Good security practices suggest that administrator/root access be limited. Typical day-to-day activities such as word processing, web browsing, or listening to music should never be done using the administrator account.
However, there are times when an administrator account is required to perform specific tasks, like adding and modifying permissions and configuring system software.
The Linux shell has the sudo
command that can temporarily elevate privileges to a user that is a member of the administrator group.
Let’s say we need to modify the owner of a file named sketches.ppt from bob to debbie. We could enter the chown
command with the right parameters in the terminal:
chown debbie sketches.ppt
However, if we have admin privileges but are not logged in as the administrator, this command will return an “operation not permitted” error since we don’t have sufficient privileges. But, we can use the handy command sudo
in front of the same command to temporarily invoke admin privileges by confirming our identity. We can use the following command:
sudo chown debbie sketches.ppt
and enter our password to prove we are the current authorized user.
Instructions
Carl is a new employee at your company! Try to use the following command to add a new user named carl
:
useradd carl
You should see that permission was denied.
Permission denied! Hmm, let’s use sudo
in front of the same useradd carl
command. The terminal will ask for a password.
The password for the sudo
prompt is ilovecc
(when you type, you won’t see the characters show up).
Carl is going to be responsible for reaching out to the larger team for announcements, so he should be the owner of the file employees/names-emails.csv.
To help Carl, use sudo
and this chown
command:
chown carl employees/names-emails.csv
Use the ls -l
command to view updated files and permissions in the employees folder.