No root privileges when using GUI
OK, let me write a short clarification. There are two different users: Shannon and root. In Ubuntu, by default, root does not have a password at all and cannot log in at all. If Shannon wants to do a task requiring root privileges, he uses the command sudo that consults a file called /etc/sudoers and has the ability to turn Shannon into root.
By default, sudo wants to make sure that Shannon actually is Shannon and not his dog who just took over the keyboard. This is why sudo asks user Shannon for his (and not root's) password. Also note that "a task requiring root privileges" can be a bash shell, which essentially means that you can log in as root (without using root password!).
So, it is not that the two users (Shannon and root) have different passwords, but that the password of root is not actually being asked for at all.
Personally, I don't have a dog; that is why I modified /etc/sudoers in such a way that it never asks me for my password -- being there is sufficient. Using the command sudo visudo I have edited /etc/sudoers and edited the following line:
%sudo ALL=(ALL:ALL) ALL
The line above means that all users from the sudo group (and I can only assume that Shannon belongs to this group if he installed his system) can run essentially ALL root commands.
%sudo ALL=(ALL:ALL) NOPASSWD: ALL
Ah, but now the NOPASSWD directive makes sure that not only I can run any program as root, I can run it without being pestered for typing a password. Note that to edit this file I must use the program visudo which makes sure that I don't make any syntax error. Syntax error in the sudoers file might completely disable the sudo system -- and then, if root does not have a password, you are in a deep kacka.
To add confusion, there is yet another program allowing for gaining root privileges temporarily called su. However, su is much more primitive -- it just asks for the password of the root. Therefore, it does not work in a default Ubuntu installation.
So, which password is actually asked for when you type sudo su? Well, the command that you are running first is sudo , not su. Thus, you are asked for Shannon's password, not roots. sudo then gains root privileges and runs su as root. But when the root runs su, su does not ask for a password. In any case, don't do that -- that is what sudo -i is for (does exactly the same thing).
Related videos on Youtube
06 : 14
07 : 50
05 : 05
11 : 43
01 : 55
Shannon
Updated on September 18, 2022Comments
-
Shannon almost 2 years
So I'm logged in as the user 'Shannon', but can't gain root access through the GUI when I'm prompted to install a program for example. However using
sudo su, type in the root password, gain access through the terminal and then install the programs from there. Aren't these passwords supposed to be identical?Does anyone know how to fix this one?
-
NickTux almost 11 yearspossible duplicate of How do I reset a lost administrative password? -
January almost 11 years@NikTh: don't agree; the title of his question is misleading. I have updated it.
-
January almost 11 years@Shannon can you give me an example of what is not working? Please be specific.
-
NickTux almost 11 yearsWhat the OP here wants to achieve. I still not understand. Maybe this is a problem with gksudo ? (sudo mode).
-
Alaa Ali almost 11 yearsYeah, it could be the
gksumethod (I've got a duplicate question here: askubuntu.com/q/332669/52726). But the problem is, @Shannon did not specify how he's "installing through the GUI". @Shannon, were you using thegksucommand to get the "GUI" that's asking for the password? Can you please post a screenshot of the window asking for the password? You can read my answer here: askubuntu.com/a/306898/52726 if that's the window you're getting. -
Eliah Kagan almost 11 yearsRelated (but not a duplicate, this just addresses some of the confusion about how running programs as root works and what user account's password is entered): How to NOT become a root user? Are administrators root?
-
-
Shannon almost 11 yearsSo let's say I log in as the user 'Shannon' which is not the root user. Performing
sudo -iwill remove the 'authentication' process that comes up on nearly every task? -
chadwicke619 almost 11 yearsNo
sudo -iandpasswdcan be used to unlock the root account which you may have seen is not displayed on login screen. But the best way to do is when you log in as 'Shannon' and install any software when it asks for password give the password of the account 'Shannon' that's it. -
Shannon almost 11 yearsThey're the same passwords...
-
chadwicke619 almost 11 yearsYa when you login as the user 'Shannon' its asking for the password of the user 'Shannon'
-
NickTux almost 11 yearsGood clarification, but the NOPASSWD is still dangerous.
-
Alaa Ali almost 11 years@Shannon remember that your password is not the "root" password. User Shannon has his own password. User root has his own password. But by default, the root account is disabled and doesn't have a password. However, by default, your account has root privileges (or let's say "admin" privileges), that's why your password can be used to install applications. So yeah, I know you're calling it the "root" password because you can install applications with it, but technically it isn't the "root" password. Read the last link in my comment on the question to know more.
-
January almost 11 years@NikTh except that not really :-) if someone can log with your username or if you tend to leave your desktop unlocked and go for lunch, there is little an intruder will not be able to do, starting with a keylogger and ending with
rm -rf /home. In a single user machine, the really sensitive and valuable stuff is all in your home directory. -
David Foerster almost 6 years-1 for the recommendation to disable super-user authentication. Not all threats come from people sitting in front of the keyboard, especially if the computer is connected to the internet like yours is (or you wouldn't be writing answers here).
