So I'm logged in as the user 'Shannon', but can't gain root access through the GUI when I'm prompted to install a program for example. However using sudo su
, type in the root password, gain access through the terminal and then install the programs from there. Aren't these passwords supposed to be identical?
Does anyone know how to fix this one?
Best Answer
OK, let me write a short clarification. There are two different users:
Shannon
androot
. In Ubuntu, by default,root
does not have a password at all and cannot log in at all. IfShannon
wants to do a task requiring root privileges, he uses the commandsudo
that consults a file called/etc/sudoers
and has the ability to turnShannon
intoroot
.By default,
sudo
wants to make sure thatShannon
actually isShannon
and not his dog who just took over the keyboard. This is whysudo
asks userShannon
for his (and not root's) password. Also note that "a task requiring root privileges" can be a bash shell, which essentially means that you can log in as root (without using root password!).So, it is not that the two users (
Shannon
androot
) have different passwords, but that the password ofroot
is not actually being asked for at all.Personally, I don't have a dog; that is why I modified
/etc/sudoers
in such a way that it never asks me for my password -- being there is sufficient. Using the commandsudo visudo
I have edited/etc/sudoers
and edited the following line:The line above means that all users from the sudo group (and I can only assume that
Shannon
belongs to this group if he installed his system) can run essentially ALL root commands.Ah, but now the NOPASSWD directive makes sure that not only I can run any program as root, I can run it without being pestered for typing a password. Note that to edit this file I must use the program
visudo
which makes sure that I don't make any syntax error. Syntax error in thesudoers
file might completely disable the sudo system -- and then, if root does not have a password, you are in a deep kacka.To add confusion, there is yet another program allowing for gaining root privileges temporarily called
su
. However,su
is much more primitive -- it just asks for the password of the root. Therefore, it does not work in a default Ubuntu installation.So, which password is actually asked for when you type
sudo su
? Well, the command that you are running first issudo
, notsu
. Thus, you are asked forShannon
's password, not roots.sudo
then gains root privileges and runssu
as root. But when the root runssu
,su
does not ask for a password. In any case, don't do that -- that is whatsudo -i
is for (does exactly the same thing).