Why does a command work after sudo su, but not with sudo?
-
I'm playing around with ZeroTier on a backup server (running Ubuntu 18.04) I'm deploying for a customer. When I run
sudo zerotier-cli join ##########it complains about the authtoken not existing or being readable. It does exist. When I do sudo su before running the same command (sans sudo) it works. Here is the permissions on it set by the installer:
-rw------- 1 zerotier-one zerotier-one 24 Jun 4 15:40 authtoken.secretCan y'all educate a Linux newb?
-
My guess is that it is running several commands after just zerotier-cli join. Those are run as the current user. When you sudo su you become root so any command is then run in the root context.
-
Odd, I swear it works for me. I'll have to double check.
-
It works for me.
-
@kelly sudo su lets you load part of the root env if I remember correctly.
Basically sudo lets your user do privileged work.
Sudo su lets your user become root. And then ezecute code as root.
This not the same as logging as root but some of the env should be loaded. -
Sometimes for me has been the environmental variables (like for zimbra) or like root when you cannot sudo cd to a directory.
-
@matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:
@kelly sudo su lets you load part of the root env if I remember correctly.
Basically sudo lets your user do privileged work.
Sudo su lets your user become root. And then ezecute code as root.
This not the same as logging as root but some of the env should be loaded.Is the default account that is created when you set up Ubuntu not root?
-
Sorry for the lack of follow up yesterday. I was at a client site.
-
@kelly said in Why does a command work after sudo su, but not with sudo?:
@matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:
@kelly sudo su lets you load part of the root env if I remember correctly.
Basically sudo lets your user do privileged work.
Sudo su lets your user become root. And then ezecute code as root.
This not the same as logging as root but some of the env should be loaded.Is the default account that is created when you set up Ubuntu not root?
A root account exists by default, but you you don't populate the root password, it makes a user account with sudo privileges.
If you give the root account a password during setup, you can create a user account without sudo I do believe.
Is that what you are asking?
-
@jaredbusch said in Why does a command work after sudo su, but not with sudo?:
@kelly said in Why does a command work after sudo su, but not with sudo?:
@matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:
@kelly sudo su lets you load part of the root env if I remember correctly.
Basically sudo lets your user do privileged work.
Sudo su lets your user become root. And then ezecute code as root.
This not the same as logging as root but some of the env should be loaded.Is the default account that is created when you set up Ubuntu not root?
A root account exists by default, but you you don't populate the root password, it makes a user account with sudo privileges.
If you give the root account a password during setup, you can create a user account without sudo I do believe.
Is that what you are asking?
Yes, that answers my question. Just to summarize how I am understanding it from what has been said:
-
I was logged in with a sudoer, but not root
-
When I do sudo su I am actually switching to root
-
Since this is the case the user context was different and my sudoer user account did not have permissions to the file, but in the root user context I would have permissions and thus the command succeeded.
Is that all correct?
-
-
@kelly said in Why does a command work after sudo su, but not with sudo?:
@jaredbusch said in Why does a command work after sudo su, but not with sudo?:
@kelly said in Why does a command work after sudo su, but not with sudo?:
@matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:
@kelly sudo su lets you load part of the root env if I remember correctly.
Basically sudo lets your user do privileged work.
Sudo su lets your user become root. And then ezecute code as root.
This not the same as logging as root but some of the env should be loaded.Is the default account that is created when you set up Ubuntu not root?
A root account exists by default, but you you don't populate the root password, it makes a user account with sudo privileges.
If you give the root account a password during setup, you can create a user account without sudo I do believe.
Is that what you are asking?
Yes, that answers my question. Just to summarize how I am understanding it from what has been said:
-
I was logged in with a sudoer, but not root
-
When I do sudo su I am actually switching to root
-
Since this is the case the user context was different and my sudoer user account did not have permissions to the file, but in the root user context I would have permissions and thus the command succeeded.
Is that all correct?
Generally yes. It is unusual not to have access to something with
sudoso more very specific things would need determined.Example, this file is owned by root.
[[email protected] ~]$ ls -l /etc/nginx/conf.d/jaredbusch.com.conf -rw-r--r--. 1 root root 1108 Sep 5 2017 /etc/nginx/conf.d/jaredbusch.com.confIf I do this
[[email protected] ~]$ nano /etc/nginx/conf.d/jaredbusch.com.confI get this.
But
[[email protected] ~]$ sudo nano /etc/nginx/conf.d/jaredbusch.com.conf [sudo] password for jbusch:I get this. (ie writable)
This example is on CentOS 7. I do not have handy access to an Ubuntu system. I guess I could check with a Debian system.
-
-
@jaredbusch said in Why does a command work after sudo su, but not with sudo?:
@kelly said in Why does a command work after sudo su, but not with sudo?:
@jaredbusch said in Why does a command work after sudo su, but not with sudo?:
@kelly said in Why does a command work after sudo su, but not with sudo?:
@matteo-nunziati said in Why does a command work after sudo su, but not with sudo?:
@kelly sudo su lets you load part of the root env if I remember correctly.
Basically sudo lets your user do privileged work.
Sudo su lets your user become root. And then ezecute code as root.
This not the same as logging as root but some of the env should be loaded.Is the default account that is created when you set up Ubuntu not root?
A root account exists by default, but you you don't populate the root password, it makes a user account with sudo privileges.
If you give the root account a password during setup, you can create a user account without sudo I do believe.
Is that what you are asking?
Yes, that answers my question. Just to summarize how I am understanding it from what has been said:
-
I was logged in with a sudoer, but not root
-
When I do sudo su I am actually switching to root
-
Since this is the case the user context was different and my sudoer user account did not have permissions to the file, but in the root user context I would have permissions and thus the command succeeded.
Is that all correct?
Generally yes. It is unusual not to have access to something with
sudoso more very specific things would need determined.Example, this file is owned by root.
[[email protected] ~]$ ls -l /etc/nginx/conf.d/jaredbusch.com.conf -rw-r--r--. 1 root root 1108 Sep 5 2017 /etc/nginx/conf.d/jaredbusch.com.confIf I do this
[[email protected] ~]$ nano /etc/nginx/conf.d/jaredbusch.com.confI get this.
But
[[email protected] ~]$ sudo nano /etc/nginx/conf.d/jaredbusch.com.conf [sudo] password for jbusch:I get this. (ie writable)
This example is on CentOS 7. I do not have handy access to an Ubuntu system. I guess I could check with a Debian system.
Same things happens in Ubuntu/Debian
-
-
Thanks. I appreciate the schooling.
