Elevating privileges is necessary for a user to do administrative tasks without logging in as root. Logging in as root is a bad idea for security reasons. Using the su command, we can elevate privileges temporarily.
- [Instructor] We have the option to log in as a different user in Linux, but there are times where we might want to switch to a different user temporarily. Usually we do this when we want to elevate our privileges to root to run a command or access a resource. There's an easy way of telling who we are. For this, we can use the who am I command. In a terminal, type whoami with no spaces and hit enter. We have another command called logname, which at first glance, looks identical. Type in logname and hit enter.
Both whoami and logname say that I'm grant. If we were to view demand pages for both, we may be left confused. Let me explain the difference. When we log in as a user, we are that user. We can, however, use the su command to effectively switch to a new user. Type in su space root and hit enter. Type in root's password and hit enter again. You'll notice that my prompt just changed to reflect that I'm root. Type in whoami and hit enter and then type in logname and hit enter again.
Whoami says I'm root, logname says I'm grant. Think of it this way. Whoami tells us who we currently are. Logname tells us who we logged in as initially. There is another difference between logging in as root and switching to the root user. The environment. The environment is the variables and system configuration that comes with the logged in user. Type in echo space dollar sign capital P-A-T-H and hit enter. The path is a list of directories that Linux will look through to find commands.
Notice there are directories in my path with my username in them. This means that when I switch to root, I kept the grant user's environment. To exit the user that you switched to, just type in exit. You can see now from my prompt that I'm logged in as grant. Now that we're back to our user account, type in su space, hyphen, space, root. And hit enter. Type in root's password and hit enter again. Type in echo, space, dollar sign, capital P-A-T-H and hit enter.
We can see that our path is different. This time, we've inherited the root user's environment. I recommend whenever using the su command to follow it with a hyphen and type in su space hyphen. When we're done being another user, just type in exit.
- Identify what data is stored in the /etc/passwd file with the shadow suite installed.
- Name the file that Linux group password hashes are stored in when the shadow suite is installed.
- Describe how to override default account aging information.
- Explain how to elevate privileges using the sudo command.
- Name the command that a user can use to change their effective primary group.