[Novalug] sudo vs. root

Jon LaBadie novalugml@jgcomp.com
Mon Jul 1 18:51:32 EDT 2013


On Mon, Jul 01, 2013 at 05:49:47PM -0400, Gary Knott wrote:
> What's the nature of using sudo (on a Ubuntu system)  versus
> having a root user, and either logging-in as root or doing su root?
> 
> On a stock Ubuntu system, root seems to be a user in the
> sense that files can be owned by root, and processes can be
> created belonging to root.  But more technically, what
> was done to create a Ubuntu-like system from the
> original design?  How is a root-login prevented in
> a stock system?

Don't know if it is what Ubuntu uses, but if the shell field
(the 7th and last field)  of root's passwd file entry is a
non-existing file, then logins are not allowed.  The shell 
field could also point at /sbin/nologin.

ISTR some entry in /etc/sysconfig could also be used.

> [When I do:  sudo cp filea fileb] in my home directory,
> I get fileb owned by root with 644 permissions.
> But when I subsequently type:  rm fileb
> I  am asked "do you want to delete write-protected
> file?"  and then, if i say yes, the deletion occurs,
> even though I am not the owner.  - what's
> the rationale here?]

/bin/rm might be better called "unlink".  Talking hard
links here, not symbolic (or soft) links.  All rm does
is decrease the number of links to the file and removes
the directory entry for that link.  If the link count
dropped to zero, and no process is using the file, then
the files disk utilization (data and inode) are made
available for reuse (i.e. the file is removed).  This
last step is not done by rm, but by the system as part
of decreasing the link count.  Thus you can remove a
lot of files very quickly but continue to hear disk
activity after you get a prompt back.

But if there are other links, either in the same or in 
different directories, the file's data and inode remain
intact (aside from a lower link count).  Thus rm does
not really modify a file.  What rm modifies is the
directory that contains the file.  A directory has data
just like other files, it is a list of name/inode number
pairs.  After rm, there are fewer pairs, so rm has
modified the directory.

Thus you need write permission on the directory, not the
file.  For other reasons you also need execute permission.
But you do not need read permission on the directory.

HTH,
Jon
-- 
Jon H. LaBadie                  novalugml@jgcomp.com
 11226 South Shore Rd		(703) 787-0688 (H)
 Reston, VA  20190		(609) 477-8330 (C)



More information about the Novalug mailing list