2

I am quite confused regarding this matter.

As far as I know the user root has all the privelages.

Also all the users of the group sudo has all privelages.

But the user root by default is not a member of the group sudo. Then how can the user root be sudo user?

Please explain the entire concept to me.

To be noted the commands mentioned below produces the output mentioned below:

$root@lenovo:/home/rancho# compgen -u
-----
-----
root
rancho
-----
-----
$root@lenovo:/home/rancho# compgen -g
-----
-----
root
rancho
sudo
-----
-----
$root@lenovo:/home/rancho# getent group sudo
sudo:x:27:rancho
$root@lenovo:/home/rancho# getent group root
root:x:0
$root@lenovo:/home/rancho# visudo
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        rootpw
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

:x
$root@lenovo:/home/rancho#
rancho
  • 4,136

1 Answers1

5

You're correct that root has all privileges, but saying that sudoers have all privileges is not quite correct. They are allowed to attain all privileges by using sudo to run a command as root. That includes running a root prompt, using a command like sudo -i.

root is not a sudoer because it is already root - it doesn't need to become root to run commands.

wjandrea
  • 14,504