Almost every Linux OS has a root account that is used for doing things that require elevated privileges. It's the first account created on the system and when the OS boots up a lot of activities it performs in the very beginning requires this elevated privileges. This user has every single access across your system.
We need this root level access when installing a software or configuring a hardware, drivers, etc. Otherwise, we shouldn't be using this account at all. Because there are chances of making mistakes at the root level can be quite risky!
So the key is we don't need to log-in as root. We should rather be able to perform certain actions as root by temporarily becoming root.
On Red Hat based systems (such as Red Hat, Fedora, CentOS), you are required to create a root user when installing the OS. This account is separate from the user account.
On Debian-based systems (such as Ubuntu, Kali, Linux Mint), it creates a user during installation and gives the elevated privileges. You can perform tasks that require system level privileges with
In some systems like Red Hat and CentOS, you are required to login as root at least once and modify the
/etc/sudoers file to set up
sudo for a user.
/etc/sudoers file lists all the users who have
sudo permission. Though you can directly modify this
/etc/sudoers file, the challenge is if you accidently make a mistake, you would break
sudo. So it is recommended to use the
visudo utility. It does the syntax checking before applying the update.
In the above example, the user, amit, can run the login from any host (both local and remote) and impersonate as anyone (can be root or any user in the system), and run any command he wants.
In the above example, the user,
sumit, has permission to run only one command (i.e.
Here’s a breakdown of the granted
[username] [any-hostname]=([run-as-username]:[run-as-groupname]) [commands-allowed]