Hi List, I've just drafted a FAQ/mini-HOWTO on becoming root as this is a topic I see come up time and time again. Perhaps someone with a reasonable understanding could check it for technical correctness, and if anyone would like to offer comments/feedback?? Any suggestions as to where might be an appropriate home for this on the Wiki? Regards, Ned (attached below) -------------------- *How to become root* Many commands can only be run as the root user so to run these commands we need to become "root". To do this, we use the su command (substitute user). The su command takes the following format: su - <user> but most commonly we will use su to become the root user: su - root If no username is specified, then the root user is assumed, so the above is often shortened to: su or su - but the above are NOT the same thing. Often a user will become root using just 'su', try to run a command (eg, ifconfig), and get a 'command not found' error: su Password: ifconfig bash: ifconfig: command not found The reason is that regular system users and the root user have different PATHS (you can view a users PATH with 'echo $PATH'). When you type a Linux command, the shell with search the users PATH to try to locate the command to run. It starts searching each directory on the PATH until a match is found. Commands for regular users are mostly located in /usr/local/bin, /usr/bin, and /bin. However, root commands are mostly located in /usr/local/sbin, /usr/sbin, and /sbin and root's PATH reflects this difference. When you become root by using 'su -', you also adopt root's PATH whereas using just 'su' retains the original users PATH, hence why becoming root using just 'su' and trying to run a command located in /usr/local/sbin, /usr/sbin, or /sbin results in a 'command not found' error. So you either need to specify the full PATH to the command if you just used 'su' (eg, /sbin/ifconfig) or use the full 'su -'.
On Sun, 2008-04-06 at 02:11 +0100, Ned Slider wrote:> Hi List, > > I've just drafted a FAQ/mini-HOWTO on becoming root as this is a topic I > see come up time and time again. > > Perhaps someone with a reasonable understanding could check it for > technical correctness, and if anyone would like to offer comments/feedback?? > > Any suggestions as to where might be an appropriate home for this on the > Wiki? > > Regards, > > Ned > (attached below) > > -------------------- > > *How to become root* > > Many commands can only be run as the root user so to run these commands > we need to become "root". To do this, we use the su command (substitute > user). > > The su command takes the following format: > > su - <user> > > but most commonly we will use su to become the root user: > > su - root > > If no username is specified, then the root user is assumed, so the above > is often shortened to: > > su > > or > > su - > > but the above are NOT the same thing. > > Often a user will become root using just 'su', try to run a command (eg, > ifconfig), and get a 'command not found' error: > > su > Password: > ifconfig > bash: ifconfig: command not found > > The reason is that regular system users and the root user have different > PATHS (you can view a users PATH with 'echo $PATH'). When you type a > Linux command, the shell with search the users PATH to try to locate the > command to run. It starts searching each directory on the PATH until a > match is found. Commands for regular users are mostly located in > /usr/local/bin, /usr/bin, and /bin. However, root commands are mostly > located in /usr/local/sbin, /usr/sbin, and /sbin and root's PATH > reflects this difference. > > When you become root by using 'su -', you also adopt root's PATH whereas > using just 'su' retains the original users PATH, hence why becoming root > using just 'su' and trying to run a command located in /usr/local/sbin, > /usr/sbin, or /sbin results in a 'command not found' error. > > So you either need to specify the full PATH to the command if you just > used 'su' (eg, /sbin/ifconfig) or use the full 'su -'.Ever noticed in Red Hats Docs the full path to the command in question?? machine at you]#/usr/sbin/mii-tool And boy is Ubunto and Debian confusing. It sounds good. And it is better than the Debian way I think. just my two cents.> > _______________________________________________ > CentOS-docs mailing list > CentOS-docs at centos.org > http://lists.centos.org/mailman/listinfo/centos-docs-- ~/john OpenPGP Sig:BA91F079
On 06/04/2008, Ned Slider <nedslider at f2s.com> wrote:> > I've just drafted a FAQ/mini-HOWTO on becoming root as this is a topic I > see come up time and time again. > > Perhaps someone with a reasonable understanding could check it for > technical correctness, and if anyone would like to offer comments/feedback?? > > Any suggestions as to where might be an appropriate home for this on the > Wiki?As someone who was used to all users having the same search-path (I'm going back 25 or so years), when I first came across the use of a separate path for the super-user I asked the question "Why?". I have long since answered that question and support the concept. (An aside, can anyone tell me why one of the original grep flags, -y, was changed to -i ?) Perhaps what also needs to be said is that "su <user>" gives the current user the identity of <user> whilst "su - <user>" gives the current user the identity of <user> *along with* <user>'s environment that would normally be obtained by logging in as <user>. I probably haven't expressed the above very well. Looking in my old Unix System V manuals for the su command, I read "An initial - flag causes the environment to be changed to the one that would be expected if the user actually logged in again." Perhaps a mention of sudo and sudoers could also be made? Alan. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-docs/attachments/20080406/b256d80f/attachment-0002.html>
