- How can I permanently grant root access to a user? [duplicate]
- 6 Answers 6
- How do I gain root privileges?
- 3 Answers 3
- Shell Script to Give Root Privileges to a User
- Method 1: Adding to Root Group using usermod
- Method 2: Adding to Root Group using useradd Command
- Method 3: Editing /etc/passwd file
- Method 4: Setting as Sudo User
- Method 5: To give root privileges to a user using a script
- Method 6: Using an interactive dialog box
How can I permanently grant root access to a user? [duplicate]
I’ve been searching for the answer to this but all I find is «It’s not a good idea» or «We don’t recommend it» and some work around solution is given. I am a new, yes. There is a good chance I could break stuff, I know. I am happy to break my OS and format it many times if it comes to that but restrictions of ANY kind on my OS enrage me. I want to be able to break stuff if I want, then learn how I broke it and how to fix it. I want the safety locks off. Please tell me how to grant a user absolute authorisation.
6 Answers 6
To give the user «foo» unlimited passwordless access to root privileges via the sudo command, edit /etc/sudoers and add the line:
See sudo(8) and sudoers(5) for more information.
As was suggested elsewhere, if you know how to use vi then it’s a good idea to use visudo to edit /etc/sudoers .
jdthood gave you an excelent tip. read this short article to find out more about the /etc/sudoers tricks :D. linuxg.net/understanding-etcsudoers-file
It is not you who is being restricted (as long as you can sudo or login as root on the command-line), but it is rather every single application you run that is being restricted.
If you give yourself root privileges, every application you run also gains complete power over your computer. That is the restriction, and saying you don’t want any restrictions placed over you is like saying you do not want to lock your bike or your door, for it places a restriction upon yourself.
I am amazed no one as of yet has tried to offer you that insight.
This is exactly what I was trying to go for with my comment on another answer. The reason for the restriction by the Ubuntu devs is not because they think all users are inept; if that were the case, sudo would be disabled too. It’s about giving the user the power to selectively give applications more privileges. and keeping the «bad ones» (be they buggy or malicious) from messing everything up à la Windows XP.
@IchimitchHamono You have root access? Sudo access? You have unrestricted access then. If that isn’t what you EXPECT it to be, that’s your lack of understanding and inability to learn. I bet money, that just like Android/iOS, you’ll have to «Root» or «Jailbreak» before you’ll get unfettered access on a Steam Box — Linux OR Windows. If typing «sudo», or learning how to edit /etc/sudoers, is too much restriction for you. You won’t enjoy your future. Don’t like it? Build your own OS — or find a Distro that doesn’t have Sudo (or similar) installed.
@IchimitchHamono: by your own admission, you are new to this. That’s completely fine. I even think your question is valid, and interesting. However, your sheer disinterest in finding out why it’s not a good idea to actually do this, finding out why you only find posts saying «we don’t recommend» it, astonishes me.
Linux, and by extension, UNIX, was designed from the get-go as a multi-user operating system, fit for use in networks. Restricting user access is a logical implication of that design. As such, it is deeply embedded in the whole OS and applications that use it. Out of interest, what did you end up doing? Somehow allowing root to log in in a graphical environment?
Being a noob, you should better use visudo instead of editting /etc/sudoers on your own, at least because:
- It checks that no one is using the /etc/sudoers file at the same time.
- When you have finished, it checks the file for making sure it’s fine.
ok, this comes from my hacker days of trying everything in the system to see what it did.
There is a file /etc/passwd that famously holds passwords (or a marker to signify shadow passwords).
In that file, you will see something like this:
root. 0:0::/:/usr/bin/ksh daemon. 1:1::/etc: bin. 2:2::/bin: sys. 3:3::/usr/sys: adm. 4:4::/var/adm: uucp. 5:5::/usr/lib/uucp: guest. 100:100::/home/guest: nobody. 4294967294:4294967294::/: lpd. 9:4294967294::/: lp:*:11:11::/var/spool/lp:/bin/false invscout:*:200:1::/var/adm/invscout:/usr/bin/ksh nuucp:*:6:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucico paul. 201:1::/home/paul:/usr/bin/ksh jdoe:*:202:1:John Doe:/home/jdoe:/usr/bin/ksh
the two sections that are interest to us are the numbers in position 3 and 4. the first one is the user ID, the second is the group. Notice that in this installation (and most installations) the values for root are both 0
If you use su or sudo to edit this file, and change the numbers on your user ID to be the same as root, then you will become root. (also, you will not be able to use rmuser on your ID, as it is now considered essential to the system)
How do I gain root privileges?
How do I gain root privileges in Ubuntu Desktop 12.04? I installed to a USB stick to try it out. Now when I installed it on a VM, I don’t have the same options as I did on the USB stick, such as opening remote desktop, installing drivers, and some of the video capabilities.
Info from help.ubuntu.com/community/RootSudo «By default, the Root account password is locked in Ubuntu. This means that you cannot login as Root directly or use the su command to become the Root user.» Instead, use sudo. Example: help.ubuntu.com/community/RootSudo#sudo
3 Answers 3
There are 2 ways to do things with elevated permissions.
sudo lets you run commands in your own user account with root privileges.
su lets you switch user so that you’re actually logged in as root. But this options is by default disabled on Ubuntu. Instead you can simply start a root shell with sudo -i .
Use either method only as and when needed, they can cause your system damage if used without caution.
sudo -i is the typical way to get a ‘rootshell’ on an Ubuntu box. It will log everything you do as your original user account, but you’re acting as root.
This should make you root after you enter your user’s password, assuming you were the first account to be created. Be careful when you’re root. Only login as root when you really need to, and logout as soon as you’re done.
Alternatively you can run specific commands with root privileges by prepending them with sudo . For example:
You cant gain something you already have. If you can use sudo, than you dont need to gain it.
Ua, excuse me. But sudo is not how you «gain» root privileges. sudo is used when you already have root level access from the admin group and want to use it.
The question implies «gain» as something that you do not have. Probably not written correctly.
Common Example: So you need sudo, or root on your computer but you can’t use sudo BECAUSE you need to «gain» the privilege because you accidentally locked your self out etc. by editing sudoers and removing yourself because you thought you could login as root on Ubuntu.
sudo doesn’t solve everything. And you can’t gain something you already have.
Shell Script to Give Root Privileges to a User
The sudo command is the most powerful command in Linux. It provides a mechanism for granting administrator privileges, using administrator privileges a normal user can do whatever he wants with the file system of the installed Linux system. Using sudo we can modify our system.
Method 1: Adding to Root Group using usermod
usermod command in Linux is used to modify the user account. Using usermod command we can assign groups, permissions to a specific user. There are mainly 7 groups in the Linux file system, these are as follows:
To add a user to root using usermod, we have to run the following command in the terminal.
Here, the –G flag stands for Group and the root is the group for new user1.
To add an existing user to the root group, follow the following command:
Here, the -g flag stands for Group id, and 0 represents the root group id, and the -o flag is for the existing user.
Method 2: Adding to Root Group using useradd Command
useradd command can be used to create a new user or update default new user information. It is a low-level utility for adding users. To add a user to the group using the useradd command, simply run the following command in your terminal.
Here, the –m flag is used to create the user’s home directory if it does not exist, and the -G flag represents the group.
Method 3: Editing /etc/passwd file
Open up the passwd file using any text editor, and change the group user id to 0 which represents root permission.
Run the following command in the terminal :
Then modify the following permission for the user whom you want to give root access to.
Before giving root permissions:
root:x:0:0:root:/root:/bin/bash user:128:128:user
After giving root permissions
root:x:0:0:root:/root:/bin/bash user:0:0:user
Here, if you see clearly we have modified line 2 that has the user whom we want to give root access, previously it has a value of 128 which is not a group ID for root. So we modified that line and replace the value with the 0, which represents the root group. After that, save the file and reboot your system.
Method 4: Setting as Sudo User
To add a user to sudo user, we can modify the sudoers file located at /etc/sudoers. Open up the sudoers file using any text editor and add the following line at the end of the file to add a user to the sudo user.
Here, ALL represents that we are giving all(full permissions) to the user i.e. the user can run any command and the user just has to authenticate.
- The first ALL is all hosts. i.e. if you have shared this sudoers file to many computers
- The second ALL is the user as you are running the command
- The third ALL is that user can run the command.
Method 5: To give root privileges to a user using a script
To give root privileges to a user while executing a shell script, we can use the sudo bash command with the shebang. This will run the shell script as a root user.
#!/usr/bin/sudo bash . The rest of the shell script goes here .
Shell Script to make directory using root privileges:
#!/usr/bin/sudo bash echo "Enter a directory name" read newdir `mkdir $newdir`
Save the above script as geeks.sh, to run the script type the following command in the terminal:
Method 6: Using an interactive dialog box
We can use a tool called whiptail to create an interactive dialog box. To install this tool, run the following command in your terminal:
sudo apt install whiptail
#!/usr/bin/bash # saving user's name in me variable me="$(whoami)" # Checking that the script is running as root. # entering in if case if [ "$(id -nu)" != "root" ]; then # resetting cached credentials sudo --reset-timestamp # creating a dialog box to enter user password pswd=$(whiptail --title "GeeksforGeeks Authentication Script" \ --passwordbox "To run this script, administrative privilege is \ required. \n[sudo] Password for user $me:" 14 52 3>&2 2>&1 1>&3-) # executing the script with the password entered by user exec sudo --stdin --prompt '' "$0" "$@"In this script firstly we have created an interactive dialog prompt box for the user to enter the sudo password, then running the script with sudo permissions. Firstly, we are saving the user’s name in me variable for displaying the name in the interactive dialog box. Then using the id command with the if statement we’re checking if the running script is using the root permission, if not we are entering the if statement. Using sudo –reset-timestamp will clear the previously saved credentials and ask for the root password again. Then we have used the whiptail command to add a title, a password box in the interactive dialog box. Here 14 and 52 are the height and width of the dialog box respectively.
“3>&2 2>&1 1>&3-“, we are swapping stdout and stderr.
The 3>&2 in the script will create a new file descriptor and redirect it to 2 which is stderr. Now 2>&1 will redirect the file descriptor 2 to stdout and 1>&3 will redirect file descriptor 1 to 3 which is stdout. And save the password into pswd variable.
If the user enters the wrong password 3 times, we are exiting the script and displaying exit code 1. And after finishing the if block, we can do the stuff that needs root permission. In this script, we are creating a folder after getting root permission.