LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-19-2014, 01:17 PM   #1
sigint-ninja
Member
 
Registered: Feb 2011
Location: Republic Of Ireland
Distribution: Debian,Centos,Slackware
Posts: 473

Rep: Reputation: 29
A question about root


hi guys,

if a user belongs to the root group does that just mean he can access/write to every file on the system, but the system will still ask you for the root password when security is a concern (installing etc) just wanted to clear it up...thanks
 
Old 03-19-2014, 01:47 PM   #2
rickyraccoon
LQ Newbie
 
Registered: Mar 2014
Posts: 3

Rep: Reputation: Disabled
As far as I know you MUST be the user "root" to do certain things, period. I believe every file/directory has "owner," "group," and "everyone" with permissions like "none," "read-only", and "read/write." I don't know how to use the console very well anymore because I had a stroke, take psych-meds, and have not used Linux for almost 10 years but plan on trying to refresh my memory as best I can with openSUSE, Ubuntu, and Puppy Linux.
 
Old 03-19-2014, 01:51 PM   #3
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,143
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
If possible please read about sudo.
Please provide some more information along with an example.
We want to know what you trying to achieve.
 
1 members found this post helpful.
Old 03-19-2014, 01:55 PM   #4
rickyraccoon
LQ Newbie
 
Registered: Mar 2014
Posts: 3

Rep: Reputation: Disabled
thx for your correction

Quote:
Originally Posted by sigint-ninja View Post
hi guys,

if a user belongs to the root group does that just mean he can access/write to every file on the system, but the system will still ask you for the root password when security is a concern (installing etc) just wanted to clear it up...thanks
Thanks for the correction -- I really am hungry for Linux whenever I feel up to it... I used to be considered a senior member as fatpigjoke or something like that in High-School about 10 yrs. ago...
 
Old 03-19-2014, 01:56 PM   #5
snowpine
Senior Member
 
Registered: Feb 2009
Posts: 4,184

Rep: Reputation: 1168Reputation: 1168Reputation: 1168Reputation: 1168Reputation: 1168Reputation: 1168Reputation: 1168Reputation: 1168Reputation: 1168
Arch Wiki has a good introduction to the concept of users and groups: https://wiki.archlinux.org/index.php/Users_and_groups

To answer your specific question, as I understand it, each user in Linux has a group. (For example when I create the user "snowpine" I also create a group called "snowpine" containing the user.) So, to the extent there is a user named "root" there must also be a group called "root."

It varies from distro to distro, but these days, "best practice" is typically to add your administrative users to the "sudo" or "wheel" group (not the "root" group).
 
Old 03-19-2014, 02:01 PM   #6
jdkaye
LQ Guru
 
Registered: Dec 2008
Location: Westgate-on-Sea, Kent, UK
Distribution: Debian Testing Amd64
Posts: 5,464

Rep: Reputation: Disabled
No, it doesn't. It depends on the permissions set for a given file or folder. You can give root privileges to a user via the sudoers file or else just execute the su command from the console. You will give the root password only once and run programs as root until you logout.
jdk
 
Old 03-19-2014, 02:42 PM   #7
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 3,401

Rep: Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489
The group "root" has no special significance to the kernel. Of course any specific file or directory can grant permissions to the "root" group, just like any other group ID. It is possible that some privileged commands might allow certain functions for members of the "root" group and not for others, but that is decided in the code for that executable. An example of something similar is that on some systems you have to be a member of the "wheel" group (and know the password) in order to su to the "root" UID.
 
Old 03-19-2014, 03:21 PM   #8
jamison20000e
Senior Member
 
Registered: Nov 2005
Location: ...uncanny valley... infinity\1975; (randomly born:) Milwaukee, WI, US, Earth, end border$! ◣◢┌∩┐ Fe26-E,e...
Distribution: any GPL that works well on my cheapest; has been KDE or CLI but open... http://goo.gl/NqgqJx &c ;-)
Posts: 3,514
Blog Entries: 2

Rep: Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048
Hi. Here I was hoping to learn about sarsaparilla or something... I always have to do something like:best wishes and have fun.
 
Old 03-19-2014, 04:36 PM   #9
sigint-ninja
Member
 
Registered: Feb 2011
Location: Republic Of Ireland
Distribution: Debian,Centos,Slackware
Posts: 473

Original Poster
Rep: Reputation: 29
hi jamison20000e so thats adding me to the sudo group right...so i can run as root via sudo...

the point i was trying to make is that Linux doesnt work like a windows system in regard to users and groups right? eg: you cant install programs using the guest account in windows, yet i can add a domain account to local administrators and have full access...does linux always prompt for root password regardless of what group/s you belong to ie: root group?

thanks for all the input
 
Old 03-19-2014, 05:09 PM   #10
jamison20000e
Senior Member
 
Registered: Nov 2005
Location: ...uncanny valley... infinity\1975; (randomly born:) Milwaukee, WI, US, Earth, end border$! ◣◢┌∩┐ Fe26-E,e...
Distribution: any GPL that works well on my cheapest; has been KDE or CLI but open... http://goo.gl/NqgqJx &c ;-)
Posts: 3,514
Blog Entries: 2

Rep: Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048
Quote:
Originally Posted by sigint-ninja View Post
hi jamison20000e so thats adding me to the sudo group right...so i can run as root via sudo...hi jamison20000e so thats adding me to the sudo group right...so i can run as root via sudo...
...
Yes.

