try to run a command using sudo, they will see a message like this:
olivia is not in the sudoers file. This incident will be reported.
How do you fix that? You add them to the administrators group. So for Ubuntu based distributions, the command to add a user to the administrators group would be:
sudo usermod -aG sudo USER
Here, USER is the username in question.
On Red Hat based distributions (like Fedora), the command would be:
sudo usermod -aG wheel USER
Again, USER is the username in question.
Also: Why Don’t More People Use Linux on Their Desktops? I Have a Theory You Might Not Like
After running the command, the user will have to log out and log back in or notify the system of the changes using the command:
Once a user has been added to the administrators group, they can use sudo to run commands that require administrator privileges.
Sudo has made Linux more secure and user-friendly. Not having to change to (or log into) the root user account avoids some serious security pitfalls and lets you manage user access to administrative tasks.
