In this article, there will be an information regarding on the process of switching account to root which is done by using an already logged in user account for an example a user name ‘user’.
This case can actually happened in any Linux operating system distribution which has a ‘sudo’ program installed where the program itself is made to allow a user to execute a program which has the security privilege of another user where the execution attempt is being done by switching to that user.
For an example, if a normal user want to create a new user, that user cannot create a new user directly since the user creation process has the security privilege of a root. So first of all, in order to create a new user, that user must switch to root and after successfully switched to ‘root’ account, that user has the ability to create a new user as ‘root’.
First of all, add the user whom is going to be granted an ability to possess the security privilege of executing root program or utility by editing file ‘/etc/sudoers’ as follows :
1. Directly edit file /etc/sudoers as root as shown below :
2. Run ‘visudo’ command to edit file /etc/sudoers as shown below :
The execution of the two commands above will direct the output to the same display of the content of sudoers’s file located in etc shown as follows :
# # This file MUST be edited with the 'visudo' command as root. # # Please consider adding local content in /etc/sudoers.d/ instead of # directly modifying this file. # # See the man page for details on how to write a sudoers file. # Defaults env_reset Defaults mail_badpass Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL:ALL) ALL # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.d ~
So, for instance to add a user named ‘user’ so that the user itself can create another user which is actually has the security privilege own only by ‘root’, just add the following line :
user ALL=(ALL:ALL) ALL
after the following line :
# User privilege specification root ALL=(ALL:ALL) ALL
So, the overall configuration is shown below :
# User privilege specification root ALL=(ALL:ALL) ALL user ALL=(ALL:ALL) ALL
By the time after saving the configuration file of ‘/etc/sudoers’ or finishing the ‘visudo’ command’s execution, the user ‘user’ can create a user.
So, by adding the user ‘user’ in the file through the file ‘/etc/sudoers’ editing process or ‘visudo’ command execution, that ‘user’ can switch to ‘root’ user and perform or execute a root special privilege command such as creating another user.