Good security practices suggest that administrator/root access be limited. Typical day-to-day activities such as word processing, web browsing, or listening to music should never be done using the administrator account.
However, there are times when an administrator account is required to perform specific tasks, like adding and modifying permissions and configuring system software.
The Linux shell has the
sudo command that can temporarily elevate privileges to a user that is a member of the administrator group.
Let’s say we need to modify the owner of a file named sketches.ppt from bob to debbie. We could enter the
chown command with the right parameters in the terminal:
chown debbie sketches.ppt
However, if we have admin privileges but are not logged in as the administrator, this command will return an “operation not permitted” error since we don’t have sufficient privileges. But, we can use the handy command
sudo in front of the same command to temporarily invoke admin privileges by confirming our identity. We can use the following command:
sudo chown debbie sketches.ppt
and enter our password to prove we are the current authorized user.
Carl is a new employee at your company! Try to use the following command to add a new user named
You should see that permission was denied.
Permission denied! Hmm, let’s use
sudo in front of the same
useradd carl command. The terminal will ask for a password.
The password for the
sudo prompt is
ilovecc (when you type, you won’t see the characters show up).
Carl is going to be responsible for reaching out to the larger team for announcements, so he should be the owner of the file employees/names-emails.csv.
To help Carl, use
sudo and this
chown carl employees/names-emails.csv
ls -l command to view updated files and permissions in the employees folder.