Using Super User

Super User

Anyone who knows their way around a computer and is used to Windows systems will be familiar with the Administrator account. This basically allows them to install programs and perform system tasks that ordinary user accounts don't have access to. On a Linux system, the administrative account is known as “Super User” or “Root”.

On most Linux distributions, you type in su and then enter your administrator password to access Super User. On a few, like Ubuntu and Knoppix, there is no root password and sudo is used to administrate the system. You can still access the root by typing sudo su in Terminal. When you are logged in as root, the dollar sign ($) is replaced by a pound sign (#) in the command prompt. If you want to check whether you're logged in as root, type in whoami. If the Terminal replies with “root”, that's where you are.

Security Risks

Let's face it, cybercriminals are getting more clever all the time. They're figuring out how powerful Linux can be, especially if they can get access to your administrator privileges. Both su and sudo are workarounds for this problem, as hinted by the fact that the su part actually stands for “substitute user”. You're basically just taking on extra administrative tasks on your own account. However, don't take that for granted because root can be hacked. That means following all the common sense rules you've ever learned about securing your computer.

Do you suspect that somebody's trying to hack your root? The system automatically logs unsuccessful attempts to use su and sudo. To track unusual activity that includes information about who tried to access sudo and when, take a look at the log file in the /var/log directory. This file is saved as messages, syslog or auth.log. You can access this file by typing less /var/log/auth.log. This is especially useful for tracking down employees who keep trying to use Super User for suspicious activity like trying to install unauthorized software.

A very useful thing to do is to look at the file called visudo in the /usr/sbin directory. By opening it in root with the command EDITOR=pluma /usr/sbin/visudo, you can see details like the user privilege specification (root) and who can gain access to root privileges (usually %admin by default). It can be edited to add users to the sudoers file, which is a list of people who can use sudo, by finding the line that says, "# User privilege specification" and, under that line, replacing root ALL=(ALL) ALL with user ALL=(ALL) ALL, replacing user with the username you want to have root access, and then saving the file. If you made a typo, it will give you an error and What now?You're thinking about becoming a Linux pro, aren't you?

Prove that you know Linux with this certification.