Ubuntu and Associated Distributions/su and sudo
QUESTION: hi how r u?Iv got a question.Ive been googling su and sudo.Do they differ depending on the distribution.Ive often heard that su stands for supeuser or switch user.And sudo is super doer.Ive noticed that almost all the distribution when you install linux ask for a root password.And a user password.The only one that didnt ask for it was ubuntu.I believe that this root password.Is actually the password for the su command.Once you go to terminal and type in su it seems to ask for a password and i think that root password that you ask for is the password that you it uses.
.Ive been playing with centos and ubuntu mostly.When it comes to installing packages i keep seeing the command sudo being used examples for ubuntu sudo apt-get update,sudo apt-get install apache2,sudo apt-get install mysql-server libapache2-mod-auth-mysql php5-mysql,sudo apt-get install php5 libapache2-mod-php5 php5-mcrypt,
and for centos sudo yum install httpd,sudo service httpd start,sudo yum install mysql-server, sudo service mysqld start,sudo yum install php php-mysql.The
problem is this I might be wrong but i want to say some sites that i googled seem to suggest using the su command in place of the sudo or just using the commands without su or sudo. examlpes yum install httpd, service httpd start, yum install mysql-server, service mysqld start, yum install php php-mysql.
.Thats where things are getting confusing to me.Knowing how and why to use the two different commands.
Im guessing the sudo command is not the same as su and su is actually the admin with all the privilges.And that sudo is a command that allows you some limited admin privilges to install software packages.My best guess also is when u run the commands without the sudo or su its because you have already logged in as su and therefore dont need to put the su command in front like the examples that i sited above yum install httpd, service httpd start, yum install mysql-server, service mysqld start, yum install php php-mysql.Am i close i ask these question because im trying to study for a job with a webhosting company that uses linux
ANSWER: Spoof User (su) let's you change the UID associated with commands issued. sudo changes the effective UID to 0 (root). su let's you spoof any user, so it changes your UID to the user you are spoofing.
The password sought when using sudo, is your user password. Ubuntu creates only a non-root account and lists that user as a sudo user. (On the other hand, the first Windows account created is an Administrator.)
Note there is a third means for sharing priviledged access, called wheel. Instead of changing the effective UID to 0 (root) it changes the UID to 10. Wheel does not give members of this group the same access as root but it is close.
For the best information in these, pick up a copy of "Essential System Administration" published by O'Reilly.
---------- FOLLOW-UP ----------
QUESTION: thank you so much for responding to my question.I will have to get the book that you are talking about.Since i wont be able to get the book in a few days to a few weeks.There is one thing that id like to clarify.If im not mistaken,you go to the terminal to log in as su.If you dont logout then
you remain as su until you log out right.I want to say to logout you just type exit.
By running su you actually log into a shell as the user you spoof, including root. Using su, there's an entry made in /var/log/auth.log. Su requires use of the root password; sudo requires use of the user's password, so the root password isn't shared. However, the root password can be changed by using sudo.
Try combinations of these to see how they function, and to see how they appear in log files. (e.g. try these:
$ sudo su -
$ su -
$ sudo cat /etc/shadow
$ su -c "cat /etc/shadow"
1 and 2 will result in a password prompt. The first pw is your user pw; the second is the root pw.
3 and 4 will cat the shadow file.
Note that the root password isn't set in Ubuntu; the root account is disabled. You can still sudo to root using this: $ sudo su -.
Hope this was useful.