if I'm already logged in as a valid
system user, why do I have to be a
superuser/root in order to modify
things that the sysadmin has already
deemed me worthy of accessing?
Who says that they have?
If you take a look at /etc/passwd
, you'll see that there are quite a few more users on your system than you think. For instance, mine looks like this:
┌─[pearson@Bragi] - [~] - [Mon Jan 03, 11:29]
└─[$]> cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/false
daemon:x:2:2:daemon:/sbin:/bin/false
mail:x:8:12:mail:/var/spool/mail:/bin/false
ftp:x:14:11:ftp:/srv/ftp:/bin/false
http:x:33:33:http:/srv/http:/bin/false
nobody:x:99:99:nobody:/:/bin/false
dbus:x:81:81:System message bus:/:/bin/false
pearson:x:1000:1000::/home/pearson:/bin/zsh
hal:x:82:82:HAL daemon:/:/bin/false
ntp:x:87:87:Network Time Protocol:/var/empty:/bin/false
avahi:x:84:84:Avahi daemon:/:/bin/false
temp:x:1001:1001::/home/temp:/bin/bash
mysql:x:89:89::/var/lib/mysql:/bin/false
mongodb:x:101:2::/var/lib/mongodb:/bin/false
usbmux:x:140:140:usbmux user:/:/sbin/nologin
kdm:x:135:135::/var/lib/kdm:/bin/false
deluge:x:125:125:Deluge user:/srv/deluge:/bin/false
Most of these are used by various daemons (programs that run without user interaction); they tend to have very limited permissions, because they don't need to do much. If they try to do something bad, either accidentally due to a software bug or intentionally because of a security exploit, they won't get far.
The bigger point is that users should only have access to what they need.
Now, if your question is, "Why do I need to type sudo
when I've already been added to sudoers
?", the answer is that sudo
runs things as root
, rather than as you. If we made all files accessible to your user directly, or you just ran as root on a normal basis, it's much easier to accidentally do Bad Things (rm -rf /*
comes to mind). Plus, it's really bad security practice to allow any application you run to do whatever it wants to your system - that's how a lot of spyware got installed on Windows machines before UAC.
Is there a GUI (Gnome, KDE) equivalent
to sudo?
gksu
, gksudo
, kdesu
, kdesudo
. It is a very good idea to get in the practice of using these for graphical applications, since they do some special finagling to prevent problems like this.
How do I log in as root
Don't. If you need a root shell, you can use sudo -s
, sudo -i
, or sudo su
.
Ubuntu ships with the root account locked, so you'll have to change the password for it to login (sudo passwd root
). After you've done that, you can lock (sudo passwd -l root
) and unlock (sudo passwd -u root
) the root account as you will. But really, keep it locked; you'll prevent a whole series of attacks that way.
and gain access to /root?!?
┌─[pearson@Bragi] - [~] - [Mon Jan 03, 11:54]
└─[$]> sudo -s
┌─[root@Bragi] - [~] - [Mon Jan 03, 11:54]
└─[$]> cd /root
But there's really no need.
First, note that ConsoleKit's shutdown function considers "single user" and "multiple users" as two different situations – shutting down the system always requires administrator authentication if other users are logged in.
All such actions are managed by PolicyKit. If you want to adjust the policies, you can do so as described in polkit(8) – /etc/polkit-1/rules.d/20-disallow-shutdown.rules
:
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.consolekit.system.stop" ||
action.id == "org.freedesktop.consolekit.system.restart") &&
subject.isInGroup("users")) {
return subject.active ? polkit.Result.AUTH_ADMIN : polkit.Result.NO;
}
});
PolicyKit 0.105 and earlier versions document this in pklocalauthority(8) – /etc/polkit-1/localauthority/50-local.d/20-disallow-shutdown.pkla
:
[Disallow shutdown]
Identity=unix-group:users
Action=org.freedesktop.consolekit.system.stop;org.freedesktop.consolekit.system.restart
ResultAny=no
ResultInactive=no
ResultActive=auth_admin
The Action
s are listed in the ConsoleKit policy file or by running pkaction
.
Best Answer
The question asked by K.Chen is: why do I need sudo privileges when I do it from CLI, ahile I do not need such privileges when I do it from the GUI.
The first part of the answer is that people who design Desktop Environments, like Gnome, KDE, Xfce, Mate, Cinnamon, ... try to simplify the work of their users, and they configure shutting down and rebooting without requiring sudo credentials. This, incidentally, implies that there must be a shutdown sequence which does not involve the program shutdown, which does require sudo privileges (no way around that).
I do not know in detail how each DE does it, but I know that there is a gentle way to bring down, or restart/shutdown/hibernate your system, which does not require root privileges. You can find the original post in an Arch Linux Forum post. In essence, it amounts to issuing hese commands:
halt
reboot
dbus-suspend
hibernate
My guess is that the GUI buttons use roughly these commands. To be certain one should look into the code, but I believe this is a safe bet.