Linux – How to Set Shutdown Permissions

if I'm already logged in as a valid system user, why do I have to be a superuser/root in order to modify things that the sysadmin has already deemed me worthy of accessing?

Who says that they have?

If you take a look at /etc/passwd, you'll see that there are quite a few more users on your system than you think. For instance, mine looks like this:

┌─[pearson@Bragi] - [~] - [Mon Jan 03, 11:29]
└─[$]> cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/false
daemon:x:2:2:daemon:/sbin:/bin/false
mail:x:8:12:mail:/var/spool/mail:/bin/false
ftp:x:14:11:ftp:/srv/ftp:/bin/false
http:x:33:33:http:/srv/http:/bin/false
nobody:x:99:99:nobody:/:/bin/false
dbus:x:81:81:System message bus:/:/bin/false
pearson:x:1000:1000::/home/pearson:/bin/zsh
hal:x:82:82:HAL daemon:/:/bin/false
ntp:x:87:87:Network Time Protocol:/var/empty:/bin/false
avahi:x:84:84:Avahi daemon:/:/bin/false
temp:x:1001:1001::/home/temp:/bin/bash
mysql:x:89:89::/var/lib/mysql:/bin/false
mongodb:x:101:2::/var/lib/mongodb:/bin/false
usbmux:x:140:140:usbmux user:/:/sbin/nologin
kdm:x:135:135::/var/lib/kdm:/bin/false
deluge:x:125:125:Deluge user:/srv/deluge:/bin/false

Most of these are used by various daemons (programs that run without user interaction); they tend to have very limited permissions, because they don't need to do much. If they try to do something bad, either accidentally due to a software bug or intentionally because of a security exploit, they won't get far.

The bigger point is that users should only have access to what they need.

Now, if your question is, "Why do I need to type sudo when I've already been added to sudoers?", the answer is that sudo runs things as root, rather than as you. If we made all files accessible to your user directly, or you just ran as root on a normal basis, it's much easier to accidentally do Bad Things (rm -rf /* comes to mind). Plus, it's really bad security practice to allow any application you run to do whatever it wants to your system - that's how a lot of spyware got installed on Windows machines before UAC.

Is there a GUI (Gnome, KDE) equivalent to sudo?

gksu, gksudo, kdesu, kdesudo. It is a very good idea to get in the practice of using these for graphical applications, since they do some special finagling to prevent problems like this.

How do I log in as root

Don't. If you need a root shell, you can use sudo -s, sudo -i, or sudo su.

Ubuntu ships with the root account locked, so you'll have to change the password for it to login (sudo passwd root). After you've done that, you can lock (sudo passwd -l root) and unlock (sudo passwd -u root) the root account as you will. But really, keep it locked; you'll prevent a whole series of attacks that way.

and gain access to /root?!?

┌─[pearson@Bragi] - [~] - [Mon Jan 03, 11:54]
└─[$]> sudo -s
┌─[root@Bragi] - [~] - [Mon Jan 03, 11:54]
└─[$]> cd /root

But there's really no need.

First, note that ConsoleKit's shutdown function considers "single user" and "multiple users" as two different situations – shutting down the system always requires administrator authentication if other users are logged in.

All such actions are managed by PolicyKit. If you want to adjust the policies, you can do so as described in polkit(8) – /etc/polkit-1/rules.d/20-disallow-shutdown.rules:

polkit.addRule(function(action, subject) {
    if ((action.id == "org.freedesktop.consolekit.system.stop" ||
         action.id == "org.freedesktop.consolekit.system.restart") &&
        subject.isInGroup("users")) {
            return subject.active ? polkit.Result.AUTH_ADMIN : polkit.Result.NO;
    }
});

PolicyKit 0.105 and earlier versions document this in pklocalauthority(8) – /etc/polkit-1/localauthority/50-local.d/20-disallow-shutdown.pkla:

[Disallow shutdown]
Identity=unix-group:users
Action=org.freedesktop.consolekit.system.stop;org.freedesktop.consolekit.system.restart
ResultAny=no
ResultInactive=no
ResultActive=auth_admin

The Actions are listed in the ConsoleKit policy file or by running pkaction.