Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
"superuser" or root has access to all files on the system. you can mess up anything when you are logged on as root. so basically you only want to use su when neccesary otherwise work in a normal account.
Basicly a superuser can set permissions for any file on your system. And thus he can read and write to any file on the system. A normal user can read most files on the system, but can only write to the files assigned to him. Mostly that's only the files in the user's home directory.
You log in as a normal user so you or any program you run can't affect the system files. This is why most "viruses" would be a great deal less potent on an average Linux system, because they are run with user permissions. They can only affect the user's personal files.
There are also some other restrictions on normal user accounts. Such as running services on low ports.
When you have the need to edit system files or run a service on port 80 for example, you use `su` or `sudo` to gain temporary root permissions.
As already mentioned, root or superuser is simply the user that "overrules" all other users. He has all privileges you can get on a Linux system. Normal users have restricted access to the system (ie no configuration of devices or network services, only access to some files).
"sudo" is a program that allows you to perform some commands as if you were root, while you're a regular user.
root however needs to set this up via a configuration file called /etc/sudoers, in which he can specify which users can execute which commands as if they were root. Needless to say, sudo access will need to be restricted
for system security.
"su", short for "switch user", allows you to change to a different user, providing you know that user's password. By default, "su" and "su -" switch to the root user. If you want to switch to a different user, you need to append the username at the end (ie "su some_user").
The "-" tells su if it needs to load the environment settings (like the .bashrc and .profile in the user's home directory) of the user you're switching to.
Internally, users are not represented by their name, but by a number, the UID (User Id). You can see these UIDs for each user in the file /etc/passwd. Commands like "ls -l" simply translate the UIDs (ie of file owner) to the human readable name quickly (and may have an option to bypass this translation for increased performance). When you run a program, this program is run under the UID that you are then under. You can see this, by looking at the output of "ps" (it lists the users that processes are running under). This information is important, for instance if the process is trying to access a file on disk, the system needs to know if the file permissions allow that, so it needs to know under which user the process is running.
When you "su" however, the system stores the UID that you were (to be able to return to the user after you "exit" from su) and changes the eUID (effective UID). When you access a file the eUID is used to check file permissions, so it's as if you have become the user you've su'ed to. If you run a program, it will also be started under your eUID, so it's as if the user you su'ed to has started the program. If you exit, the system simply resets the eUID to it's former value (which was stored) and the environment settings get reset too, because you're leaving the "su" shell (this also happens for "normal" shells: if you start a Bash shell, then enter "PATH=$PATH:/some/path"; and exit from Bash, the adjusted $PATH is also lost).
... I should note that Windows has a userid/privilege system, and a fine one. It's just usually turned-off, for some very inexplicable reason.
Oh and for some reason Windows programmers (a lot of them anyway) assume a single-user environment. Or at least an environment where everybody has admin privileges. So Windows's privilege system has become something only an advanced user would use. Because it costs a lot of effort to set up correctly.