Alan Bartlett wrote:> > As someone who was used to all users having the same search-path (I'm going > back 25 or so years), when I first came across the use of a separate path > for the super-user I asked the question "Why?". I have long since answered > that question and support the concept. (An aside, can anyone tell me why one > of the original grep flags, -y, was changed to -i ?) > > Perhaps what also needs to be said is that "su <user>" gives the current > user the identity of <user> whilst "su - <user>" gives the current user the > identity of <user> *along with* <user>'s environment that would normally be > obtained by logging in as <user>. > > I probably haven't expressed the above very well. Looking in my old Unix > System V manuals for the su command, I read "An initial - flag causes the > environment to be changed to the one that would be expected if the user > actually logged in again." >Your explanation is fine, and probably better than mine :)> Perhaps a mention of sudo and sudoers could also be made? > > Alan. >Good idea - I'll leave that for someone else to add once Ralph/someone gives me an indication where the page should sit. Thanks for the feedback Alan :)
2008/4/6, Alan Bartlett <ajb.stxsl at googlemail.com>:> Perhaps a mention of sudo and sudoers could also be made?And consolehelper for GUI users. Regards, Rafal
Ned Slider wrote:> Any suggestions as to where might be an appropriate home for this on the > Wiki?I think TipsAndTricks is appropriate for that, maybe under "Admin Tricks and shell one-liners"? I don't see it under "HowTo" ...> su > > or > > su - > > but the above are NOT the same thing.... but the two commands above behave differently.> When you become root by using 'su -', you also adopt root's PATH whereas > using just 'su' retains the original users PATH, hence why becoming root > using just 'su' and trying to run a command located in /usr/local/sbin, > /usr/sbin, or /sbin results in a 'command not found' error.Please mention the bash manual page (and the section about login shells), where this behaviour is explained in more detail. Otherwise: Go ahead. Cheers, Ralph -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos-docs/attachments/20080407/c02f5adf/attachment-0002.sig>
On Sun, 2008-04-06 at 14:12 +0100, Alan Bartlett wrote:> On 06/04/2008, Ned Slider <nedslider at f2s.com> wrote: > I've just drafted a FAQ/mini-HOWTO on becoming root as this is > a topic I see come up time and time again. > > Perhaps someone with a reasonable understanding could check it > for technical correctness, and if anyone would like to offer > comments/feedback?? > > Any suggestions as to where might be an appropriate home for > this on the Wiki? > > As someone who was used to all users having the same search-path (I'm > going back 25 or so years), when I first came across the use of a > separate path for the super-user I asked the question "Why?". I have > long since answered that question and support the concept. (An aside, > can anyone tell me why one of the original grep flags, -y, was changed > to -i ?) > > Perhaps what also needs to be said is that "su <user>" gives the > current user the identity of <user> whilst "su - <user>" gives the > current user the identity of <user> *along with* <user>'s environment > that would normally be obtained by logging in as <user>.Same as mine says See below.> > I probably haven't expressed the above very well. Looking in my old > Unix System V manuals for the su command, I read "An initial - flag > causes the environment to be changed to the one that would be expected > if the user actually logged in again."I have an old Unix in a Nut Shell by O'Reilly. It mentions if the shell runs "SH" you can specify the option -c to execute a command by SH and -r to create a restricted shell. Then it mentins use EOF to terminate.> > Perhaps a mention of sudo and sudoers could also be made? > > Alan. > > > > > _______________________________________________ > CentOS-docs mailing list > CentOS-docs at centos.org > http://lists.centos.org/mailman/listinfo/centos-docs-- ~/john OpenPGP Sig:BA91F079
Ralph Angenendt wrote:> Ned Slider wrote: >> Any suggestions as to where might be an appropriate home for this on the >> Wiki? > > I think TipsAndTricks is appropriate for that, maybe under "Admin Tricks > and shell one-liners"? I don't see it under "HowTo" ... > > >> su >> >> or >> >> su - >> >> but the above are NOT the same thing. > > ... but the two commands above behave differently. > >> When you become root by using 'su -', you also adopt root's PATH whereas >> using just 'su' retains the original users PATH, hence why becoming root >> using just 'su' and trying to run a command located in /usr/local/sbin, >> /usr/sbin, or /sbin results in a 'command not found' error. > > Please mention the bash manual page (and the section about login > shells), where this behaviour is explained in more detail. > > Otherwise: Go ahead. > > Cheers, > > Ralph >Thanks Ralph, will try and get something up later this week. Ned
On 4/5/08, Ned Slider <nedslider at f2s.com> wrote: ...> *How to become root*Some Spanish translations have been done to this article. See: http://wiki.centos.org/es/TipsAndTricks/BecomingRoot Cheers, al.
Alain Reguera Delgado wrote:> On 4/5/08, Ned Slider <nedslider at f2s.com> wrote: > ... >> *How to become root* > > Some Spanish translations have been done to this article. See: > http://wiki.centos.org/es/TipsAndTricks/BecomingRoot > > Cheers, > al.I've linked to the English page from Tips and Tricks (Admin tricks and shell one-liners section). If no one has any more comments/additions, we can remove the draft notice too. Ned