Re: Problems with su/sudo

On Thu, 20 Mar 2008 16:02:26 -0500, Jolly Roger wrote:
In article <fruiml$60i$2@xxxxxxxxxxxxxxx>,
Warren Oates <warren.oates@xxxxxxxxx> wrote:

In article
<jollyroger-CC00AC.13113320032008@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
Jolly Roger <jollyroger@xxxxxxxxx> wrote:

You use 'su' to "switch users", so you'll need to provide the password
for the user to which you are switching. The 'sudo' command will ask for
the current user's password by default. In this case, since you have
already switched to the administrator account, that is the password
you'll need to use.

su stands for "substitute user" and sometimes "super user"

Semantics, but ok that's fine with me. The point is you switch to the
admin account on the command line and then sudo from there.

Try this:

sudo su
[password]
cd;whoami;pwd

um...

Which obviously won't work on most Mac OS X base installs, because root
(super user) is disabled in the default configuration, which is a Good
Thing?.

Having the root account "disabled" (in Apple's unfortunate terminology)
merely means you can't become root by typing a root password, since there
isn't one. It doesn't mean you can't become root by other means.
Obviously, there are lots of root processes running all the time, as ps
readily shows. Booting in single-user mode, and running "sudo", are other
ways to become root without typing a root password.

Indeed, the above sequence does work from an admin account in the default
configuration. The effect of "sudo su" is to run the "su" command as
root, which means that "su" in this case does not require a password.

As an amusing aside, before posting this I tried the above sequence of
commands to verify that it worked. It did. I was logged in remotely to
my office Mac, and I ran the commands there because the window was handy.
I got this output:

[orion:~] $ sudo su
Password:
sh-3.2# cd;whoami;pwd
root
/var/root
sh-3.2#

So far, so good, but then the window went dead. No response to ^D, or to
"exit", or anything else. Oh, sh*t, I thought. What have I done now?

It turned out to be an exquisitely timed network outage. Nothing to do
with my Mac at all. After a few minutes, I was able to reconnect and
repeat the experiment with no ill effects.



--
Dave Seaman
Oral Arguments in Mumia Abu-Jamal Case heard May 17
U.S. Court of Appeals, Third Circuit
<http://www.abu-jamal-news.com/>
.

Relevant Pages

  • Re: Apple recommending anti-virus software for Macs?
    ... > To be ultra-safe with the 'rm' command, ... Not a bad idea for root, It would drive me nuts in my user account. ... downloads directory and executing it. ... That I type an EOF is a trivial difference versus 'sudo' exiting ...
    (comp.sys.mac.system)
  • Re: [kde] su identification
    ... assumes that you wish to invoke the root account and will demand Root ... A user may ONLY sudo as allowed in the /etc/sudoers ... allowing a command with any parameters ... This config allows my normal user to do whatever he'd normally be able to ...
    (KDE)
  • Re: Clams.....
    ... either by su> password> Kate, ... running in root. ... have you set up sudo? ... the command sudo gedit /etc/filename would ask for the user ...
    (Fedora)
  • Re: any way to track commands of a user logged in through ssh
    ... applies _to that command only_. ... the command they want to run with 'sudo', ... I use/run a Shell command that requires 'root' privileges...Especially ... So what do you think about creating a separate 'group' for certain ...
    (comp.os.linux.misc)
  • Re: [opensuse] Re: Should openSUSE review its Security Policies?
    ... We are defining 'command' differently. ... When discussing root permissions, I define commands at the OS level. ... sudo lets me run a complete binary application as a different user. ...
    (SuSE)