Home > Articles

  • Print
  • + Share This
This chapter is from the book

Working as Root

The root, or super user, account is a special account and user on UNIX and Linux systems. Super user permissions are required in part because of the restrictive file permissions assigned to important system configuration files. You must have root permission to edit these files or to access or modify certain devices (such as hard drives). When logged in as root, you have total control over your system, which can be dangerous.

When you work in root, you can destroy a running system with a simple invocation of the rm command like this:

matthew@seymour:~$ sudo rm -rf /

This command line not only deletes files and directories but also could wipe out file systems on other partitions and even remote computers. This alone is reason enough to take precautions when using root access.

The only time you should run Linux as the super user is when you are configuring the file system, for example, or to repair or maintain the system. Logging in and using Linux as the root operator isn’t a good idea because it defeats the entire concept of file permissions.

Knowing how to run commands as the super user (root) without logging in as root can help avoid serious missteps when configuring your system. In Ubuntu, you can use sudo to execute single commands as root and then immediately return to normal user status. For example, if you would like to edit your system’s file system table (a text file that describes local or remote storage devices, their type, and location), you can use sudo like this:

matthew@seymour:~$ sudo nano -w /etc/fstab
[sudo] password for matthew:

After you press Enter, you are prompted for a password that gives you access to root. This extra step can also help you think before you leap into the command. Enter the root password, and you are then editing /etc/fstab, using the nano editor with line wrapping disabled (thanks to the -w).

Understanding and Fixing sudo

Most Ubuntu users never have problems with sudo, but sometimes, people who like to experiment break things, especially while learning. This section helps you understand more completely how sudo works and also how to restore sudo access to a specific user when, for some reason, it has ceased to function for that user.

In order for a user to use sudo, the user account must belong to the sudo group and must also be listed in the /etc/sudoers file. If both conditions are met, the user will be permitted to temporarily use root powers for specific commands that are issued at the command line by that user account by prefacing the command with the word sudo.

A problem can occur for a specific user with sudo in several situations:

  • When the user is taken out of the sudo group but should not have been

  • When the permissions for the /etc/sudoers file have been changed to anything other than 440

  • When the /etc/sudoers file has been changed in a way that does not allow members of the sudo group to use root powers

These problems generally result from users doing something they should not have done, such as changing the permissions on all files rather than taking the time to figure out a specific file that is causing problems due to permissions issues. Take heed: It is better to spend a bit more time learning than it is to take a shortcut that causes bigger problems.

Fixing any of these problems requires the use of root powers. This is an obvious problem because if sudo is not working, the account does not have access to root. To fix it, you must gain root access. You can do this by booting into recovery mode, using the following steps:

  1. Hold down the Shift key while the computer is booting.

  2. When the GRUB menu page appears, use the arrow keys on your keyboard to scroll to the entry that ends with (recovery mode) and press Enter to select it.

  3. When the boot process finishes, and have several options, select the menu entry for root: Drop to Root Shell Prompt. You are now at the command line, with full root access to the computer.

  4. Because Ubuntu mounts file systems as read-only by default in recovery mode, you need to remount the root file system, /, as read/write so that you can fix the problem. Enter the following:

    root@seymour:~# mount -o rw,remount /

If the problem exists because the user account was removed from the admin group, enter the following:

root@seymour:~# adduser username admin

If the problem exists because the permissions for /etc/sudoers are wrong, enter this:

root@seymour:~# chmod 440 /etc/sudoers

If the problem exists because of an internal problem in /etc/sudoers, make a backup of the existing file and use visudo to edit it. (This is a special use of the vi editor, covered in Chapter 12, “Command-Line Master Class, Part 2,” that runs a check on the file after editing to be certain it is correct; this particular problem usually occurs when someone edits the file using another editor that does not make this check.) The contents of the file should be as follows:

# This file MUST be edited with the 'visudo' command as root.
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
# See the man page for details on how to write a sudoers file.
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

After your fix is complete, exit the root command line:

root@seymour:~# exit

You return to the recovery mode menu. Select Resume Normal Boot to finish and return to a normal boot. When the boot completes, you should be able to use sudo correctly again.