I read somewhere (probibly here at LQ) recently that microcoughed-winblow$ has two or three layers to it and the average Linux triples that hence the security and stability if you do things right.

Last edited by jamison20000e; 03-19-2014 at 05:10 PM.
 
Old 03-19-2014, 05:37 PM   #11
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836
Quote:
Originally Posted by snowpine View Post
To answer your specific question, as I understand it, each user in Linux has a group.
Any user can in fact belong to many groups, but there is one main group any user belongs to.
Quote:
(For example when I create the user "snowpine" I also create a group called "snowpine" containing the user.)
This is distro dependent behavior. While this is for example standard behavior for Debian systems (any creation of a user also creates a group, if not specified differently), it is not true for Slackware, where all users by default have the same main group "users".
Quote:
So, to the extent there is a user named "root" there must also be a group called "root."
Not really. Like any other user the root user also needs a main group, but that this group is also called root is just a convenient convention.

To answer the question: The root group works like any other group: If the group part of the permissions of a file owned by the root group allows the group to execute, write or read a specific file then any member of that group has the permissions to do that. Of course nothing prevents an executable to do additional checks if you are the root user (which indeed many programs and scripts that are intended to run as root do), so that being a member of the root group will not help in such a case.

Regarding Windows: Actually, by default the Windows permission system is better than plain Linux/UNIX permissions. The lack of fine grained control is why things like ACL where invented, in use in Windows since Windows NT, often not used, despite being widely available, on Linux systems. The real problem with Windows security is not the lack of security mechanisms, but that they are disabled by default and most people are not willing to learn how to properly configure a Windows system (and FWIW, also not their Linux systems). Though a very common misconception, even among long time Linux users, Linux is not by default more secure than Windows.

Last edited by TobiSGD; 03-19-2014 at 05:38 PM.
 
Old 03-19-2014, 05:55 PM   #12
jamison20000e
Senior Member
 
Registered: Nov 2005
Location: ...uncanny valley... infinity\1975; (randomly born:) Milwaukee, WI, US, Earth, end border$! ◣◢┌∩┐ Fe26-E,e...
Distribution: any GPL that works well on my cheapest; has been KDE or CLI but open... http://goo.gl/NqgqJx &c ;-)
Posts: 3,514
Blog Entries: 2

Rep: Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048Reputation: 1048
I would think Linuces can be more secure in the long run and for "free\dom."
 
Old 03-19-2014, 06:07 PM   #13
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836
I just wanted to clarify the misconceptions. It is a widely distributed mistake, especially by people not using Windows, that Windows by definition has to less secure than Linux, while that simply isn't the case. A well configured Windows system can be as secure as a well configured Linux system. It mostly depends on the capabilities of the administrator how secure a system is, not on the underlying OS.
 
1 members found this post helpful.
Old 03-19-2014, 06:18 PM   #14
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 3,401

Rep: Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489Reputation: 1489
Quote:
Originally Posted by TobiSGD View Post
The real problem with Windows security is not the lack of security mechanisms, but that they are disabled by default and most people are not willing to learn how to properly configure a Windows system (and FWIW, also not their Linux systems). Though a very common misconception, even among long time Linux users, Linux is not by default more secure than Windows.
Aren't you contradicting yourself there about the default security level?
 
Old 03-19-2014, 08:21 PM   #15
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836
Quote:
Originally Posted by rknichols View Post
Aren't you contradicting yourself there about the default security level?
No, just because there is no default Linux. Just start a Puppy Linux and look at its default security level, running everything as root. Look at a default Slackware (Arch, Gentoo, ...) installation, having only the root user (or the likes of Ubuntu, giving the first created user full rights using sudo without ever asking the user if that is what the user wants).
So even when Windows by default has most of its security systems disabled, Linux is by default not more secure, just because it is Linux. You may have a distribution where that is indeed the case (I believe Fedora and openSuse are pretty good at that), but there is no guarantee for that. Security is still a process, not a product. A process that involves the education of the system admin, regardless if the admin is the user and regardless which is the OS in use.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
question about root biojayc Linux - Software 6 04-06-2005 10:58 PM
root question. ratatat Linux - Newbie 7 12-27-2004 02:57 PM
Root question RockmanExe Mandriva 5 08-29-2003 03:43 PM
root question Xris718 Linux - General 6 07-15-2003 02:25 AM
root question spuppett Linux - General 4 03-01-2003 05:18 PM


All times are GMT -5. The time now is 01:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration