Linux study notes -- usage and differences of su and sudo commands
Abstract: This article mainly introduces the functions of the su and sudo commands and the differences between them. And usage
I. Differences between the two
Su is used for switching between users.
Sudo is used by common users to execute specified commands with the root permission.
II. Introduction to su and sudo commands
1. su
A) su Introduction
Su is used for switching between users. However, the previous user is still logged on. If the root user of a super-Permission user switches to a common or virtual user, the password verification is not required for normal users to switch to other users.
B) su usage
Su switches to the root user by default without adding any parameters, but does not go to the root user's home directory. That is to say, it is switched to the root user, however, the root logon environment is not changed. You can find the default logon environment in/etc/passwd, including the Home Directory and SHELL definition;
Su adds the parameter-, indicating that the system switches to the root user by default and changes to the root user environment;
Usage:
Command syntax: su [-fmp] [-c command] [-s shell] [-- help] [-- version] [-] [USER [ARG]
Command parameter description:
-F,-fast: do not need to read the Startup File (such as csh. cshrc). It is only used for csh or tcsh shells.
-L,-login: After this parameter is added, it is like re-login. Most environment variables (such as HOME, SHELL, and USER) are dominated by this USER, the working directory also changes. If no USER is specified, the default value is root.
-M,-p,-preserve-environment: the environment variable is not changed when su is executed.
-C command: the USER who changed the account to USER, and then executes the command to change it back to the original USER.
-Help: display the description file
-Version: displays version information.
USER: USER account to be changed,
ARG: input a new Shell parameter.
C) Insufficient su
I) insecure su tools are not the best choice in system management involving multiple people. su is only applicable to systems where one or two people participate in management. After all, su does not limit the use of general users; the root password of a Super User should be in the hands of a few users.
Ii) if a user needs the root permission, the user must be notified of the root password.
2. sudo
A) about sudo
It is designed for all common users who want to use root permissions. Allows common users to temporarily use root permissions. You only need to enter your account password. Of course, this common user must have configuration items in the/etc/sudoers file to have the right to use sudo.
B) sudo usage
I) first, you must configure the right to use the sudo command in the/etc/sudoers file.
Ii) usage and parameter description:
Command Format: sudo [option]
Common users use sudo to execute root permission usage: sudocommand
Note: execute commands as system administrators. That is to say, commands executed through sudo are like commands executed by the root user. This command does not seem to work with the following parameters!
Command parameters:
-V: display version number
-H: the version number and instructions are displayed.
-L display the permissions of the user (the user who executes sudo)
-V because sudo is not executed during the first execution or within N minutes (N is set to 5), the password is asked. this parameter is re-confirmed. If it exceeds N minutes, will also ask the password
-K will force the user to ask the password for the next sudo execution (whether or not the password exceeds N minutes)
-B: Execute the command in the background.
-Pprompt can change the password prompt, where % u is replaced by the user's account name, and % h displays the Host Name
-Uusername/# If this parameter is not added to the uid, the command is executed as the root user, and this parameter is added, commands can be executed as username (# uid is the user number of this username)
The SHELL specified by the shell in the-s execution environment variable, or the shell specified in/etc/passwd
-H: Specify the HOME directory in the environment variable as the user's HOME directory for identity change (if the-u parameter is not added, the system administrator root is used)
Command the command to be executed as a system administrator (or changed to another person as a-u)
More: Linux Study Notes-start