Creating Users

When a Linux system administrator creates a user, an entry is created in /etc/passwd for the user. The system also creates a directory, labeled with the user’s username, in the /home directory. For example, if you create a user named sandra, the user’s home directory is /home/sandra.

Use the adduser command, along with a user’s name, to quickly create a user:

matthew@seymour:~$ sudo adduser sandra

After creating a user, you must also create the user’s initial password with the passwd command:

matthew@seymour:~$ sudo passwd sandra

Changing password for user sandra.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

Enter the new password twice. If you do not create an initial password for a new user, the user cannot log in.

The adduser command has many command-line options. The command can be used to set policies and dates for the new user’s password, assign a login shell, assign group membership, and other aspects of a user’s account. See man adduser as well as Chapter 13, “Managing Users,” for more info.

Deleting Users

Use the deluser command to delete users from your system. This command removes a user’s entry in the system’s /etc/passwd file. You should also use the command’s --remove-all-files and --remove-home options to remove all the user’s files and directories (such as the user’s mail spool file under /var/spool/mail):

matthew@seymour:~$ sudo deluser --remove-all-files --remove-home andrew

If you do not use the -remove-home option, you have to manually delete the user’s directory under /home, along with the user’s /var/spool/mail queue.

Shutting Down the System

Use the shutdown command to shut down your system. The shutdown command has a number of different command-line options (such as shutting down at a predetermined time), but the fastest way to cleanly shut down Linux is to use the -h (or halt) option, followed by the word now:

matthew@seymour:~$ sudo shutdown -h now

You can also follow -h with the numeral zero (0), like this, to get the same effect:

matthew@seymour:~$ sudo shutdown -h 0

To incorporate a timed shutdown and a pertinent message to all active users, use shutdown’s time and message options, as follows:

matthew@seymour:~$ sudo shutdown -h 18:30 "System is going down for maintenance this evening at 6:30 p.m. Please make sure you have saved your work and logged out by then or you may lose data."

This example shuts down your system and provides a warning to all active users 15 minutes before the shutdown (or reboot). Shutting down a running server can be considered drastic, especially if there are active users or exchanges of important data occurring (such as a backup in progress). One good approach is to warn users ahead of time. This can be done by editing the system Message of the Day (MOTD) motd file, which displays a message to users when they log in using the command-line interface, as is common on multiuser systems.

It used to be that to create a custom MOTD file, you only had to use a text editor and change the contents of /etc/motd. However, this has changed in Ubuntu, as the developers have added a way to automatically and regularly update some useful information contained in the MOTD file by using cron. To modify how the MOTD file is updated, you should install update-motd and read the man page.

You can also make downtimes part of a regular schedule, perhaps to coincide with security audits, software updates, or hardware maintenance.

You should shut down Ubuntu for only a few very specific reasons:

  • You are not using the computer, no other users are logged in or expected to need or use the system (as with your personal desktop or laptop computer), and you want to conserve electrical power.

  • You need to perform system maintenance that requires any or all system services to be stopped.

  • You want to replace integral hardware.

Rebooting the System

You should use the shutdown command to reboot your system. The fastest way to cleanly reboot Linux is to use the -r option and the word now:

matthew@seymour:~$ sudo shutdown -r now

You can also follow -r with the numeral zero (0), like this, to get the same effect:

matthew@seymour:~$ sudo shutdown -r 0

Both rebooting and shutting down can have dire consequences if performed at the wrong time (such as during backups or critical file transfers, which arouses the ire of your system’s users). However, Linux-based operating systems are designed to properly stop active system services in an orderly fashion. Other commands you can use to shut down and reboot Linux are the halt and reboot commands, but the shutdown command is more flexible.

  • + Share This
  • 🔖 Save To Your Account