Difference between root account and administrative account
Disabling root
You have to have a root account. The only things you can do with it, in terms of "disabling" it, are:
Lock the account
$ sudo passwd -l rootGive root an unusable password
$ sudo usermod -p '!' root
sudo - as user root
Remember that when a user with "administrative privileges" is making use of sudo they're running commands with elevated privileges as the user root!
You can see that this is true with a simple ps command:
$ sudo sh -c "ps -eaf | grep [s]udo"
root 2625 26757 0 04:19 pts/10 00:00:00 sudo sh -c ps -eaf | grep [s]udo
The above shows that when the ps command is executed, you're effectively the user root.
Booting
Also when booting into a system in single user mode (from GRUB), you'll need to login using the root account. Typically you're passing either the word single to GRUB or the number 1.
What sudo permissions do I have?
On a system where one has been given sudo permissions you can use the command sudo -l to see what rights you do have. These are not a complete set of everyone's rights, just the user that's running the command.
For example:
$ sudo -l
Matching Defaults entries for saml on this host:
env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG
LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME
LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY",
secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin
User saml may run the following commands on this host:
(ALL) ALL
(root) NOPASSWD: /usr/lib/jupiter/scripts/bluetooth, (root) /usr/lib/jupiter/scripts/cpu-control, (root)
/usr/lib/jupiter/scripts/resolutions, (root) /usr/lib/jupiter/scripts/rotate, (root) /usr/lib/jupiter/scripts/touchpad, (root)
/usr/lib/jupiter/scripts/vga-out, (root) /usr/lib/jupiter/scripts/wifi
NOTE: The commands one's been granted access to are everything after the line, "User saml may run the following ....".
Limiting access via sudo
Sudo has a fairly rich facility for limiting access to specific commands, groups of commands, specific users, and/or specific groups of users. There are some caveats however with sudo.
You can grant full access to everything with this line in /etc/sudoers:
aaditya ALL=(ALL) ALL
You could also give a user what appears to be simple access to vim certain files:
aaditya ALL=/usr/bin/vim
This would be a huge mistake however, since many editors such as vim allow you to invoke a subshell from within them. So the user aaditya would be able to gain access to a shell with root permissions, even if the sudo permissions didn't intend for that to happen.