LINUX Root Password Confusion


Published: 2015-08-01
Updated: 2015-08-03
Web: https://fritzthecat-blog.blogspot.com/2015/08/linux-root-password-confusion.html


From time to time it is recommendable to change your password. When doing so, you meet the problem of sitting before some application that requires a password, thinking "Did I already change the password here too?".

Surely you know the situation. I met it when trying to upgrade my netbook's Lubuntu LINUX. The update-dialog was asking me for a password. Because the dialog did not proceed from receiving my new password, I decided that it is time to change the root password to my new password on this machine, canceled the software update and entered the following in a terminal window (the '$' is the UNIX prompt):


$ su
Password: oldPassword
$ passwd
Enter new UNIX password: newPassword
Retype new UNIX password: newPassword
passwd: password updated successfully

Starting the software updater then showed the same as before: the password was not accepted. I rebooted the machine to clear all "shadows" of the old password, but that did not help.

Then I searched the Internet for a way to change the root password on LINUX. I found some confusing discussions that Ubuntu has no root password any more, or that root access is done via sudo and the user-password is sufficient for this. But what about the software updater then?

I also tried this:


$ sudo passwd root
[sudo] password for xxx: oldPassword
Enter new UNIX password: newPassword
Retype new UNIX password: newPassword
passwd: password updated successfully

Did not help. The software updater denied the new password. I evaluated this also by calling the menu item "System" - "Network", there you have a button "Unlock" to get root access to network resources. Also "Synaptic" requires root permissions, and it rejected the new password, too.

Now I logged out and tried to log-in as root, to find out what the new root password has become. And it turned out to be the new one, so at least one of the methods above worked, most likely both!


This was the moment when I understood that the password that I have to enter for the software updater, or sudo or su, is not the root password. It is my normal user-password. I hadn't yet changed my user password on that computer.


$ passwd
Changing password for xxx.
(current) UNIX password: oldPassword
Enter new UNIX password: newPassword
Retype new UNIX password: newPassword

After that, the software updater accepted the new password and started to work.


That means I had changed the root password as normal user, using my user-password, not the root-password.
Normally you can not interact with a UNIX system without logging in, using your user-password. So why does the terminal window ask me for a password that I already had entered when logging into the system?
And why does it ask me for my own password instead of the root password when I want to get root by sudo or su? And why is my normal password sufficient to change the root password? Couldn't I change then anybodies password on this system?

Yes, because I am in the "sudo" group that has administrative permissions. Discussion and answers to some of these questions can be found here:

Ubuntu has become a cooperative system where users are expected to behave properly.

After reading this I did


$ sudo passwd -dl root

to disable the root account again.





ɔ⃝ Fritz Ritzberger, 2015-08-01