[Linux] su, sudo and other “switch user” commands
[Linux] su, sudo and other “switch user” commands
- 1. The difference between $ and #
- 2.su
- 3.su-
- 4.su-root
- 5.sudo
- 6. sudo -i
- 7. sudo su –
- 8. Summary
The difference between 1.$ and #
The beginning of $
indicates that this is not a command executed under the root
user (administrator user).
[ubuntu@Default:~]$ pwd /home/ubuntu [ubuntu@Default:~]$
Those starting with #
are the opposite of the former, that is, under the root
user.
[root@edge_detection:~]# pwd /root [root@edge_detection:~]#
How to change $
to #
(that is, switch the ordinary user to the root
user)?
[ubuntu@Default:~]$ sudo su [root@Default:/home/ubuntu]# exit exit [ubuntu@Default:~]$
2.su
The su
command can be used to switch to another user’s identity, by default it will switch to root
User identity. When using the su
command, you need to enter the password of the target user for authentication.
In Ubuntu, when using su
, you need to set the password of the root
user before switching to its identity.
sudo passwd root # Set root user password su # Enter the root user password to switch to the root user identity
In CentOS, the su
command switches the user to the ordinary user identity with the same name as the current user name by default. If a user with the same name does not exist, it switches to the root
user. If you need to switch to the root
user identity, you need to enter the password of the root
user for authentication.
su # Enter the root user password to switch to the root user identity su username # Switch to username user identity
su
is the simplest identity switching command, usually su - username
, then enter password
and it’s OK. root
users do not need a password to switch to other users through su
, but non-root
users do need a password when switching. Switching to root
can use su -
and su - root
.
su [-] username -c 'COMMAND'
-c
: Execute the command only once without switching user identities.
3.su –
In Ubuntu and CentOS, the su -
command can also be used to switch to the identity of another user, but this command will also start a new shell session and set the environment variables to those of the target user. . When using the su -
command, you also need to enter the password of the target user for authentication.
su - # Switch to root and start a new shell session su - username # Switch to username user identity and start a new shell session
Note the difference:
su username # Non-login switching, that is, the target user's configuration file will not be read. su - username # Login switching, the target user's configuration file will be read (complete switching)
4.su – root
In Ubuntu and CentOS, the su - root
command can directly switch to the identity of the root
user and start a new shell session. When using this command, you need to enter the password of the root
user for authentication. Example:
su - root # Enter the root user password to switch to the root user identity and start a new shell session
5.sudo
sudo
is a Linux system management command. It is a tool that allows system administrators to let ordinary users execute some or all root
commands, such as halt
, reboot
, su
and so on. This not only reduces the login and management time of the root
user, but also improves security. sudo
is not a replacement for the shell, it is per-command.
sudo
can authorize specified users to run certain commands on specified hosts. If an unauthorized user attempts to usesudo
, you will be prompted to contact the administrator.sudo
can provide logs to record each user’s use ofsudo
operations for future auditing.sudo
provides configuration files for system administrators, allowing system administrators to centrally manage user permissions and hosts.sudo
default lifetime is5
5
5 minutes.
In Ubuntu and CentOS, the sudo
command allows ordinary users to execute specific commands with superuser privileges. When using the sudo
command, you need to enter the password of the current user for authentication.
sudo command # Use sudo authority to execute the command command. You need to enter the current user password to verify your identity.
6.sudo -i
In order to frequently execute certain permissions that only superusers can execute without having to enter a password every time, you can use this command. When prompted for a password, the password will be the password for the current account. no time limit. After executing this command, the prompt changes to #
instead of $
. When you want to return to a normal account, you can execute exit
or logout
.
In Ubuntu and CentOS, the sudo -i
command starts a new shell session and sets the environment variables to those of the root
user. When using this command, you also need to enter the current user’s password for authentication.
sudo -i # Enter the current user password to switch to root user identity and start a new shell session
sudo -i
, sudo -i root
, sudo -
, sudo - root
, sudo root
has the same effect. When prompted to enter a password, the password is the password of the current account, and the user who executes the command must be in sudoers
.
7.sudo su –
In Ubuntu and CentOS, the sudo su -
command can be used to directly switch to the identity of the root
user and start a new shell session. When using this command, you also need to enter the current user’s password for authentication.
sudo su - # Enter the current user password to switch to root user identity and start a new shell session
8. Summary
In general, these commands are basically the same in Ubuntu and CentOS, but the specific behavior will be slightly different. It is recommended to understand their specific behaviors and security issues before using these commands to avoid potential risks and impacts.
su
mode switching requires entering the password of the target user. Andsudo
only needs to enter your own password, sosudo
can protect the target user’s The password will not be disclosed to the outside world.sudo
authorizespasswd
,su
,sudo
,sudoedit
,visudo
and other commands with special meaning must be considered comprehensively (for example, it is prohibited to modify the password of theroot
user, etc.).