Why Ubuntu uses sudo instead of root login?

By | March 29, 2016

Once you are an administrator on the Linux or UNIX platforms you will likely know the top level directory is known as root. The root directory in both Linux and Unix  by default has access to all the commands and files and should be the only account to have write access to main filesystem.

Although most of us started our computer experience on the Microsoft platform sometimes we are torn between which OS is better for administration This can be highly debatable and it boils down to a matter of preference and purpose of use.

In terms of security its argued that Linux is a more secure platform whereas Microsoft window is constantly hammered by attacks. But on the other hand Microsoft Windows is more commercially accepted since enterprise and personal use vendors provide integrating solutions for this product.

Security

Ubuntu is as secure as it gets since it locks the root account allowing the user to login a the default sudo user.

it originally stood for “superuser do” as the older versions of sudo were designed to run commands only as the superuser (extract from wiki)

Therefore the users have to login with the following commands considerations/sbin, /usr/sbin and /usr/local/sbin as part of their $PATH environmental variable, meaning they can see commands that users can not normally see.

What is sudo?

It is a tool to allow you to execute a command as root, without logging in as root. Its name is derived from a related command su “do”. su is the command to switch user and is most frequently used to run commands as root. So in essence, sudo is ‘switch user do <command>.

It provides several key benefits;

  • It logs all commands run using it
  • It logs failed attempts to authenticate using it
  • It can be restricted in a much more detailed way than simply using root, i.e. per user permissions
  • It can be used with the user’s login password rather than distributing the root password

The latter is the case with Ubuntu so that users are prevented from logging in permanently as root but can temporarily elevate themselves to root to run the required system command. Ubuntu is configured to allow members of the admin group have access to commands via sudo. Anyone else attempting to run a command in this manner will have their attempt logged and mailed to the system administrator(s).

How is sudo used?

When running certain commands in a terminal you will notice that they will either not work or will return no information. Try running

Code:
fdisk -l

The above command will have run as your own regular user and should not have returned a value.  Now try running it with sudo, to run it with root privilege
Code:
sudo fdisk -l
This time you should be prompted for your password and on entering it you will see a listing of all of your hard disk partitions, something only possible with root privilege.

What about graphical applications?

Although it isn’t a great idea to run any old application as root, there are some that need to such as package managers and system configuration tools. Synaptic Package Manager for example. You can run the command ‘synaptic’ but you will receive errors about starting without administrative privileges. But if you were to prefix this with gksu (for Gnome) or kdesu (for KDE) you will first be prompted for your root password and then the application would run correctly.

So there you have it. That little prefix to your commands lets you run just what needs to be run as root and keeps your system secure and stable.

Leave a Reply

Your email address will not be published. Required fields are marked *