Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Create a superuser shell without enabling root UNIX
As we all know, it's possible to execute Terminal commands with administrator priviledges by prefacing the command with sudo, and then entering the corresponding password. On unix and linux machines, one usually accomplishes this by becoming a "superuser" after typing su and then entering the root password (actually su stands for substitute user, which defaults to root). Then you're in a new shell where all typed commands are run as root, and you must log out to be brought back to your standard shell with regular priviledges. This can be quite useful when you have a lot of work that needs to be done as root.

In OS X, one can mimic this by typing sudo -s, hitting return, and entering the password. The -s flag drops you into a new shell, just as su does in linux and unix. I put this in my .cshrc startup file:
alias su sudo -s
and now I can become "superuser" the same way I always have.
    •    
  • Currently 2.50 / 5
  You rated: 4 / 5 (6 votes cast)
 
[18,722 views]  

Create a superuser shell without enabling root | 16 comments | Create New Account
Click here to return to the 'Create a superuser shell without enabling root' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Create a superuser shell without enabling root
Authored by: notmatt on Jan 26, '04 11:52:53AM

I've always used 'sudo su' to accomplish this; is there any effective difference?



[ Reply to This | # ]
Create a superuser shell without enabling root
Authored by: ahbe on Jan 26, '04 12:14:59PM

Good tip! I just tried out sudo su and it works perfectly. I'm really surprised I have yet to see this before. It will certainly save me a bunch of time. I get so tired of having to type sudo before each command.



[ Reply to This | # ]
Create a superuser shell without enabling root
Authored by: vaiism on Jan 26, '04 12:35:20PM

I would do a 'sudo su -' tho to gain the full root account (not just becoming root) - make sure of the space between 'su' and the '-'.



[ Reply to This | # ]
Create a superuser shell without enabling root
Authored by: huzzam on Jan 26, '04 06:36:16PM

sudo su - seems to do the same thing as sudo -s. Is there a difference?



[ Reply to This | # ]
Its all in the password
Authored by: dhrakar on Jan 26, '04 08:04:13PM
The main difference is in which password you get prompted for. The su command authenticates with the password of the user you are switching to while sudo authenticates with your password. Further, if su is invoked by the root account, then it needs no password.

Thus, what is happening is that sudo prompts you for your password, and then switches you to root and invokes su to create a root shell without prompting for a root password.

[ Reply to This | # ]
You end up in different directories
Authored by: googoo on Jan 27, '04 09:46:39PM

The command "sudo -s" starts a root shell but leaves you in the same directory from which you invoked it. The command "sudo su -" logs you into a root shell in root's home directory (/var/root/). Since I am often already in the directory I want to modify, I like "sudo -s."

-Mark



[ Reply to This | # ]
cshrc file?!?
Authored by: dancingram on Jan 26, '04 01:59:39PM

Isn't placing this command in the cshrc file a really bad idea?

Doesn't it give every shell you open in terminal a root access?

And isn't that just a tad bit..... ohhhh.... dangerous?

If that isn't what's going on, then never mind..... but having everytime you run a command on your computer terminal run as root strikes me as a bad idea.



[ Reply to This | # ]
That's not what he's doing...
Authored by: jecwobble on Jan 26, '04 02:36:05PM
He's just putting an alias in his .cshrc which will override the normal su command by starting a new shell as root. So whenever he needs to do something requireing root access, he'll go into this 'rooted' shell to do his thing, then exit out of that shell back into his normal user's shell. Just a diffent way of sudoing.

[ Reply to This | # ]
sudo sh
Authored by: jecwobble on Jan 26, '04 02:03:57PM
I don't know if it's good UNIX form, but just typing
sudo sh
starts up a default shell with root as the user.

[ Reply to This | # ]
sudo sh
Authored by: davidmorr on Jan 26, '04 06:31:34PM

Yes, it is perfectly acceptable to run a shell as the target of the sudo command. You can use other shells than sh also, so

sudo bash
sudo tcsh
etc

are all acceptable.

This is probably exactly the same as sudo -s, except that you can specify a different shell to your default.

The ony drawback, as someone mentions later, is that there is no logging of what you do in the shell, as there is for individual sudo commands.

David



[ Reply to This | # ]
sudo is logged
Authored by: dhrakar on Jan 26, '04 03:04:53PM
First of all, please remember that su is already on OS X. The path is /usr/bin/su.

Now, the main difference between su and sudo is that sudo is really just a wrapper for su. That is, sudo checks your authority to do a certain action (via the /etc/sudoers file) logs your action in /var/log/system.log and then invokes that action using su. To me, the most important portion of this is the logging. Many times in the past I have grepped back through the syslogs to see just what I did to my system -- it is quite handy that way.
The only time I still use su, now, is for when my every-day working account is not an admin account on the system. Then I use the command su - support to become the support user and do the stuff I need to do via sudo.
For more information on all of these commands, I'd really recommend that you spend a few minutes reading the man pages for su, sudo, sodoers and visudo.

Have fun!

[ Reply to This | # ]
sudo su and sudo sh...
Authored by: rhowell on Jan 26, '04 05:28:10PM
don't seem to incorporate the evironment settings from my normal shell. I like my "ls" to always appear the same, etc., whether I have normal priviledges or I'm sudo-ing. I also thought the "su" command would log you in as root, and the point of this hint was to obtain a shell with root-like priviledges without enabling the root account.

The sudo -s command came right from the man pages.

[ Reply to This | # ]

sudo su and sudo sh...
Authored by: dhrakar on Jan 26, '04 08:11:46PM
The Apple definition of 'enabled' is, I think, a bit misleading. The root account is always enabled. It just does not have a password by default. That is, you can do stuff as root but you just can't log in as root. Your hint is using sudo to create a root shell without having to give a root password.

Out of curiosity, why do you need a root shell? As the admin user, there is very little that you can't do on the system in your own little shell and you can use sudo to do the other tasks... Not to say that what you are doing is wrong, but I like to keep the time I spend with super-user powers to a minimum.

[ Reply to This | # ]
Create a superuser shell without enabling root
Authored by: rhowell on Jan 26, '04 10:14:37PM

Thanks for the info dhrakar. I find some things next to impossible using only "sudo", such as changing directories and getting file listings in other people's home accounts. I discovered this when I decided I'd put my entire iPhoto Library and iTunes Library in the /Users/Shared folder, and then replace my wife's and kid's corresponding folders with soft links pointing to the shared libraries. Then we could all share our photos and music.

Doing this with sudo is a nightmare. Doing it with sudo -s is a breeze.



[ Reply to This | # ]
Create a superuser shell without enabling root
Authored by: ppatoray on Jan 26, '04 11:16:23PM

The hint mentions that you must logout to return to your regular shell. All that I have had to do is type 'exit', and I am returned to my regular shell.



[ Reply to This | # ]
Create a superuser shell without enabling root
Authored by: Eravau on Jan 27, '04 01:15:46PM

"exit" logs you out of the current shell. Thus, you logged out.



[ Reply to This | # ]