Root

Any Unix like OS hast 2 types of users: privileged and not privileged. Default privileged user is called root.

It lets you become the root and work in root’s environment - if you know the password. Obviously, too much power corrupts and makes you dangerous. One root’s typing error potentially is a security risk escpecially in graphical environment.

SU

Any user in the system could become the root.

su -

Or any user for that matter:


su trump

SUDO

Another way to run privileged commands, is SUDO

Enable sudo access.

To make a single user sudoer: add a file with following line to the /etc/sudoers.d/ directory

 username ALL=(ALL:ALL)  ALL

User username can run privileged commands after entering its password.

How about group?


  %username ALL=(ALL:ALL)  ALL

Sudo without password

  username ALL=(ALL:ALL) NOPASSWD: ALL


  %username ALL=(ALL:ALL) NOPASSWD: ALL

It’s very important to verify correct syntax of all sudoers files:


visudo -c

Another way

Add the user username to the wheel


 usermod -aG wheel username

Make sure that group wheel in in visudo is included and not commented.


%wheel  ALL=(ALL:ALL) ALL