Given that root has all privileges, why is root ALL=(ALL) ALL in /etc/sudoers?












11















I looked at this question:
Trying to understand the difference between “modernNeo ALL=(ALL:ALL) ALL” and “modernNeo ALL=(ALL) ALL” in the sudoers file



I still have a question. Since the "root" user has all privileges, why is root ALL=(ALL) ALL in /etc/sudoers on Linux systems?



## Allow root to run any commands anywhere
root ALL=(ALL) ALL


I tried to comment it out, and the root user still had all privileges, it doesn't affect the root user at all. It looks like root ALL=(ALL) ALL is useless.










share|improve this question









New contributor




Bruce Xie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    11















    I looked at this question:
    Trying to understand the difference between “modernNeo ALL=(ALL:ALL) ALL” and “modernNeo ALL=(ALL) ALL” in the sudoers file



    I still have a question. Since the "root" user has all privileges, why is root ALL=(ALL) ALL in /etc/sudoers on Linux systems?



    ## Allow root to run any commands anywhere
    root ALL=(ALL) ALL


    I tried to comment it out, and the root user still had all privileges, it doesn't affect the root user at all. It looks like root ALL=(ALL) ALL is useless.










    share|improve this question









    New contributor




    Bruce Xie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      11












      11








      11


      1






      I looked at this question:
      Trying to understand the difference between “modernNeo ALL=(ALL:ALL) ALL” and “modernNeo ALL=(ALL) ALL” in the sudoers file



      I still have a question. Since the "root" user has all privileges, why is root ALL=(ALL) ALL in /etc/sudoers on Linux systems?



      ## Allow root to run any commands anywhere
      root ALL=(ALL) ALL


      I tried to comment it out, and the root user still had all privileges, it doesn't affect the root user at all. It looks like root ALL=(ALL) ALL is useless.










      share|improve this question









      New contributor




      Bruce Xie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      I looked at this question:
      Trying to understand the difference between “modernNeo ALL=(ALL:ALL) ALL” and “modernNeo ALL=(ALL) ALL” in the sudoers file



      I still have a question. Since the "root" user has all privileges, why is root ALL=(ALL) ALL in /etc/sudoers on Linux systems?



      ## Allow root to run any commands anywhere
      root ALL=(ALL) ALL


      I tried to comment it out, and the root user still had all privileges, it doesn't affect the root user at all. It looks like root ALL=(ALL) ALL is useless.







      sudo






      share|improve this question









      New contributor




      Bruce Xie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question









      New contributor




      Bruce Xie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question








      edited 51 mins ago









      terdon

      129k32253428




      129k32253428






      New contributor




      Bruce Xie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 6 hours ago









      Bruce XieBruce Xie

      563




      563




      New contributor




      Bruce Xie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Bruce Xie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Bruce Xie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          1 Answer
          1






          active

          oldest

          votes


















          16














          That entry ensures that root can run sudo. If you comment it out,



          sudo ls


          run as root will fail.



          It’s a convenience: it means users can run sudo commands without thinking about things too much, i.e. they’ll work the same way whether they’re running as a sudo-enabled user or root (whether that’s a good idea is another question). It also means that scripts can use sudo to request root privileges, and still work without issue when they’re run as root directly.






          share|improve this answer


























          • looks like that, I got it, thank you!

            – Bruce Xie
            5 hours ago






          • 4





            It also allows root to become another user which is handy if you need to debug something or want to run something with limited privileges.

            – eckes
            3 hours ago






          • 1





            @eckes indeed; and root can do that using a variety of tools, without a password (su for example).

            – Stephen Kitt
            3 hours ago











          • @StephenKitt sudo also sanitizes the environment when you switch users with it, which is kind of important if you're debugging things.

            – Austin Hemmelgarn
            1 hour ago











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "106"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          Bruce Xie is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f495059%2fgiven-that-root-has-all-privileges-why-is-root-all-all-all-in-etc-sudoers%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          16














          That entry ensures that root can run sudo. If you comment it out,



          sudo ls


          run as root will fail.



          It’s a convenience: it means users can run sudo commands without thinking about things too much, i.e. they’ll work the same way whether they’re running as a sudo-enabled user or root (whether that’s a good idea is another question). It also means that scripts can use sudo to request root privileges, and still work without issue when they’re run as root directly.






          share|improve this answer


























          • looks like that, I got it, thank you!

            – Bruce Xie
            5 hours ago






          • 4





            It also allows root to become another user which is handy if you need to debug something or want to run something with limited privileges.

            – eckes
            3 hours ago






          • 1





            @eckes indeed; and root can do that using a variety of tools, without a password (su for example).

            – Stephen Kitt
            3 hours ago











          • @StephenKitt sudo also sanitizes the environment when you switch users with it, which is kind of important if you're debugging things.

            – Austin Hemmelgarn
            1 hour ago
















          16














          That entry ensures that root can run sudo. If you comment it out,



          sudo ls


          run as root will fail.



          It’s a convenience: it means users can run sudo commands without thinking about things too much, i.e. they’ll work the same way whether they’re running as a sudo-enabled user or root (whether that’s a good idea is another question). It also means that scripts can use sudo to request root privileges, and still work without issue when they’re run as root directly.






          share|improve this answer


























          • looks like that, I got it, thank you!

            – Bruce Xie
            5 hours ago






          • 4





            It also allows root to become another user which is handy if you need to debug something or want to run something with limited privileges.

            – eckes
            3 hours ago






          • 1





            @eckes indeed; and root can do that using a variety of tools, without a password (su for example).

            – Stephen Kitt
            3 hours ago











          • @StephenKitt sudo also sanitizes the environment when you switch users with it, which is kind of important if you're debugging things.

            – Austin Hemmelgarn
            1 hour ago














          16












          16








          16







          That entry ensures that root can run sudo. If you comment it out,



          sudo ls


          run as root will fail.



          It’s a convenience: it means users can run sudo commands without thinking about things too much, i.e. they’ll work the same way whether they’re running as a sudo-enabled user or root (whether that’s a good idea is another question). It also means that scripts can use sudo to request root privileges, and still work without issue when they’re run as root directly.






          share|improve this answer















          That entry ensures that root can run sudo. If you comment it out,



          sudo ls


          run as root will fail.



          It’s a convenience: it means users can run sudo commands without thinking about things too much, i.e. they’ll work the same way whether they’re running as a sudo-enabled user or root (whether that’s a good idea is another question). It also means that scripts can use sudo to request root privileges, and still work without issue when they’re run as root directly.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 5 hours ago

























          answered 6 hours ago









          Stephen KittStephen Kitt

          167k24375454




          167k24375454













          • looks like that, I got it, thank you!

            – Bruce Xie
            5 hours ago






          • 4





            It also allows root to become another user which is handy if you need to debug something or want to run something with limited privileges.

            – eckes
            3 hours ago






          • 1





            @eckes indeed; and root can do that using a variety of tools, without a password (su for example).

            – Stephen Kitt
            3 hours ago











          • @StephenKitt sudo also sanitizes the environment when you switch users with it, which is kind of important if you're debugging things.

            – Austin Hemmelgarn
            1 hour ago



















          • looks like that, I got it, thank you!

            – Bruce Xie
            5 hours ago






          • 4





            It also allows root to become another user which is handy if you need to debug something or want to run something with limited privileges.

            – eckes
            3 hours ago






          • 1





            @eckes indeed; and root can do that using a variety of tools, without a password (su for example).

            – Stephen Kitt
            3 hours ago











          • @StephenKitt sudo also sanitizes the environment when you switch users with it, which is kind of important if you're debugging things.

            – Austin Hemmelgarn
            1 hour ago

















          looks like that, I got it, thank you!

          – Bruce Xie
          5 hours ago





          looks like that, I got it, thank you!

          – Bruce Xie
          5 hours ago




          4




          4





          It also allows root to become another user which is handy if you need to debug something or want to run something with limited privileges.

          – eckes
          3 hours ago





          It also allows root to become another user which is handy if you need to debug something or want to run something with limited privileges.

          – eckes
          3 hours ago




          1




          1





          @eckes indeed; and root can do that using a variety of tools, without a password (su for example).

          – Stephen Kitt
          3 hours ago





          @eckes indeed; and root can do that using a variety of tools, without a password (su for example).

          – Stephen Kitt
          3 hours ago













          @StephenKitt sudo also sanitizes the environment when you switch users with it, which is kind of important if you're debugging things.

          – Austin Hemmelgarn
          1 hour ago





          @StephenKitt sudo also sanitizes the environment when you switch users with it, which is kind of important if you're debugging things.

          – Austin Hemmelgarn
          1 hour ago










          Bruce Xie is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          Bruce Xie is a new contributor. Be nice, and check out our Code of Conduct.













          Bruce Xie is a new contributor. Be nice, and check out our Code of Conduct.












          Bruce Xie is a new contributor. Be nice, and check out our Code of Conduct.
















          Thanks for contributing an answer to Unix & Linux Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f495059%2fgiven-that-root-has-all-privileges-why-is-root-all-all-all-in-etc-sudoers%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Magento 2 controller redirect on button click in phtml file

          Polycentropodidae