| Why is there a specific account called root in Linux ? How to use the root account? In which scenarios must it be used and in which scenarios cannot it be used? If you are interested in the above questions, please continue reading. |
In this article, we provide some references about the root account for your convenience.
what is root?
First, keep this in mind that in Unix-like operating systems, directory hierarchies are designed as trees. The home directory is a special directory, represented by a slash / , and other directories are branched from the home directory. Since this structure is very similar to a tree in reality, / is also called the root directory.
Below, we can see the output of the following command :
$ tree -d / | less
This command is mainly to demonstrate the analogy between the root directory and the tree root.
Linux directory hierarchy
Although the reason for the root account name is not very clear, it may be because the root account is the only account that has write permissions in the root directory.
Also, because the root account has access to all files and commands in a Unix-like operating system, it is often referred to as a superuser.
In addition, the root directory and the directory should not be confused, the root directory is the home directory of the root account. In fact, the root directory is a subdirectory of the root directory /.
Get root privileges
When we speak of root (or superuser) privileges, we mean the privileges of an account whose privileges on the system include (but are not limited to) modifying the system and granting other users access to system resources.
Indiscriminate use of the root account can cause system crashes or complete system failures. That's why it is said that the following guidelines are the correct posture to use the root account:
First, use the root account to run the visudo command to edit the /etc/sudoers file, and grant the minimum superuser privileges to the specified account (eg supervisor).
The minimum superuser permissions can include, for example: permissions to add users (adduser), modify users (usermod), etc.
Next, log in with the supervisor account and use sudo to perform user management tasks. At this point, you may find that when you perform other tasks that require superuser privileges (eg: removing packages), they fail.
Running commands without superuser privileges
When superuser privileges must be used, repeat the above two steps. Once the execution is complete, immediately use the exit command to return to the account without special restrictions.
At this point, you need to determine whether other periodic tasks require superuser privileges? If necessary, in /etc/sudoers , grant the necessary permissions to the specified account or group, and try to avoid using the root account directly.
Summary
This article can be used as a simple reference for the correct use of the root account in Unix-like operating systems. Bookmark it so you can read it anytime!