Essential Guide to sudo and su in Linux

Most Linux users will be faced with sudo and su at least once in their lives. Because of their comparable syntax and overlapping functions, it is often complicated for new users to differentiate between them.

The commands sudo and su are among the most widespread and effective in Linux. By deterring unpredictable things in your network, you can deter performance and safety issues in your network.

The two methods of gaining root privileges are sudo and su. As a result, each functions distinctly and uses a distinct default configuration counting on the Linux distribution.

With sudo, a user with the appropriate permissions can manage commands as root with administrative rights. By using the command su, a user can manage commands with the rights of another user.

This permits us to exchange accounts without having to log out of the existing session. The difference between sudo and su is that sudo enables limited credentials and su enables limitless credentials.

Table Of Contents

  1. An overview of the root user
  2. The "sudo" command
  3. "sudo" commands in Linux
  4. The "su" command
  5. "su" commands in Linux
  6. Major difference between the "su" and "su -"
  7. A comparison of su and sudo

An overview of the root user

In Unix and Linux, the root user is the administrator. Typically, this is the highest level of access rights on the system, and it is used for administrative purposes. The root is generally specified as the root user account.

It is important to note, however, that every account having user id 0 is a root account in Linux, nevertheless of its name. On a system, numerous systems administrators hold their respective accounts and passwords.

Commands with root permissions can be run by using either su or sudo. In Windows, the root user is identical to the administrator; with the highest authorizations, the root user can accomplish whatever the system requests.

Commonly, Linux users can't install software or update system directories - for say, they can't report to the root directory. If you want to do something that demands these permissions, you must obtain them with su or sudo.

The "sudo" command

Employing sudo offers you the capability to run commands as root. It may not be essential to utilize the root password relying on the setup. A log is held for every command managed with su.

In technical terms, sudo is an acronym for SuperUser & Do or Switch User & DO, which is required to access restricted files and commit operations. In order to prevent sensitive files from being altered, Linux restricts access to specific parts of the system by default.

When executed as root, sudo elevate privileges, enabling users to perform sensitive tasks without logging into the root account. By default, the Ubuntu Linux configuration doesn't include a root account.

The end-user must devise a root account password manually by running the sudo command. The use of sudo is typically one of the most efficient ways to protect the computer from being used as a tool for exploitation.

The root privilege is required each time a user attempts to install, remove, or change any component of the software. Once a user enters a login password for granting system-based permissions, the Sudo command permits them to attain such permissions for any certain command they expect to perform.

How does a sudo command works in Linux?

When a user runs a command with sudo, the system checks the user's permissions in the /etc/sudoers file. This file contains a list of users and the commands they are allowed to run with sudo.

If the user is listed in the sudoers file and the command they are trying to run is allowed, the system prompts the user for their own password.

Once the user enters their password, the system checks it against the user's password stored in the system's password database. If the password is correct, the command is executed with the privileges of the target user (usually the root user).

The sudo command is useful for granting temporary privileges to users for specific tasks, without giving them full access to the root user account. This helps to secure the system by preventing users from making accidental or intentional changes to the system as the root user.

Installation

If sudo isn't already installed in your Linux distribution, let's learn how to install it.

In the case of the apt package manager, you would type:

$ apt install sudo

Alternatively, if using Yum:

$ yum install sudo

A default installation of the sudo package is available in most Linux distributions. Simply type sudo and then hit enter to run sudo.

$ sudo
sudo command in Linux
sudo command in Linux

If sudo is installed, you'll see details about how the sudo package is being used. In the absence of that, a message will appear stating "command not found".

"sudo" commands in Linux

Users with sudo privileges are able to execute commands requiring root privileges on Linux systems through the sudo prefix. In contrast to su, the sudo command in Linux mandates the password of the user executing it.

