Good security practices suggest that administrator/root access be limited. Typical day-to-day activities such as word processing, web browsing, or listening to music should never be done using the administrator account.
However, there are times when an administrator account is required to perform specific tasks, like adding and modifying permissions and configuring system software.
The Linux shell has the sudo command that can temporarily elevate privileges to a user that is a member of the administrator group.
Let’s say we need to modify the owner of a file named sketches.ppt from bob to debbie. We could enter the chown command with the right parameters in the terminal:
However, if we have admin privileges but are not logged in as the administrator, this command will return an “operation not permitted” error since we don’t have sufficient privileges. But, we can use the handy command sudo in front of the same command to temporarily invoke admin privileges by confirming our identity. We can use the following command:
and enter our password to prove we are the current authorized user.
Instructions
Carl is a new employee at your company! Try to use the following command to add a new user named carl:
You should see that permission was denied.
Permission denied! Hmm, let’s use sudo in front of the same useradd carl command. The terminal will ask for a password.
The password for the sudo prompt is ilovecc (when you type, you won’t see the characters show up).
Carl is going to be responsible for reaching out to the larger team for announcements, so he should be the owner of the file employees/names-emails.csv.
To help Carl, use sudo and this chown command:
Use the ls -l command to view updated files and permissions in the employees folder.