# Changing Identities

### Introduction

In previous lessons we saw how, as an individual user, we permissions to access files and directories in different ways.  In this lesson, we'll learn about changing our users, and why changing users is sometimes necessary. 

### Navigating the System

Now when we login to our computer as a certian user, we, by default, have access to files and directories in the user's home folder as those are files that we created, and thus have permission to read or access those files.   

In linux, the home folder is indicated by the `tilde`.

> The home folder is indicated by the `~` in linux.

<img src="./home.png" width="40%">

So when we're working within our home folder, we generally have the access we need.  But there are other files located on our computer, located outside of our home directory.  For example, if we navigate outside of that folder we can see the folder of our `Guest` user.

<img src="./different_users.png" width="60%">

And then if we navigate one level up from our Users folder, we'll find the `root` folder, which is as far up as we can go.

<img src="./root_folder.png" width="80%">

Now if we look at the permissions of the files located is say, the `etc` folder, we can see that, for many of the files, write access is restricted to the root user.

<img src="./permissions-etc.png" width="50%">

> Notice that the owner is root, and that read and write access is restricted to the owner.

The point is that if we want to alter, or install packages that alters certain files or folders located outside of our `home` folder, we may have to change users to be root.  

And, it used to be the case, that we could login to Linux and switch users to be whatever we want.

`su -l`

> `su` stands for switch user and `su -l` is the command to switch to the root user.

### But don't do it

Logging in as the root user and giving ourselves access to every file on our computer is a bad idea.

For example, if we logged in as root without logging back out, if we then used our web browser that had a security bug and a malicious web page, it would be able to write to and alter all of the files on our system.  This is bad.

If, by contrast, we were just logged in as our user account, only our home folder would be exposed (as we would still be logged in as a user).  While still bad, it at least limits some damage.

To prevent us from logging in as root, recent versions of Linux do not even allow for it.  Linux puts switching to the root user under lock and key, and we are not given that key.

<img src="./su-sorry.png" width="40%">

But while linux does not give us the ability to login as the root user, it *does* give us the ability to execute one command at a time as the root user.  This is the `sudo` command, which stands for `super user do`.  

> Another name for the root user is the super user.

One nice thing about sudo, is that it **does not** require access to the superuser's password.  Instead, if prompted for a password we need only use our current user password.  When do we need to use `sudo`?  Oftentimes, when we are installing packages.  

The following diagram, from XKCD, may illustrate why.

<img src="./installing_pip.png" width="50%">

As we can see, Anaconoda and pip sometimes try to make changes to folders owned by root.  To get them to install, we may need to change our user to sudo.

> Even here, we should try not to use sudo, as this will again give the pip package access to any file in our system when installing.  Instead it is better to install with the user flag as in `pip3 install --user numpy`.

### Summary

In this lesson, we learned about switching users in the shell.  We saw that while we have access to many of the files in the home directory, we may not have access to many files located outside of the home directory.  For those files, the owner of the file is often `root`, and write access to the file is often restricted to the owner.

While, for security reasons, linux does not allow us to login as the root owner, it does allow us to execute shell commands as the root owner by using sudo followed by the shell command.  We sometimes to use sudo while installing programs on our computer as installation may require modification of files located outside of our home directory and only writable by root.

### Resources

[Limit use of Root](howtogeek.com/124950/htg-explains-why-you-shouldnt-log-into-your-linux-system-as-root/)

[Don't use sudo with pip](https://dev.to/elabftw/stop-using-sudo-pip-install-52mn)

[Adding a User](https://linuxize.com/post/how-to-create-users-in-linux-using-the-useradd-command/)

[Switching Users](https://devconnected.com/how-to-change-user-on-linux/)