Posted: . At: 11:12 AM. This was 11 years ago. Post ID: 5891
Page permalink. WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
These cookies expire two weeks after they are set.


Many different ways to switch to the root user in Linux with the terminal.

by

This is one way to switch to a root prompt. This will ask for your users password and then give you a root prompt.

homer@deep-thought ~ $ sudo -i
[sudo] password for homer: 
deep-thought ~ #

This is another method using the sudo command to run the su utility.

homer@deep-thought ~ $ sudo su -
[sudo] password for homer: 
deep-thought ~ #

Adding your user to the sudoers group is essential to be able to run the sudo command and gain elevated privileges. Use the command below to check if your user is a member of the sudoers group.

deep-thought ~ # cat /etc/group | grep sudo
sudo:x:27:homer

This is what my sudoers file looks like; you edit this file with the sudo visudo command. Otherwise you could make an error when editing the file and lock yourself out of the system.

deep-thought ~ # cat /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults	env_reset
Defaults	mail_badpass
Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 
# Host alias specification
 
# User alias specification
 
# Cmnd alias specification
 
# User privilege specification
root	ALL=(ALL:ALL) ALL
 
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
 
# Allow members of group sudo to execute any command
%sudo	ALL=(ALL:ALL) ALL
 
# See sudoers(5) for more information on "#include" directives:
 
#includedir /etc/sudoers.d

This is the output after loading the sudoers file and then exiting without saving changes. The file is loaded as a temporary file, this is scanned before saving to make sure that the file contains no errors.

deep-thought ~ # visudo
visudo: /etc/sudoers.tmp unchanged

The su -c command may also be used to run a single command as root.

homer@deep-thought ~ $ su -c '/sbin/ifconfig'
Password: 
su: Authentication failure

But this did not work due to the fact that Linux Mint 15 does not have the root account enabled. To accomplish this, type this command.

homer@deep-thought ~ $ sudo passwd root
[sudo] password for homer: 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully

Then the command may be completed successfully.

homer@deep-thought ~ $ su -c '/sbin/ifconfig'
Password: 
eth0      Link encap:Ethernet  HWaddr 6c:f0:49:b5:e6:2a  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
 
eth1      Link encap:Ethernet  HWaddr 00:13:46:3a:02:83  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
 
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:1334 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1334 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:180793 (180.7 KB)  TX bytes:180793 (180.7 KB)
 
wlan0     Link encap:Ethernet  HWaddr e0:91:f5:23:fd:ad  
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::e291:f5ff:fe23:fdad/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:80342 errors:0 dropped:0 overruns:0 frame:0
          TX packets:59933 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:96793242 (96.7 MB)  TX bytes:8551564 (8.5 MB)

If you wish to lock a root account and only use the sudo command, type this at a prompt.

homer@deep-thought ~ $ sudo passwd -l root
passwd: password expiry information changed.

Then if you try and login, you will get an error.

homer@deep-thought ~ $ su
Password: 
su: Authentication failure
homer@deep-thought ~ $

This is how easy it is to work with user accounts on Linux and UNIX. The sudo command is very powerful, but if you are on a shared computer system always close the terminal window after using the sudo command. The sudo privileges are remembered for 15 minutes so this gives added security if you close the terminal session properly. Use Ctrl-D or type exit to close the session.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.