Why we need `sudo` and `su` Commands in Linux

In the world of Unix-like operating systems such as Linux, the concepts of sudo and su are crucial elements of system management and security. These commands allow for the delegation and use of elevated privileges, making it possible for users to execute commands as a superuser or another user. This article will delve into the intricacies of why these commands are so important, assuming the reader is already familiar with the basics of sudo, su, and the sudoers file.

Why Do You Need to Perform Certain Tasks with Superuser Privileges?

1. System-Wide Changes: Certain tasks in Linux require making changes to system-wide settings or files, such as installing new software packages, modifying system configurations, and managing services.

   sudo apt-get install nginx

2. Security: Elevated privileges ensure that only authorized users can change essential system settings or access sensitive data.

   sudo cat /etc/shadow

3. Resource Allocation: Operations like assigning ports below 1024 or modifying the system clock are sensitive and hence restricted to superusers.

   sudo date --set="2 OCT 2020 18:00:00"

How Using sudo Increases System Security?

1. Limited Exposure: sudo allows a permitted user to execute a command as the superuser or another user, as specified by the sudoers file. This temporary elevation of privileges limits the exposure to security risks.

   sudo -k

2. Accountability: By using sudo, all commands executed are logged, including who ran the command. This enables easier tracking of actions and is useful for auditing purposes.

   sudo less /var/log/auth.log

3. Fine-Grained Control: The sudoers file allows you to specify which commands a user can execute, reducing the possibility of misuse of privileges.

Why Do Unix-like Systems Have the Concept of Switching Users?

1. Role Segregation: In a multi-user environment, different users have different roles and responsibilities. The su command allows one to switch users to perform role-specific tasks.

   su - postgres

2. Delegation: Sometimes it's useful to delegate certain administrative tasks to different users or roles without giving them full superuser access.

Why Running the System as the Root User is Not a Good Practice?

1. Security Risks: Operating as the root user makes the system more susceptible to malicious activities and accidental changes.

2. Accountability: Running as the root user does not provide an easy way to track who made which changes, posing challenges for system audits.

3. Potential for Mistakes: A typo or a wrong command can result in catastrophic system failures.

Ubuntu's Approach to Root User and sudo

1. Disabled Root Account: Ubuntu disables the root account by default, making it less susceptible to brute-force attacks aimed at the root user.

2. sudo for Superuser Access: Instead of using a root account, Ubuntu relies heavily on sudo for administrative tasks, allowing better control and logging.

   sudo apt update

3. Security and Simplicity: This setup minimizes the security risks associated with the root account while making the system easier to use for those familiar with sudo.

Conclusion

The sudo and su commands in Linux are more than mere conveniences; they are designed to provide a robust framework for managing privileges and ensuring system security. Understanding the why and how of these commands allows for better system administration and offers insights into the design philosophy of Unix-like operating systems.

What Can You Do Next 🙏😊

If you liked the article, consider subscribing to Cloudaffle, my YouTube Channel, where I keep posting in-depth tutorials and all edutainment stuff for software developers.