[Linux] su, sudo and other “switch user” commands

1. The difference between $ and #
2.su
3.su-
4.su-root
5.sudo
6. sudo -i
7. sudo su –
8. Summary

The difference between 1.$ and #

The beginning of $ indicates that this is not a command executed under the root user (administrator user).

[ubuntu@Default:~]$ pwd
/home/ubuntu
[ubuntu@Default:~]$

Those starting with # are the opposite of the former, that is, under the root user.

[root@edge_detection:~]# pwd
/root
[root@edge_detection:~]#

How to change $ to # (that is, switch the ordinary user to the root user)?

[ubuntu@Default:~]$ sudo su
[root@Default:/home/ubuntu]# exit
exit
[ubuntu@Default:~]$

2.su

The su command can be used to switch to another user’s identity, by default it will switch to root User identity. When using the su command, you need to enter the password of the target user for authentication.

In Ubuntu, when using su, you need to set the password of the root user before switching to its identity.

sudo passwd root # Set root user password
su # Enter the root user password to switch to the root user identity

In CentOS, the su command switches the user to the ordinary user identity with the same name as the current user name by default. If a user with the same name does not exist, it switches to the root user. If you need to switch to the root user identity, you need to enter the password of the root user for authentication.

su # Enter the root user password to switch to the root user identity
su username # Switch to username user identity

su is the simplest identity switching command, usually su - username, then enter password and it’s OK. root users do not need a password to switch to other users through su, but non-root users do need a password when switching. Switching to root can use su - and su - root.

su [-] username -c 'COMMAND'

-c: Execute the command only once without switching user identities.

3.su –

In Ubuntu and CentOS, the su - command can also be used to switch to the identity of another user, but this command will also start a new shell session and set the environment variables to those of the target user. . When using the su - command, you also need to enter the password of the target user for authentication.

su - # Switch to root and start a new shell session
su - username # Switch to username user identity and start a new shell session

Note the difference:

su username # Non-login switching, that is, the target user's configuration file will not be read.
su - username # Login switching, the target user's configuration file will be read (complete switching)

4.su – root

In Ubuntu and CentOS, the su - root command can directly switch to the identity of the root user and start a new shell session. When using this command, you need to enter the password of the root user for authentication. Example:

su - root # Enter the root user password to switch to the root user identity and start a new shell session

5.sudo

sudo is a Linux system management command. It is a tool that allows system administrators to let ordinary users execute some or all root commands, such as halt, reboot, su and so on. This not only reduces the login and management time of the root user, but also improves security. sudo is not a replacement for the shell, it is per-command.

sudo can authorize specified users to run certain commands on specified hosts. If an unauthorized user attempts to use sudo, you will be prompted to contact the administrator.
sudo can provide logs to record each user’s use of sudo operations for future auditing.
sudo provides configuration files for system administrators, allowing system administrators to centrally manage user permissions and hosts.
sudo default lifetime is
5

5

5 minutes.

In Ubuntu and CentOS, the sudo command allows ordinary users to execute specific commands with superuser privileges. When using the sudo command, you need to enter the password of the current user for authentication.

sudo command # Use sudo authority to execute the command command. You need to enter the current user password to verify your identity.

6.sudo -i

In order to frequently execute certain permissions that only superusers can execute without having to enter a password every time, you can use this command. When prompted for a password, the password will be the password for the current account. no time limit. After executing this command, the prompt changes to # instead of $. When you want to return to a normal account, you can execute exit or logout.

In Ubuntu and CentOS, the sudo -i command starts a new shell session and sets the environment variables to those of the root user. When using this command, you also need to enter the current user’s password for authentication.

sudo -i # Enter the current user password to switch to root user identity and start a new shell session

sudo -i, sudo -i root, sudo -, sudo - root, sudo root has the same effect. When prompted to enter a password, the password is the password of the current account, and the user who executes the command must be in sudoers.

7.sudo su –

In Ubuntu and CentOS, the sudo su - command can be used to directly switch to the identity of the root user and start a new shell session. When using this command, you also need to enter the current user’s password for authentication.

sudo su - # Enter the current user password to switch to root user identity and start a new shell session

8. Summary

In general, these commands are basically the same in Ubuntu and CentOS, but the specific behavior will be slightly different. It is recommended to understand their specific behaviors and security issues before using these commands to avoid potential risks and impacts.

su mode switching requires entering the password of the target user. And sudo only needs to enter your own password, so sudo can protect the target user’s The password will not be disclosed to the outside world.
sudo authorizes passwd, su, sudo, sudoedit, visudo and other commands with special meaning must be considered comprehensively (for example, it is prohibited to modify the password of the root user, etc.).