sudo and su for Linux

Linux Learning notes--su, sudo command usage and differences

Summary: The main features of the SU and sudo commands are described and the difference between the two. And how to use it

One: The difference between the two

Su is used for switching between users.

sudo is used by a normal user to execute a specified command using root privileges.

Two: Su, sudo command introduction

1, Su

A) about SU

Su is used for switching between users. However, the previous user remains in the login state. This toggle requires password authentication if the superuser switches to normal or virtual users without a password, while the normal user switches to any other user.

b) SU usage

Su does not add any parameters, the default is to switch to the root user, but did not go to the root user home directory, that is, although the switch to the root user, but did not change the root login environment, the user default login environment, can be found in the/etc/passwd, including home directory, Shell definition, etc.;

Su plus parameter-, which means to switch to the root user by default, and change to the root user's environment;

Specific usage:

Command format: su [-FMP] [-C command] [-s Shell] [--help] [--version] [-] [User[arg]]

Command parameter Description:

-F, –fast: Do not need to read the boot file (such as CSH.CSHRC, etc.), only for CSH or tcsh two kinds of shell.

-L, –login: After adding this parameter, as if it were a re-login, most of the environment variables (such as home, shell, user, etc.) are dominated by the user, and the working directory changes. If user is not specified, the default is root.

-M,-p, –preserve-environment: does not change the environment variables when performing su.

-C command: Change the user's username and execute the instruction (command) before changing back to the original user.

Help displaying the description file

–version Display version Information

User: To change the user account,

ARG: The new shell parameter is passed in.

c) Insufficient Su

i) unsafe SU tools in multi-participant system management, is not the best choice, su only for one or two people to participate in the management system, after all, SU does not allow ordinary users limited use; Root password should be in the hands of a small number of users.

II) If a user needs to use root privileges, they must tell the user the root password.

2. sudo

A) Introduction to sudo

is designed for all ordinary users who want to use root permissions. Allows a normal user to have temporary access to root privileges. Just enter the password for your account. Of course, this ordinary user must have the configuration item in the/etc/sudoers file, only have the right to use sudo

b) Sudo usage

i) first configure the use of this ordinary user in the/etc/sudoers file for a normal user using the sudo command.

II) specific usage and parameter description:

Command format: sudo[option]

Normal user uses sudo to perform root permission usage: Sudocommand

Description: Executes the instruction as a system Manager, that is, instructions executed via sudo appear to be executed by the root himself. This command does not seem to be used in conjunction with the following parameters!

Command parameters:

-V Show version number

-H will show the version number and instructions for how to use it

-L Displays the permissions of itself (the user who executes sudo)

-V because Sudo does not execute in the first execution or in n minutes (n preset is five) will ask the password, this parameter is to confirm again, if more than n minutes, will also ask the password

-K will force the user to ask the password the next time sudo is executed (whether or not more than n minutes)

-B The instruction to be executed is placed in the background execution

-pprompt can change the prompt to ask for a password, where%u will be substituted for the user's account name,%H will display the host name

-uusername/#uid不加此参数, which represents the command to be executed as root, and this parameter is added to execute the instruction as username (#uid为该username的使用者号码)

-S executes the shell specified by the shell in the environment variable, or the shell specified in the/etc/passwd

-h Specifies the home (home directory) in the environment variable as the user's home directory where you want to change the identity (if you do not add the-u parameter is the system administrator root)

command to execute AS System administrator (or change to other person with-u)

sudo and su for Linux