In the world of Unix-like operating systems such as Linux, the concepts
su are crucial elements of system management and security. These
commands allow for the delegation and use of elevated privileges, making it
possible for users to execute commands as a superuser or another user. This
article will delve into the intricacies of why these commands are so important,
assuming the reader is already familiar with the basics of
Why Do You Need to Perform Certain Tasks with Superuser Privileges?
System-Wide Changes: Certain tasks in Linux require making changes to system-wide settings or files, such as installing new software packages, modifying system configurations, and managing services.
sudo apt-get install nginx
Security: Elevated privileges ensure that only authorized users can change essential system settings or access sensitive data.
sudo cat /etc/shadow
Resource Allocation: Operations like assigning ports below 1024 or modifying the system clock are sensitive and hence restricted to superusers.
sudo date --set="2 OCT 2020 18:00:00"
sudo Increases System Security?
sudoallows a permitted user to execute a command as the superuser or another user, as specified by the
sudoersfile. This temporary elevation of privileges limits the exposure to security risks.
Accountability: By using
sudo, all commands executed are logged, including who ran the command. This enables easier tracking of actions and is useful for auditing purposes.
sudo less /var/log/auth.log
Fine-Grained Control: The
sudoersfile allows you to specify which commands a user can execute, reducing the possibility of misuse of privileges.
Why Do Unix-like Systems Have the Concept of Switching Users?
Role Segregation: In a multi-user environment, different users have different roles and responsibilities. The
sucommand allows one to switch users to perform role-specific tasks.
su - postgres
Delegation: Sometimes it's useful to delegate certain administrative tasks to different users or roles without giving them full superuser access.
Why Running the System as the Root User is Not a Good Practice?
Security Risks: Operating as the root user makes the system more susceptible to malicious activities and accidental changes.
Accountability: Running as the root user does not provide an easy way to track who made which changes, posing challenges for system audits.
Potential for Mistakes: A typo or a wrong command can result in catastrophic system failures.
Ubuntu's Approach to Root User and
Disabled Root Account: Ubuntu disables the root account by default, making it less susceptible to brute-force attacks aimed at the root user.
sudofor Superuser Access: Instead of using a root account, Ubuntu relies heavily on
sudofor administrative tasks, allowing better control and logging.
sudo apt update
Security and Simplicity: This setup minimizes the security risks associated with the root account while making the system easier to use for those familiar with
su commands in Linux are more than mere conveniences; they are
designed to provide a robust framework for managing privileges and ensuring
system security. Understanding the why and how of these commands allows for
better system administration and offers insights into the design philosophy of
Unix-like operating systems.
What Can You Do Next 🙏😊
If you liked the article, consider subscribing to Cloudaffle, my YouTube Channel, where I keep posting in-depth tutorials and all edutainment stuff for software developers.