What is different between root and sudo?
A root user can have all the privileges. But a normal user can gain access like a root with su or sudo command and their own password.
So what's the difference?
Solution 1:
The su
(and sudo) command traditionally require root's password. However, you can setup sudo
so that ordinary users can achieve root privileges with their own password by modifying /etc/sudoers
(as root, preferably with visudo
).
Modern Linux distributions preconfigure the first user to be able to sudo with her own password. This prevents accidental system malconfiguration by the user, and enables them to gain full control without the need of a separate root password.
Solution 2:
A normal user can only gain root access with sudo if they are in the sudoers file (meaning they are trusted enough to gain admin permissions on demand). In a production environment, almost nobody should be a sudoer.
Solution 3:
The su
command it to temporary change an identity to any user on a system and execute many programs with his/her/its permissions. It doesn't have to be the root. If the user executing su
isn't the root, he have to enter the password of the user he want get identity.
The sudo
command is to execute one command with permissions of any user. It doesn't have to be the root too. The command is very configurable and provide some kind of precise access control. The entering own password is optional and configurable. Some distribution let the first user of the system to execute with sudo
everything.
Solution 4:
To add to the above answers,
su user1
with the user's password shall switch your credential to user1 till you type exit
just su
shall assume root by default.
sudo
as mentioned in other answers, can be granted to trusted users and a ristricted set of commands. moreover, sudo
can be configured to log commands executed. This is a good way to track misuse of privilege.