Root refers to an account that has access to all commands and files on a Unix-like operating system. Synonyms to root include root account, root user, and superuser. Superuser is particularly common on Android devices, which run a version of Linux.
Think of root as the king of the computer. A root user will have access to every aspect of the operating system and will be able to make fundamental changes to the system. It is necessary to have root privilege to perform certain tasks on Linux, like compiling and installing software. Whatever your reasons for gaining root access, remember that it is a powerful position to be in. You can do a lot of damage to your computer by making changes that you don’t understand. Read below to learn about how to obtain root.
Gaining Root Through Login
The easiest way to get root access to a Linux machine is to log in as the root user from the very beginning. Now, this can be confusing because some users will have root privileges associated with their accounts and so it may seem that logging in as a particular user is the best way to gain root. In this case, logging in as root refers to logging in with the built-in root ID, not a user ID that is set.
To log in as root on most Linux systems you type in “root” as the user name. When prompted, you type in the root password. This is usually the password you created when you installed the OS. In some cases, if you did not set a password, then it will be blank and you can just hitEnter after typing in “root” as the user name.
This method of gaining root grants the user full control over the system. There will be no need to supply a user name or password again in order to perform activities that are restricted to root users. Most people who are not system administrators will not log in this way because it unnecessarily exposes the OS to both unintentional mistakes as well as malicious hacks. Most people will use one of the following methods to gain root temporarily.
The su Command
You don’t have to log in as root to get root access. You can use the “su” command, which stands for switch user, substitute user, or super user (depending on who you ask). All you have to do is type in “su” and the OS will ask for a password. You then supply the password of whatever user you wish to switch to. In the case of wanting root access, you simply type in “su” and then supply the root password. When you no longer need root access, you type “exit” to return to whatever user you were previously logged in as.
If you add dash (-) when using su, like “su – root”, then you will also assume the user environment of the target user. So, if you were to type in “su – John” and supply John’s password, you would be logged in as John. You would also be using the system exactly as John would, complete with all of his settings, preferences, etc.
The sudo Command
The last way to get root access in Linux is to use “sudo,” which stands for “substitute user and do.” Sudo is similar to su in some ways, but has constraints placed on it regarding which users can execute which commands. Those constraints are stored in a file like /etc/sudoers, which is generally only editable by the system administrator.
Sudo is different from su in that it does not allow one to actually switch users, but instead validates a person’s password against itself. As long as the password has root privileges set in /etc/sudoers, then he or she will have root access after using “sudo” and typing in his or her personal password.
The validation step with sudo is designed not only to ensure that that the person has root privileges, but also to ensure that malicious commands are not entered when the user is away from his or her computer. Thus, even though the user is simply retyping his or her password, the computer is verifying, at that step, that the user name and password have root privilege.
The benefits of sudo are numerous, but the major benefit is that it allows specific users to be granted specific access privileges. These privileges can include root access, but because the user’s own password is all that is needed, he or she does not need to know the root password. This is useful for granting temporary root access without sharing the root password.
Sudo is often applied using the principle of least privilege (PoLP), which says that people should have the lowest possible privilege level that allows them to perform their work. This is one of the most important security procedures that can be put into practice. Loose use of privilege makes it to easy to exploit a system.
What You Should Do
When you set up Linux, you will be asked if you want to provide any users with root access or not. Users given this privilege can then use the sudo command to install software, remove software, and more using their own passwords. If you haven’t given a particular user the access he or she needs, you can make changes using the visudo command-line utility. It allows you to edit the /etc/sudoers file safely. To use visudo, you will need to have the root password.
In general, sudo is the better command to use because it limits the kinds of mistakes that can be made. For full system access, use su or log in as root for unfettered access. In general, however, these last two aren’t necessary. You’ll probably find that sudo is all you ever need.