An Ubuntu-style Linux laptop.
fatmawati achmad zaenuri/Shutterstock.com

The root user is the most powerful entity in the Linux universe with limitless powers, for better or worse. Create a user? Got it. Annihilate a file system? Whoops, got that too.

The Origin Story

The root user is the Linux superuser. They can, quite literally, do anything. Nothing is restricted or off-limits for root . Whether they’re a superhero or a supervillain depends on the human user who takes on the mantle of the system administrator. Mistakes made by the root user can be catastrophic, so the root account should be used exclusively for administrative purposes.

The concept of the root user was inherited from Unix, which had a root user as its administrative superuser. But where the name “root” comes from isn’t known for sure. Some people think that it came from the Multics operating system, which pre-dates Unix.

Ken Thompson and Dennis Ritchie, two of the most important architects and authors of Unix, had both previously worked on the Multics. Multics had a filesystem that started at a point called the root directory or “/”, and all other directories and subdirectories branched downward and outward from the root like an inverted tree. It’s the same sort of tree structure adopted by Unix. So, maybe Unix adopted the root user from Multics, too?

Searching through the Multics technical documentation uncovers a multitude of references to root logical volumes, root physical volumes, root cards, and the root directory. But there’s no mention of a root user account or a user called “root.”

Advertisement

Another theory is that in the early days of Unix, the home folder of the superuser was the root “/” of the filesystem. The superuser needed a name. The term “root user” had been used in place of an official name, but the term stuck and became the official name.

That seems more likely, but nobody seems to be able to say for sure how the root user got its name.

The sudo Command

On any operating system, it is best practice to reserve the superuser for administrative purposes only and to use a regular user account the rest of the time. In fact, most modern Linux distributions won’t let you log in as the root user.

Of course, this is Linux, so you can configure it to allow the root user to log in. But the less time you spend logged in as root, the better. Besides protecting yourself from disasters arising from typos, if you can’t log in as root, no one else can. Anyone gaining unauthorized access to your system will not be able to log in as root, limiting what damage they can do.

But if logging in as root is disabled, how do you administer your Linux computer? Well, that’s what the sudo command is for. It doesn’t require the root user to log in. It temporarily bestows root‘s powers on you. It’s like picking up Thor’s hammer Mjolnir and being temporarily granted Thor’s powers. But you can only pick up the hammer if you’re worthy. Likewise, it’s not just anyone who can use the sudo command. The sudo command only bestows root‘s powers on you if you’ve been found worthy and added to the sudoers list.

There’s another command similar to sudo called su. With sudo, you authenticate using your own password. With su, you authenticate using the root user’s password. This is significant in two ways. Firstly, it means that you need to assign a password to the root user to use su. By default, the root user has no password, and this helps with security. If root doesn’t have a password, you can’t log in as root.

Advertisement

Secondly, if you do set a root password, everyone who is going to use the su command needs to know the password. And sharing passwords is a security no-no, and for the root password, even more so. Any of the people who know the root password can tell someone else. If you need to change the root password, you need to communicate the new password to all the people who need to know it.

It’s much more secure to use the sudoers list to restrict who can use sudo, and let each privileged person use their individual passwords to authenticate.

Using sudo

The “/etc/shadow” file contains the username of each account on your Linux computer, along with other pieces of information, including each account’s encrypted password, when the password was last changed, and when the password expires. Because it contains sensitive information, it can only be read by root.

If we try to use the wc command to read the lines, words, and characters in the shadow file, we’ll be denied permission.

wc /etc/shadow

If we’re in the sudoers list and we use the same command with sudo at the start of the line, we’ll be prompted for our password, and the command will be executed for us. If you’re the only user on your Linux computer, you’ll automatically be added to the sudoers list when the system is installed.

sudo wc /etc/shadow

Because we’re running the command as root, the wc command is executed. Nobody denies root.

Advertisement

The sudo command used to mean “superuser do.” It was enhanced to allow you to run a command as any user, so it was renamed “substitute user do.” The command is actually executed as though the other user ran it. If you don’t specify a username, sudo defaults to using root. If you wish to use a different user, use the -u (user) option.

We can see that the commands are executed as another user by using the whoami command.

whoami
sudo whoami
sudo -u mary whoami

RELATED: How to Determine the Current User Account in Linux

Running as root without Using su

The snag with sudo is that you have to use “sudo” at the start of every command. If you’re just typing one or two commands, that’s no big deal. If you have a longer sequence of commands to execute, it can become tiresome. It might be tiresome, but it does act as a useful safety catch for root‘s powers, and you have to consciously take the safety off each and every time.

There’s a way to effectively “log in” as root that doesn’t use su and doesn’t require the root user to have a password.

Warning: Be careful when you’re using this method. Every command that you issue will be happily executed, no questions asked—even if it’s destructive.

Using sudo to run a Bash shell opens a new shell with root as the user.

sudo bash

Note that the command prompt changes. The final character of the prompt is now a hash “#” instead of a dollar character “$.”

Advertisement

How the body of the command prompt is displayed varies from distribution to distribution. In Ubuntu, we’re informed that the user is rootand shown the name of the computer and the current working directory. The color of the prompt is changed, too.

Because we’re root, we can execute commands that would normally require the use of sudo .

wc /etc/shadow

To exit from the root user’s shell, hit “Ctrl+D” or type “exit” and hit “Enter.”

exit

Less Superman, More Clark Kent

If you’re in the sudoers list, you have superpowers over your Linux system. Just remember, Superman spends more time as his mild-mannered alter-ego than he does in his red cape.

Use your regular user account as much as possible. Only change into root when you really need to.

Profile Photo for Dave McKay Dave McKay
Dave McKay first used computers when punched paper tape was in vogue, and he has been programming ever since. After over 30 years in the IT industry, he is now a full-time technology journalist. During his career, he has worked as a freelance programmer, manager of an international software development team, an IT services project manager, and, most recently, as a Data Protection Officer. His writing has been published by  howtogeek.com, cloudsavvyit.com, itenterpriser.com, and opensource.com. Dave is a Linux evangelist and open source advocate.
Read Full Bio »

The above article may contain affiliate links, which help support How-To Geek.