What would happen if I created an account called 'root'?
Solution 1:
Usernames must be unique, so, as mentioned by Owen Hines' answer, you wouldn't be able to create this user. However, the key point here is that superuser powers (all possible permissions) aren't granted by the username root
, but by UID.
The user with UID 0 is the superuser.
So, if the user with UID 0 had a different name, and you created a user called root
, they would not have any special status.
I refer you to the root tag wiki!
Solution 2:
It wouldn't let you because there would already be a root
user.
But, as Florian Diesch said in the comments:
Some tools will complain but you can always edit
/etc/passwd
andetc/shadow
manually to create a second user namedroot
.
Solution 3:
First the how, as others have stated, you change the user with UID 0 to something else. Then you can create a normal user with the name of root and a UID higher then 1000. It will work "fine". All permissions and core system functions use UID and not user name. In fact this is a good first step in hardening a Linux system. (much better to disable root, but before sudo we used to do this).
Now as to what will happen.
Most of the time nothing. All system calls that have to do with authorization or authentication use UID (that I am aware of). And it has been that way for some time. Your system will keep on running as usual. System tools will reflect the new user name, but continue to work normally. In other words "root" in convention and not set in stone.
That said, I am sure there are some tools and programs that are poorly written. Programs that check the $USER environment variable may act incorrectly. Usually these are scripts and small projects, but you could spend some time tracking down that one bad commit, 6 years ago in fdisk that keeps giving you a headache.
This is something that I used to do all the time. It was an easy step, and falls under the rule of "non-predictable user names". There are MUCH better ways of achieving the same goals today though.
Solution 4:
As others have explained, it's the UID = 0 gives the user "superpowers", not the user name being "root". So if you somehow managed to create another user called "root" (after renaming/deleting the original one) - the user's super-status would depend on the UID you gave it.
Which also leads to another interesting idea: it's totally possible to have multiple users with the same UID (which makes them essentially the same user from the point of filesystem permissions but allow to have different, say, shell and home directory). In fact, some UNIX-like systems have another superuser account called toor (root backwards) which allows to have two super-user accounts with different settings.
Solution 5:
How to create 2nd 'root':
Yes, in theory, there must be no two users with same username or same IDs. And standard utilities are foolproof and will not make such users for you. But you always can edit /etc/passwd manually.
For example, I did:
$ sudo adduser root2 # created ordinary user
$ sudo vim /etc/passwd # edit last line, change 'root2' to 'root'.
$ sudo -u '#1002' id # 1002 is UID of new user, it's in last line of /etc/passwd
uid=1002(root) gid=1002(root2) группы=1002(root2)
As you see, we are root now! Yes, thats not real root (not uid=0), but it's same four letters. Impressive and useless.
How to create better 2nd 'root':
Also, you can do other modification. Leave username as-is, (yourname or root2) but change uid.
$ tail -n 1 /etc/passwd
root2:x:0:0:,,,:/home/root2:/bin/bash
(see, UID and GID fields are zeroes) Now you have usual (non-root) user, with almost non-suspicious username (or make username 'johndoe' for better effect), but in fact, this user has superpowers!
$ fdisk /dev/sda
fdisk: unable to open /dev/sda: Permission denied
$ sudo -u root2 fdisk /dev/sda
Command (m for help):
As you see, ordinary user cannot use fdisk on /dev/sda, but root2 can do anything!
This simple trick sometimes used after system is hacked to provide backdoor. Even if real root will change his keys/passwords, hacker still will have full control over system via other user with uid=0.
How matrix works
Actually, neither username 'root', nor uid=0 isn't magical by itself. This is just matter of convention. And it's not even always true. (see this question: Does the root account always have UID/GID 0? ) Kernel code is magical. Actually, userspace code itself - cannot do anything which root can do. Even if runs as root! Root power are in kernel. e.g. if you do "cat /etc/shadow" (only root usually can do this), /bin/cat program calls libc open() function which is still userspace code, and this open() function performs system call to kernel. Then kernel itself decides what do to. For example, kernel may allow some operation if effective user has id==0.
In theory, if you will change some code in kernel and handle 'www-data' user differently - some operations may be allowed only for 'www-data' user (and not allowed even to root).