The Many Routes to Root

There are a number of ways to get to root access, some of them not entirely intuitive.  For example, what's the difference between sudo su and sudo -i?  How about su - ?

Root can be used in a variety of ways, so there are a variety of ways to get root access.

One thing to consider when obtaining root is the environment that you need to do what you want to do.  If you just want to run a command, you can just use sudo before the command that requires root privileges, then enter your (not the root) password.  This requires that you be part of the group that controls sudo access.  In some distributions, this is the wheel group, in some it's sudo.  To get access, someone with root privileges has to run something like usermod -aG wheel username.  

Let's break that command down a bit:

  1. usermod is the command that allows you to modify a user
  2. -aG means append/add the user to the supplementary group named next
  3. wheel is the name of the group that determines sudo access
  4. username is the username of the user who will be getting sudo access

You could also drop a file with the user name into /etc/sudoers.d:

username	ALL=(ALL) ALL

How do you know what groups you're part of?  Simple - just use the groups command or the id command.

Now that the basics are out of the way, let's talk about the different base commands.

  1. su : Surprise!  This does NOT stand for "super user", it stands for "SUBSTITUTE user".  If you enter it with no arguments, the assumption is that you want to switch to the root user.  Requires the root password.
    NOTE: $HOME and $PATH will remain that of the current user, not the root user.
  2. su - : Functionally the same as su -l(login). This command does log you in as the root user, with the root user's $HOME, $PATH and id.  Requires the root password.
  3. sudo su - : This seems like it would do the same thing as su -, but it doesn't.  Adding sudo before the command tells the shell to use the root privileges of the current user, and as such, only requires the password of the current user, NOT the root user.  This gives you a root login shell, and your $HOME, $PATH and id become that of the root user.  This only works if you have ALREADY been given root privileges and are part of the sudo group.
  4. sudo -i : Functionally the same as sudo su -.

And now you know a little bit more about the routes to root!