The Basics

Try the following command in a terminal window for the updates to the repositories but an error message will appear. There will be permission issues preventing you from running the command:

apt-get update

Passwords must be entered when prompted. Updates to the repositories are carried out by the system only by following the execution of the command.

Here's how to run the exact command with sudo:

sudo apt-get update

Execute the command as another user

The whoami command displays the current user's username. It is useful for quickly identifying the user account you are currently logged in as.

For example, if you are logged in as the user john, running the command whoami will display john.

$ whoami
whoami command in Linux
whoami command in Linux

The whoami command will run and exhibit the username of another user if you enter the password for [different_username].

sudo -u [different_username] whoami
Different Username Command in Linux
Different Username Command in Linux

Change to the root user

With this command, you will be switched to the root user's command prompt in the BASH shell:

sudo bash

You should change the command line to:

root@hostname:/home/[username]

Using the hostname value we will be able to confine the network name of our system. The current logged-in username will be used as the username.

sudo bash command in Linux
sudo bash command in Linux

Accomplish previous commands with sudo

Commands that have been executed previously are stored in the Linux command line. By pressing the up arrow, you can access these records. Use the following command to repeat the last command with enhanced privileges:

sudo !!
sudo !! command in Linux
sudo !! command in Linux

You can also use this with older commands. The historical number should be defined as shown below:

sudo !6

In this example, the sudo command is utilised to recount the 6th entry in history.

Using one line to run multiple commands

By including a semicolon, you can string together numerous commands:

sudo ls; whoami; hostname
sudo numerous command in Linux
sudo numerous command in Linux

Adding a text string to a current file

In many cases, the name of a software repository is added to a source file with a string of text, without editing the file. When using echo, sudo, and tee commands, use the following syntax:

echo "string-of-text" | sudo tee -a [path_to_file]
Adding text using echo command in Linux
Adding text using echo command in Linux

The "su" command

Implying su (also known as a substitute or switch user), you can accomplish commands with the privileges of another user, by default root.

During a current login session, su is the most opportunely way to switch to the administrative account. In situations where the root user cannot log in via ssh or the GUI display manager, this can be particularly helpful.

su ensures you have the root password when running a command as root. The output of all commands accomplished with su is not logged.

Switching from one account to another is done with the Ubuntu Linux command su. A password request will be made to the user from whom the switch is being made.

At the time of installing the Linux operating system, the SuperUser (su) - usually called root in Unix-like systems is created as the first user. Each Linux system user has a User ID, also called a UID in Linux which is their unique identifier.

Due to the way Linux recognizes users, the root has an ID of 0, meaning that it is the first user. All Linux files can be created, modified, executed, and deleted by the Superuser on any Linux system.

How does a su command works in Linux?

When a user runs the su command, they are prompted for the password of the user account they are trying to switch to. Once the password is entered, the user is logged in as the target user and can execute commands with that user's privileges.

For example, if a user wants to switch to the root user account, they can run the command su - and enter the root user's password when prompted. This will log them in as the root user and allow them to execute commands with root privileges.

The su command is useful for switching to another user account and gaining its privileges for a specific task or for performing maintenance on the system.

However, it is generally considered less secure than the sudo command because it requires the user to know the password of the target user account.

"su" commands in Linux

As a general rule, su uses the following syntax:

su [OPTIONS] [USER [ARGUMENT...]]

The standard function of su, if summoned without any options, is to drive an interactive shell as root:

$ su
su command in Linux
su command in Linux

As soon as the root password is prompted, the user running the command becomes root instantly.

The substitute user’s /etc/passwd entry will configure the HOME and SHELL environment variables, and the present directory is not modified.

You can affirm the user has been modified by utilizing the whoami command:

$ whoami

You will see the name of the user running the existing shell session by utilizing this command:

su whoami command in Linux
su whoami command in Linux

It is most common to use - ( -l  , --login) when invoking su. When you execute this command, the shell switches from its original directory to a login shell that simulates an actual login:

su -

With the -s, --shell option, you can run a different shell instead of the one defined in the passwd file. For instance, to run zsh as root, type:

su -s /usr/bin/zsh

You can summon the command with -p, --preserve-environment, to maintain the entire calling user's environment, including HOME, SHELL, USER, and LOGNAME.

su -p

There is no effect on -p when using the - option.

