Some distros don't let you use "su" instead of or along with "sudo"

Here is a workaround that allows you to use “su” anytime you want to:

sudo passwd
type your sudo password
type new root password
retype new root password
now type su
type new root password
now you are at a root prompt.

BE CAREFUL!!!

2 Likes

That is clever.

Solus distro does not have a root user, but you can do
sudo su
and it asks for your user password
and when you give that returns the superuser # prompt.
Crazy

1 Like

@TrekJunky
One has to install “sudo” in some Distros, in order to use “su” to navigate to the root account.
Not all Distros will let one use the user account and “sudo” to run some commands. I am
speaking mostly of Gentoo and sometimes even Arch, the two can be very strange to work with.

1 Like

@4dandl4 ,
I can remember bsd Unix with just su and no sudo available.

I could never work out why sudo was supposed to be more secure than su? A lot of these so called security things just make work.

Technically, every distribution has a root user. Even though, there are ones like for example Ubuntu, which disable logging into the plain root account. But you will always be able to use the root user as the OS administrator.

Because, when using sudo, you have to think. The set it and forget it method of doing things is really bad and can become insecure, when applied to being logged in as a root user. When using sudo manually for each command, it’s highly likely you would rather forget to prepend sudo before the command that actually needs sudo, rather than accidentally running something as root, even if you don’t need it.
When permanently logging in as root through su, you automatically run every following command as the root user.
Most users probably run at least one command in that session, that might as well have been run as a normal user. This makes it technically less secure, than using sudo, especially if you are an inexperienced user.

Perhaps some system administrators might find using sudo for every single command, constantly, annoying, when you have to deal with root all the time, anyway. However, taking myself as an example, even after all these years getting used to being logged in as the root user and mostly only running appropriate commands in that session, even I sometimes run something unnecessarily in that root session, when I just as well could’ve run it as a normal user.
So, it’s easy to imagine how often an average or simply inexperienced user would accidentally run things as root when it’s actually unnecessary and therefore insecure.

It’s technically always insecure to run anything with elevated privileges, if that is not a requirement. You give something permission, even though it’s not needed. That is insecure design/usage.

2 Likes

this article may shed some light on the subject.
Sudo Vs Su
And this one.
Su Vs Sudo

@kc1di
Read it thanks.
I can see the point about multiple administrators.
I also know that it is not a good idea to walk away from a terminal with an su shell running

@Akito
But I doubt I would make more errors one way or the other?
Maybe other people are different - I always seem to be an outlier on these things.

Neville

Well I think that is a distraction.

Lets not get carried away with this, I am happy for users to do it any way they please. I just dont understand the logic, and as I said above I sometimes stray from the flock.

I believe the use of “sudo” and “su” are being confused, as per user account and the root account.
The root account is always setup at the install time and then the user account is setup. I know, some distro installers make it seem otherwise. One usually has to edit the “sudoers file” to allow
a user to gain root privileges, either with “visudo /etc/sudoers” or “nano /etc/sudoers”, I usually just use nano. I know the user account and “sudo” should be used for most of what is done in Linux, but I for one can see very little, if any, difference in using “sudo” and the user account or
just using “su” and logging into, and using the root account.
I never use “sudo” in some of my VM’s, and just use the user account for basic functions, and use “su” and the root account for updating and most everything else. I guess that reflects the
“Windows” user in me, and all this “sudo and su”, along with other LInux security quirks, is why
a lot of potential Windows users will shy away from using Linux.

Hi @Akito ,
That is all fine, and very convoluted.

Would you like to explain the difference between

script file
sudo command
enter pwd
CtrlD

and

su
enter pwd
cd
script file
command
CtrlD
CtrlD

Difference about 3 keystrokes. They both need a password.
I like to script when I use su
I like to keep scripts in the root home directory

Neville

Agree .

When I do something in Linux that requires authority, eg mount a filesystem using the gui tool, it asks for a password, and I can never work out whether it wants the user password or the root password. It seems to vary. I wonder does it depend on whether the user is in some group?

Neville

About 3 keystrokes. This sounds like nothing, when you are doing this once a year. But if I would need to do that, it would annoy the crap out of me. It’s already annoying to use sudo in the first place. Making it even longer and more annoying makes it much worse. Every single keystroke counts.

Every single keystroke counts; not only from an annoyance factor perspective. Too keep your arms and hands healthy, you should type as little as possible and move your fingers and hands as little as possible. Doing another CTRL+D for no reason at all, accumulates over time and doubles the strain caused in your arms. So, it’s technically healthier to use sudo, as well.

https://www.reddit.com/r/archlinux/comments/qkhvbh/is_there_an_autosudo_for_terminal/

If that wouldn’t be bad enough, you have to invest more brain power for no reason, because you have to provide the root user’s password, which might differ from the one you use all the time.
So, all in all, it’s a pure waste of time and brain power to do it the long way.

Thirdly, the KO argument, which destroys using su, is behaviour in scripts. If you want a single command running with root privileges in a script, you can’t just do your su stuff inside the script. It’s much easier to just use sudo for this single command in the script.

Indeed. That is true. It’s so uncommon for Windows users and it’s really hard to get used to, at first. It can get quite annoying, as well.

sudo uses the normal user’s password trying to make a root privileged operation. su actually logs into root user, which is why you have to provide the root user’s password.

Most common and popular distributions always give the same password to the root user and the normal master user, who set up the OS and has root powers implicated by that very fact. That’s why it might seem confusing.
GUIs use exclusively gksudo, as far as I know, so you pretty much always should provide your normal user’s password to gain access.

I wonder if we could make it a shellscript and reduce the keystrokes for you.

This is a proof of concept for making auto-sudo work. It does reduce the keystrokes and annoyance factors, but you still need to provide a password, after all, as opposed to using the mouse to click on “Yes” in a Windows Adminstration Privilege request prompt, which reduces brain power requirements.

Luckily for Linux, using the mouse is a big strain for the hand/arm, from a health perspective, so the health aspect should be more or less similar, wether you are clicking with the mouse or typing out a password. Only typing out the password with a trained hand might even be healthier, I guess. Using the mouse and therefore moving your hand and arm a lot generates a lot of strain.

1 Like

@nevj
You will usually login to your user account, so the user account PW is what it is asking for, if you login to or use “su” to change to the root account, then you only have to use the root
account PW and no “sudo” while in root. Their are also some programs, like VLC, that will
only run in the user account, and some like gparted, that need root access.
I love it when I try and explain this, when someone brings me a PC and wants to run Linux.

@Akito
Had a look at github.
Will give it a try under Debian.
Looks like you put some work into that
Neville

There are some like CUPS that seem to sometimes want the user password, and other times the system password?

1 Like

@nevj
And unless Linux can change and evolve into a more user friendly OS, then their is really no
need, at least for me, to do a hard install, a VM does everything I need, as for Linux. Perhaps
Linux, someday will catch-up to Windows driver and hardware support. Hats off to the ones
that think Linux is all they need, for me maybe 90% but the last 10% is why I keep Windows, and use Linux, just to learn.

Been windows free since 2000. Never looked back.

1 Like