To root or Not to root?
As we discussed earlier in this book, every Linux system, whether a
workstation or a server, includes a default superuser account named
root. This account has full access to every aspect of the system. As
such, it should be used with great care. In this part of this chapter,
we’ll discuss the following:
• Proper use of the root user account
• Using su
• Using sudo
Let’s begin by discussing the proper way to use the root user account.
Proper Use of the root User Account
One of the key mistakes made by new Linux users is excessive use of
the root user account. There’s a time and a place when the root user
account should be used. However, most of your work on a Linux system
should be done as a non-root user account. The rule of thumb that you
should follow is this: only use root when absolutely necessary. If a
task can be completed as a non-root user, then it should be done so.
Why is the proper use of the root user account of concern? A few pages
back, we discussed the risks of leaving a logged-in system unattended.
Imagine the havoc an intruder could wreak if they were to happen upon
an unattended system that was logged in as root! All of the data on
the system could be accessed and copied. Major configuration changes
could be made to the daemons running on the system. Heaven only knows
what kind of malware could be installed.
In a nutshell, a system logged in as root represents a serious
security risk. Leaving such a system unattended represents a critical
security risk. Everyone, including the system administrator (that’s
you!), should have a standard user account that they always use to log
in to the system.
If you find that you need root-level access while working on the
system, you can use the su command to temporarily gain root-level
privileges to the system. Let’s discuss how this is done next.
Using su
By now, you should already know how su works. We’ve used it countless
times in this book’s exercises. This command allows you to change to a
different user account at the shell prompt. The syntax for using su is
su options user_account
If no user account is specified in the command, su assumes you want to switch to the root user account. Some of the more useful options you can use with su include the following:
• –
Loads the user’s environment variables. Notice that we’ve always
used the su – command to switch to the root user account. This changes
to root and loads root’s environment variables.
• –c command
Switches to the user account and runs the specified command.
• –m
Switches to the user account but preserves the existing environment variables.
The su command will be your best friend as a Linux administrator.
However, there are times when other users may need root-level access.
You can use sudo to give them limited root access. Let’s discuss how
sudo works next.
Using sudo
Suppose you have a power user on your Linux system. This user may be a
programmer, a project manager, or a database administrator. Users in
this category may frequently need to run some root-level commands. But
do you really want to give them your root password? Probably not. You
want them to be able to run a limited number of commands that require
root privileges, but you don’t want them to have full root access.
This can be done using sudo.
The sudo command allows a given user to run a command as a different
user account. As with su, it could be any user account on the system;
however, it is most frequently used to run commands as root. The sudo
command uses the
/etc/sudoers
file to determine what user is authorized to run which commands. This file uses the following aliases
to define who can do what:
• User_Alias Specifies the users who are allowed to run commands
• Cmnd_Alias Specifies the commands that users are allowed to run
• Host_Alias Specifies the hosts users are allowed to run the commands on
• Runas_Alias Specifies the usernames that commands may be run as
To edit your
/etc/sudoers
file, you need to run the
visudo
command as your root user. The /etc/sudoers file is loaded in your default editor, which is usually vi. Your changes are written to
/etc/sudoers.tmp
until committed. This is shown in Figure 17-3.
On most distributions, the sudoers file is configured by default such
that users must supply the root password when using sudo. Obviously,
this configuration doesn’t accomplish anything. If the user already
knows the root password, what’s the point of configuring sudo? This
configuration is specified by the following lines in sudoers:
# In the default (unconfigured) configuration, sudo asks for the root password.
# This allows use of an ordinary user account for administration of a freshly
# installed system. When configuring sudo, delete the two
# following lines:
Defaults targetpw # ask for the password of the target user i.e. root
ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults
targetpw'!
1.
To fix this, comment out the two lines specified here in the sudoers
file. Then you can begin your sudoers configuration in the file.
First, you need to use User_Alias to define an alias containing the
user accounts (separated by commas) you want to allow to run commands.
The syntax is
User_Alias alias = users
For example, to create an alias named PWRUSRS that contains the tux,
rtracy, and ksanders user accounts, you would enter the following in
the /etc/sudoers file:
User_Alias PWRUSRS = student, ksanders, rtracy
TIP All alias names must start with a capital letter!
2.
You next need to use Cmnd_Alias to define an alias that contains the
commands (using the full path) that you want the users you just
defined to be able to run. Separate multiple commands with commas. For
example, if your users are programmers who need to be able to kill
processes, you could define an alias named KILLPROCS that contains
your kill command, as shown here:
Cmnd_Alias KILLPROCS = /bin/kill, /usr/bin/killall
3.
Then you need to use Host_Alias to specify what systems the users can
run the commands on. For example, to let them run the commands on a
system named WS1, you would use the following:
Host_Alias MYHSTS = openSUSE
4.
Finally, you need to glue these aliases together to define exactly
what will happen. The syntax is
User_Alias Host_Alias = (user) Cmnd_Alias
Using the aliases just defined, you could allow the specified users to
run the specified commands on the specified hosts as root by entering
PWRUSRS MYHSTS = (root) KILLPROCS
To exit the editor, press esc and then enter :exit.
The visudo utility will check your syntax and inform you if you’ve made any errors. At
this point, the users you defined can execute the commands you
specified as root by entering sudo command at the shell prompt.
For example, the rtracy user could kill a process named vmware-toolbox
(owned by root) by entering
sudo killall vmware-toolbox
at the shell prompt. After the rtracy user supplies his password, the process will
be killed.
LX0-104 Exam Objectives (V and U, 323, 647 - 689)
No comments:
Post a Comment