Quote Originally Posted by win-refugee View Post
Do you have some links to suggest where i might read about that ?
Web search tools will find them. LDP.org is probably the best for generic information.

Quote Originally Posted by win-refugee View Post
I understand about Linux users and groups, and permissions. I'm not crazy about how Ubuntu has done it. There is no 'root' user login nor home directory, but in essence 'root' is the PRIMARY user. Files are owned by 'root' and there is a 'root' group with just that user. I defined an Administration user as part of the install process. Ubuntu docs say this first defined user has administration privileges. That user belongs to the 'admin' group. Sure enough, login as Admin and do 'sudo' and you can access many things owned by 'root'. Logged in as this admin user, i created my user account. It has its own username and password, its own /home/userA directory. It belongs to the predefined 'users' group. It can sudo to admin privileges.
There certainly is a root user and a root HOME directory. They just aren't directly accessible, as in some other systems. Logging in directly as root is prevented both local and remote. GUI sessions cannot be started as root either. These are all security choices. You are free do disagree about them, if you like.

The admin group is just there to allow permissions to files and directories that shouldn't be available to just any end user. Standard Unix group and permissions. Nothing more. There's nothing special about "admin" or "administrator" or anything similar. While "root" is often "special", it isn't strictly required as the name. That's a Linux thing, not anything special about Ubuntu. And I haven't been active on a Unix system in so long that I wouldn't state it is optional there, but it was when I was a UNIX admin. A few scripts might check that the username is "root", but that is a bug. A uid of zero, 0, is what those scripts should be checking.

It is possible to change from using the admin or sudo Unix groups to using some other named groups, if you prefer. There's nothing special about the names or the uid/gid of those two groups, except that they are setup by default for a number of other tools in those config files. There may be some lazy programs where the developer did hard code specific group membership for extra access, but I'd be surprised of that were true. GUI programs often take shortcuts like that, because GUI programmers don't always really understand things. Their expertise is in making bloated code for point-n-click stuff, not understanding the deeper parts of the OS.

BTW, I capitalize Unix with specific meanings.
UNIX = commercial UNIX - like Solaris, AIX, HP-UX, Digital Unix, Irix, etc. al.
Unix = any UNIX-like OS, which includes BSD, Linux, AT&T UNIX, and all the other UNIX flavors.
Linux = anything that uses the Linux Kernel from Kernel.org. If I use that, it means I either don't know or am not certain if Unix or UNIX applies too.

It is sorta like how we use
# to denote a root shell and
$ to denote a non-root shell.

Details matter.

THERE IS NO ADMIN USER that is tied to any specific name. Also, HOME directories don't need to be in /home/{username} if you don't want that. It is a Linux convention, but lots of places don't follow it for a number of reasons. There is a Standards document for file systems and the layout for UNIX, Unix and Linux systems. Recent versions of Linux do say /home/ is for non-root HOME directories. I don't know why this restriction was put in place. There's no mandated reason for it across all Linuxen, regardless of what Ubuntu Snap development team may think. That's a problem for a different day.

Calling an account "Admin" doesn't make it so. It is the group membership that matters. One user with full admin rights can add other users with or without admin rights. Your choice. If admin rights happen to the 2nd and later users added to a system and you didn't specifically set those up, you either weren't paying attention or have a misconfigured system.

sudo isn't just for elevating to root privilege. It can be used to change to any other user on the system and in many situations, when setting up a user to have specific sudo capabilities, they do not get root, but some other, usually a daemon uid, privileges for running specific commands with specific options. For example, accessing config files for a web server often is limited to www-data, not root, so a webmaster wouldn't get generic sudo -to- root, but just sudo -to- www-data user privileges. Lazy admins might allow the webmaster full sudo when it isn't necessary. That breaks the idea of least privilege needed to do their job.

Things that seem similar to how other non-Unix OSes do things, usually aren't the same at all. It is easy to make assumptions based on knowledge from those other OSes and because most of the time, those ideas seem to fit, accept them as true, when they are not. It is a common issue.

Ubuntu, at the core, isn't any different than any other Linux OS. They've made some customizations in the belief that some of those things are more secure or easier or aid in productivity. If you don't like it, there are other OSes to pick from, including many Linux variants. Or you can change the Ubuntu customizations to do what you like, but that is often more hassle than it is worth.

You are posting in the New user sub-forum here, so I've assumed you are new. It usually takes a few years for all the subtle things in Unix-like OSes to become clearer and the genius in how things are setup to be seen. There is an elegance. Just remember that there are only two types of things in Unix. Files and processes. Everything that doesn't show up in the system process table (use ps aux to see), those are files. With that understanding, you can see why uids, gids, and permissions are so important. They control all access.