A lot of folks that set up a computer have a tendency to use an administrator account for every day purposes. While this does make it easier to use the computer, it causes unnecessary risks from a security standpoint in that administrator access allows anything to run and has the potential to severely corrupt the computer and data. A better way is to log in to the computer a a regular user and reserve the administrator account for maintenance on the computer.
This can be easily achieved on a Linux box by utilizing the sudo program. The sudo program basically allows you to log in as a regular user and then execute commands as root. For example as a regular user, trying to check the status of physical volumes with '/sbin/pvdisplay' yields an error of:
"
WARNING: Running as a non-root user. Functionality may be unavailable.
/var/lock/lvm/P_global:aux: open failed: Permission denied
Unable to obtain global lock.
"
The same command using sudo ie 'sudo /sbin/pvdisplay' yields the output of:
"
---snipped for brevity and sanitized---
--- Physical volume ---
PV Name /dev/sd?
VG Name vg_?????????
PV Size 2.73 TiB / not usable 4.46 MiB
Allocatable yes (but full)
PE Size 4.00 MiB
Total PE 715396
Free PE 0
Allocated PE 715396
PV UUID xxxx-xxxxx-xxxxx-xxxxx-xxxxx-xxxx
"
Most (if not all) variants of Linux out there have sudo available and it can be installed using your regular software package manager. Once installed it can be configured via the visudo command which edits the /etc/sudoers file to allow or disallow various options (no password required for sudo access, allow or disallow certain programs to be run by certain users, etc). The options for sudo are legion and it is a very powerful way of allowing access to administrative level commands without actually logging in as root.