Monday, December 29, 2008

The Super User/Root User

No matter how many system administrators there are for a system, there can ever only be one super user account. The super user account, more commonly referred to as the root user, has total and complete control over all aspects of the system. They can go anywhere in the filesystem, grant and revoke access to files and directories, and can carry out any operation on the system, including destroying it if they so wish. The root user is unique in that it has a UID of 0 and GID of 0.

As you can probably guess by now, the root user has supreme power over your system.
With this in mind, it’s important that you do not work as root all the time as you may inadvertently cause serious damage to your system, perhaps even making it totally unusable. Instead, you should rely on root only when you need to make specific changes to your system that require root privileges. As soon as you’ve finished your work you can switch back to your normal user account to carry on working.

Within Ubuntu you execute a command with root privileges by way of the sudo command like so:

$sudo apt-get update

You will be prompted for your password so you should enter this. Ubuntu will then carry out the command (in this case updating information about available software) as if you were running it as root.

A regular user is someone who logs on to the system to make use of it for nonadministrative tasks such as word processing or email. These users do not need to make systemwide changes or manage other users. However, they might want to be able to change settings specific to them (for instance, a desktop background). Of course, depending on how draconian the root user is, regular users might not even be able to do that!

The super user grants privileges to regular users by means of file and directory permissions. For example, if the super user does not want you to change your settings in ~/.profile (the ~ is a shell shortcut representing your home directory), root can alter the permissions so that you may read from, but not write to, that file.

Because of the potential for making a catastrophic error as the super user (using the command rm -rf /* is the classic example, but do not ever try it!), always use your system as a regular user and become root only temporarily to do sysadmin duties. While you are on a multiuser system, consider this advice an absolute rule; if root were to delete the wrong file or kill the wrong process, the results could be disastrous for the business. On your home system, you can do as you please, and running as root makes many things easier, but less safe. In any setting, however, the risks of running as root are significant and we cannot stress how important it is to be careful when working as root.

The third type of user is the system user. The system user is not a person, but rather an administrative account that the system uses during day-to-day running of various services.
For example, the system user named apache owns the apache web server and all the associated files. Only itself and root can have access to these files—no one else can access or make changes to these files. System users do not have a home directory or password, nor do they permit access to the system through a login prompt. You will find a list of all the users on a system in the /etc/passwd file. Ubuntu refers to these users as the standard users because they are found on every Ubuntu computer as the default set of system (or logical) users provided during the initial installation. This “standard” set differs among Linux distributions.

If you’ve used other Linux distros then you are likely to be a little puzzled by the use of the sudo command. In short, Ubuntu allows the first user on the system access to full root privileges through the sudo command. It also disables the root account so no one can actually login with the username root. In other Linux distros you would change to the root user by issuing the command su - followed by the root password. This will land you at the root prompt, which is shown as a pound sign (#). From here you are able to execute any command you wish. To get to a root prompt in Ubuntu you need to execute the command sudo -i which, after you enter your password, will give you the prompt so familiar to other Linux distros. When you’ve finished working as root just type exit and hit Enter to get back to a normal user prompt ($).

Source of Information : Sams Ubuntu Unleashed 2008 Edition

No comments: