Sudo, Fedora & Ubuntu

I have been a faithful Fedora User for years. In fact, choosing my preferred OS was never by my choice but my working environment. Different stages in my career selected the OS for me. When I graduated with the bachelor, the only OS I had experienced was Windows. But my worst nightmare came to live when I joined my first job as an associate software engineer.  The working culture demanded me to use Linux which I haven’t touched before (sort of heard though). But sooner I realized how awesome it was to work with Linux. I am quite sure this is the same case with every career beginner where you’ll be pushed into the deep ocean while you have only experienced your tub bath. Anyway, now I’m in the research field and I am using Ubuntu most of the times.

Technology changes with the time. I used to use Linux dual boot with Windows. Then, the era of virtual machines came. Now, I am using Windows Subsystem for Linux (WSL). I’ll cover about subsystem Linux in a later post. I found that sudo permission acting differently on Ubuntu and Fedora. Here, I want find why is that?

How does Linux system manage it’s Users?

The “Everything is a file” phrase defines the architecture of Linux. Users: No exception for you. So which file defines the user access. That is famous “/etc/passwd” file. Well “passwd”file at location “/etc” to be exact. Probably the most famous file in the world. Where all eye’s of evil always looking for (I mean Hackers). When the attacker get the access to this holy grail of Linux she can what ever she would wish for.

Not quite true??? Is it? Not really. Linux has a different file to store the hashed password called “shadow”.It is located in the same location but only accessible to root. More information to follow on this regard.

So, what’s in the passwdfile?

Fig 01 : /etc/passwd file

A local user can print the content either by using

cat /etc/passwd OR getent passwd

If you’re not the user root you cannot read the shadow file in the same way.

Note : How does Windows manage Users? Windows uses Security Account Manager (SAM) which is a database that stores users’ passwords. It can be used to authenticate local and remote users. Beginning with Windows 2000 SP4, Active Directory authenticates remote users. SAM uses cryptographic measures to prevent unauthenticated users accessing the system.

Note : How does Windows manage Users?

Windows uses Security Account Manager (SAM) which is a database that stores users’ passwords. It can be used to authenticate local and remote users. Beginning with Windows 2000 SP4, Active Directory authenticates remote users. SAM uses cryptographic measures to prevent unauthenticated users accessing the system.

https://en.wikipedia.org/wiki/Security_Account_Manager

What is in the passwd file?

Let’s consider the first record of our snapshot.

Fig 02: content of passwd file
  1. Username: It is used when user logs in. It should be between 1 and 32 characters in length.
  2. Password: An x character indicates that encrypted password is stored in /etc/shadow file. Please note that you need to use the passwd command to computes the hash of a password typed at the CLI or to store/update the hash of the password in /etc/shadow file.
  3. User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs1-99 are reserved for other predefined accounts. Further UID 100-999 a rereserved by system for administrative and system accounts/groups.
  4. Group ID (GID): The primary group ID (stored in /etc/group file)
  5. User ID Info: The comment field. It allow you to add extra information about the users such as user’s full name, phone number etc. This field use by finger command.
  6. Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes /
  7. Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell. Please note that it does not have to be a shell.

When we first install Linux we create a local user. But local user cannot control everything in the system. For certain tasks the user should have the sudo capability or you have to be the root user. If the system installation did not prompt for adding root how do we do that. This is how.

First, let’s see what is sudo?

Sudo stands for either “substitute user do” or “super user do”. There are two ways to run administrative applications in Linux. You can either switch to the super user (root) with the su command, or you can take advantage of sudo. How you do this will depend upon which distribution you use. Some distributions enable the root user (such as Fedora, Red Hat, openSuSE), while some do not (such as Ubuntu and Debian). There are pros and cons for each.


More information can be found on


https://www.linux.com/learn/linux-101-introduction-sudo

There you go.  Ubuntu users do not get the sudo permission by default. And Ubuntu has no password set for user root either. So, we need have a way to get the sudo permission to our users. Here is how you make a sudo user.

First thing is first. Let’s set a password to root using your local user.

sudo passwd root

Enter your local user’s password first. Then enter new password for root and confirm password.

Next, Let’s give permission to your existing local user to execute commands as the super user.

sudo usermod -a -G sudo hduser

We added the User. Whatdo we do when we no longer need it? As a regular user with sudo privileges, youcan delete a user by

sudo deluser --remove-home <username>

That’s it for today folks. Stay tuned to VisitWicky!

1 Comment on "Sudo, Fedora & Ubuntu"

  1. This is my first time go to see at here and i am genuinely happy to read everthing at single place. Goldia Monti Schoof

Leave a comment

Your email address will not be published.


*