Now: Tutorial for Web and Software Design > OS > Linux > OS Content
> Using the Root Account on Debian [Bookmark it]
Using the Root Account on Debian

Using the Root Account on Debian

Configuring sudo

The /etc/sudoers configuration file controls the use of sudo. You should never edit the file directly, but only through the use of the visudo command. The expression of permissions in sudoers is very flexible, allowing a tight degree of control over what others can run.



For example, to give the user fred the ability to run the kill program as root, add the following line to sudoers.

fred      ALL = /usr/bin/kill

The ALL means that the command can be run on any machine, which is useful if you are sharing the sudoers configuration over multiple machines on a network. The manual page describes the sudoers file format in detail; read it with man sudoers. Its very powerful flexibility allows fine-grained control over the allocation of privileges to users.

If you are happy with sudo, you may wish to disable root's password completely, meaning that everybody must use sudo to execute privileged commands. Do this with sudo passwd -l root. To reverse the process, run sudo passwd -u root.

Should I Really Always Use sudo?

One or two problems that arise from relying on sudo exclusively can mean you need to be careful. These coincide with the use of systems such as NIS or LDAP to control user accounts--these systems use (possibly remote) databases to provider user information. If an operation you run under sudo causes these services to fail, you will not be able to run sudo again to get out of the mess, due to the system's not being able to find information on your user account.

The answer to this is either to not disable the root login, to perform such dangerous operations in a root shell, or to use sudo -s to start a root shell session. Although such situations are rare, you should be aware of this risk, especially when running a development version of Debian, where failure during software upgrade is a possibility. Also, you can configure NIS or LDAP to fall back to a local user database, in which you can create yourself a backup account.

Finding Out More

The best way to learn about root privileges on your Debian system is to read the manual pages for su and sudo. Do this with the man command.

Edd Dumbill is editor at large for O'Reilly Network and coauthor of Mono: A Developer's Notebook. He also writes free software for GNOME and packages Bluetooth-related software for the Debian GNU/Linux distribution. Edd has a weblog called Behind the Times.

Return to the Linux DevCenter.

Prev  [1] [2] 
[Bookmark][Print] [Close][To Top]
  • Prev Article-OS:

  • Next Article-OS:
    • Related Materias
    How to Deploy Software Usi
    Top 10 Tips for Using Wind
    Mastering Windows New Fire
    Creating Visual Studio Pro
    Implementing Mandatory Roa
    Better Registry Searching
    Windows XP File Sharing My
    Using Data Compression in 
    Building Photo Uploaders w
    Windows XP File Sharing My
    Topics
    Photoshop Tutorial
     

    Special Effect
      3D Effect
      Photoshop Articles
    Programming Tutorial
     

    C/C++ Tutorial

      Visual Basic
      C# Tutorial
    Database Tutorial
     

    MySQL Tutorial

      MS SQL Tutorial
      Oracle Tutorial
    Graphic Design Tutorial
     

    Coreldraw Tutorial

      Illustrator Tutorial
      3D Graphics Articles
    Webmaster Articles
     

    Domain Service

      Web Hosting
      Site Promotion
    Java Tutorial&Articles
     

    Java Servlets

      JavaEE Tutorial
     

    JavaBeans Tutorial

    XML Tutorial&Articles
     

    XML Style Tutorial

      AJAX Tutorial
      XML Mobile
    Flash Tutorial&Articles
     

    Flash Video

      Action Script
      Flash Articles
    OS Tutorial&Articles
     

    Linux Tutorial

      Symbian Tutorial
      MacOS Tutorial