You remind me of the babe.
What babe?
The babe with the power.
What power?
The power of sudo.
Who do?
You do.
Do what?
Remind me of the babe.
-- David "root" Bowie.
Backstory
su
is short for "substitute user". It's generally pronounced "ess-you". It's almost always used to switch to the root user (the default if you don't specify anyone), but it doesn't have to.
If I was on the same system as you, and I had the necessary access, I could switch to you. Here I demonstrate trying to su
to someone else, but not having their password and getting the push-off:
$ whoami
sarah
$ ls /home
sarah/ toby/ goblinking/
$ su toby
Password: ********
su: Sorry
$ whoami
sarah
$ # nuts.
Of course, if I'm root, then anything goes:
$ su
Password: ********
# whoami
root
# su toby
$ whoami
toby
$ # Rock on.
sudo
is really an alternative to allow users to run stuff as other people - usually root - without knowing the root password or having to start an entire interactive shell as someone else.
It's pronounced "sue doo". Not like "pseudo", though that kind of fits the purpose if you tilt your head and squint at the world I guess.
$ cd /var
$ touch this
touch: this: Permission denied
$ # U can't touch this.
$ # Now that song is in your head. My, my, my.
$ # You are welcome.
$ sudo touch this
$ ls this
-rw-r--r-- 1 root wheel 0 9 Apr 12:42 this
$ # Rock on.
Like I said, it's mostly used to become root.
Why is being root a problem?
People tend to leave themselves as root for way too long without logging back out. It's too easy to become root to perform one action and then to carry on and run all your next commands as root too. They might be perfectly innocent commands, but there's always the chance...
- your commands touch files in your home directory and from that point any application which needs to write to them silently fails
- an installation of a package suddenly hoses your environment because your system depends on one version of a package and now you've globally overwritten it with another
- an errant
rm -rf
nukes your system from orbit
Modern UNIX
I think the blame for a lot of the problems with becoming root lies with MacOS, to be honest. It's a multi-user system (UNIX) that is pitched as a single-user system (everyone has their own laptop with just one account on it). What this means is that people get used to there being no terrible side-effects.
As an example, the word from the horse's mouth regarding fixing problems with homebrew is:
sudo chown -R $USER:admin /usr/local
Well, it's ok if nobody else is ever going to share your computer (like your MacBook) but this sort of hack is absolutely terrible if you run it on a multi-user system (like your webserver).
I'm also jumping ahead, so let's back up a little...
Why is su
a problem?
su
won't let you become root without root's password. That means everyone who needs root access has to know - i.e. share - the password, and it means that if it changes, all those users have to be told what it's changed to, and that generally means a whole heap of insecurity because people have a habit of sending slack messages like,
Yo tobes, the root password to my-secure-box is now 'thirt33n0clock'
su
behaves differently depending on your environment. If you run su - goblinking
then you'll effectively log in as that user and have access to all their aliases and the things they've set up in their shell configuration. If you miss out the minus sign, you won't. Unexpected things happen, and unexpected things are dangerous things.
Why is sudo
a good idea?
Accountability
If your name's not down, you're not coming in:
$ whoami
goblinking
$ sudo run-malicious-script
Password: ********
goblinking is not in the sudoers file. This incident will be reported.
Every sudo
command is in your history, and it's logged as being run by you.
If toby and goblinking were both logged in as root, how could we tell which user had run the malicious script? We couldn't. Well, not easily. Ok, ok, we could check ttys and look under doormats and fiddle with knobs in our surveillance van. Shh. For the purposes of this article, we couldn't tell.
sudo
gives us an audit trail. It also means that each user can examine their own history and remember what they did last week, without that history being muddled up with every other person who shared the root experience.
You don't have to share your root password
sudo
exists to fix that problem with su
.
What are some good practices with sudo
?
sudo
will edit (-e
) the file with whatever editor is configured. See the environment variables EDITOR
, SUDO_EDITOR
and VISUAL
, which are fun to have configured anyway.
$ # Instead of this...
$ sudo nano /etc/nginx/sites-available/default
$ # Do this...
$ sudo -e /etc/nginx/sites-available/default
sudo
can give you a root shell, without having to run an extra process.
$ # Instead of this...
$ sudo su
$ # Do this...
$ sudo -i
sudo
lets you run a single command as another user.
$ # Instead of this...
$ su
Password: ********
# su goblinking
$ ./my-hilarious-jape.sh
$ exit
$ # Do this...
$ sudo -u goblinking ./my-hilarious-jape.sh
Password: ********
It's not a hammer.
I know what I said earlier.
If some command you've copied and pasted from the Interweb doesn't work, don't just shove sudo
in front of it and hope; search for the name of the program and the error message you saw instead.
Sure, it might be that you should run it as root, but there's also a pretty good chance you don't need to, and that you're trying to beat your problem into submission rather than fix it.
See also
The Introduction to sudo from its official site.
Cover image by Jimi Filipovski on Unsplash.
Hammer time image by me.
Bowie image by... erm... I found it somewhere.