1. Introduction
The root user in Linux refers to a superuser account with administrative privileges. The root user has unrestricted access. Notably, it’s crucial to use root privileges thoughtfully and often recommended to perform most tasks with regular user accounts.
In this tutorial, we’ll learn how to check if a script is being run as root on a Linux system.
First, we’ll discuss the EUID concept for verification. Next, we’ll explore the whoami command to get similar results. Lastly, we’ll look at the id command to check whether the script is running as a root on our system.
2. root Check with the EUID Comparison
To begin with, we can use EUID to check whether a script is executed by a root user or not.
EUID stands for Effective User ID. EUID in Linux serves as a numerical identifier indicating the user whose permissions a process currently utilizes. Hence, this functionality enables processes to elevate privileges for specific tasks temporarily.
To check whether a root user is executing a script or not, we use EUID with conditionals within a script:
$ cat rootEUID.sh
#!/bin/bash
if [[ $EUID -ne 0 ]]; then
echo "You must be root to do this." 1>&2
exit 100
fi
Now, we’ll make the file executable using the chmod command, and run the script:
$ chmod + rootEUID.sh
$ ./rootEUID.sh
You must be root to do this.
The above script verifies if the user is executing it with root privileges by examining its $EUID. If the EUID isn’t equal to 0, it indicates non-root execution. Next, the script outputs an error message to the standard error stream, stating You must be root to do this. After that, it exits with an exit code of 100.
Additionally, we can compare $EUID with 0 to confirm whether a superuser is executing the script:
if [ "$EUID" -eq 0 ]; then
In general, when testing numbers, it’s advisable to use ((..)), while [[..]] is more suitable for testing strings and files. Hence, we can modify the above script to use standard arithmetic evaluation:
$ cat EUID.sh
#!/bin/bash
if (( EUID != 0 )); then
echo "You must be root to do this." 1>&2
exit 100
fi
Hence, this script ensures that only the users with the necessary permissions perform the required operations.
3. root Check With the whoami Command
Similarly, we can use the whoami command to verify whether a script is executed by a user named root.
The whoami command in Linux reveals the username associated with the current effective user ID. Thus, we primarily use it to identify the executing user in the terminal. However, we can also use it in scripting scenarios for conditionally executing commands based on the user.
Let’s view the rootwhoami.sh script:
$ cat rootwhoami.sh
#!/bin/bash
if [ `whoami` != 'root' ]; then
echo "Root privileges are required for this operation."
else
echo "You are root."
exit
fi
Now, we make the script executable and run it:
$ chmod +x rootwhoami.sh
$ ./rootwhoami.sh
Root privileges are required for this operation.
The above script verifies whether a root user executes it. Then, the script uses the output from whoami to check whether the current user is root or not. We do this to ensure that the user executing the script is root.
It’s important to note that using the whoami command isn’t a reliable method for checking if a script runs with root privileges. A root user is not necessarily named root. In addition, the whoami command simply returns the current username. This means a user might have the name root without having actual root privileges. Therefore, it’s usually more accurate to check for root privileges using other commands.
4. root Check With the id Command
Alternatively, we can use the id command to verify that a script is being run as a root on Linux.
The id command in Linux provides user and group information, including UID, GID, and supplementary group memberships. Additionally, it assists system administrators in managing permissions and understanding user identities within the system.
Now, let’s look into an example script that uses id:
$ cat rootid.sh
#!/bin/bash
if ! [ $(id -u) = 0 ]; then
echo "I am not root!"
exit 1
fi
Next, we make this script executable, and run it:
$ chmod +x rootid.sh
$ ./rootid.sh
I am not root!
The script above checks whether the executing user has root administrator privileges. To do that, it uses the id -u command to obtain the UID. After that, we check the value of UID. If it’s not equal to 0, it isn’t the UID for the root user.
In addition, we use the -u flag for the effective user ID, not the real user ID. That’s because we determine the permissions using the effective user ID. Next, it prints the message I am not root!. After that, it exits with a status code of 1, indicating an unsuccessful execution. Essentially, the script ensures it runs with elevated privileges, and if not, it terminates with an error message.
5. Combined Approach
If POSIX is a concern, we use the id command. Otherwise, we use the EUID shell variable.
However, to consider efficiency, we may first test using the $EUID variable, and then, if it doesn’t exist, we call the standard id command:
$ cat rootCheck.sh
#!/bin/bash
if [ ${EUID:-0} -ne 0 ] || [ "$(id -u)" -ne 0 ]; then
echo You are not root.
else
echo Hello, root.
fi
Now, the script should correctly check whether the effective user ID isn’t equal to 0, or if the user ID obtained from id -u isn’t equal to 0.
6. Conclusion
In this article, we learned ways to check if a script was being run as root on a Linux system.
Initially, we discussed the EUID shell variable for verification. Subsequently, we explored the whoami command to obtain similar results. Finally, we looked at the id command to check whether the script was running as root on our system.