Using the -c, --command option will initiate a command as the substitute user without embarking on an interactive shell. As a criterion, you could enter the subsequent command as root:

su -c ps

The user name should be passed as an argument to su if you want to change to another user. Using the criterion below, to switch to ubuntu, you can use the following command:

su ubuntu

Major difference between the "su" and "su -"

Here is a list of the main differences between the su and su - commands in Linux:

1. "su" command

  • Switches to the specified user's account and it will inherit the original user's environment variables to target user.
  • The current working directory, environment variables, and shell remain unchanged.
  • Example: su root

2. "su -" command

  • Switches to the specified user's account, but does not inherit the original user's environment variables instead it resets all environment variables and creates them again.
  • The current working directory is changed to the target user's home directory.
  • Example: su - root

Here is an example to demonstrate the difference between su and su -:

Consider the user "ubuntu" on your Linux machine, and log in with the below command.

su ubuntu

We will now create an environment variable in the terminal by using the export command.

export ATATUS_NAME=atatus

Use the env command to determine whether the environment variable has been set:

env 

Alternatively, you can use echo to verify it:

echo $ATATUS_NAME

Now, suppose you want to switch to the "johndoe" user. If you run the su command, it will switch to the johndoe user's account, but it will not change your environment variables or current working directory:

su johndoe

You are now logged in as the johndoe user, but your environment variable that you have created in the user "ubuntu" remain unchanged:

On the other hand, if you run the su - command to switch to the user "ubuntu", it will switch to the respective user's account and set the root user's environment variables and current working directory:

su - ubuntu

Now, your environment variables and current working directory have been changed to the values defined for the root user:

Your $HOME, $PATH, and $SHELL variables will be set to the values for the root user, and you will not be able to access your files and directories in the /home/johndoe directory as the root user.

A comparison of su and sudo

Some key differences between su and sudo include:

  • su allows a user to switch to another user account and gain all of its privileges, while sudo allows a user to execute a specific command with the privileges of another user.
  • su prompts the user for the password of the target user account, while sudo prompts the user for their own password.
  • su gives the user full access to the privileges of the target user account, while sudo only grants temporary privileges for a specific command.
Function sudo su
Description privileges Allows a user to execute a specific command with the privileges of another user, usually the root user. Allows a user to switch to another user account and gain all of its privileges.
Temporary privileges Yes No
Password prompt User's password Target user's password

Final Shot

In Linux, you will usually find a wide variety of options for every task you need to accomplish. The two commands su and sudo each have their strengths, and when used appropriately, they can be secure.

The command sudo and the command su are both methods of gaining root privileges. Each Linux distribution employs a distinct configuration by default, and each function in a distinct way.

A better and more secure way to switch users is sudo instead of su(switch user), which switches a user to a root user. Whenever you execute a command in super user mode, it will be pre-configured with elevated privileges, you won't be able to stop a command and there won't be a password request.

When you forget to switch out, you can reach treacherous circumstances. When you use sudo, you can enter a password each time you run a command.


Infrastructure Monitoring with Atatus

Track the availability of the servers, hosts, virtual machines and containers with the help of Atatus Infrastructure Monitoring. It allows you to monitor, quickly pinpoint and fix the issues of your entire infrastructure.

In order to ensure that your infrastructure is running smoothly and efficiently, it is important to monitor it regularly. By doing so, you can identify and resolve issues before they cause downtime or impact your business.

Infrastructure Monitoring
Infrastructure Monitoring 

It is possible to determine the host, container, or other backend component that failed or experienced latency during an incident by using an infrastructure monitoring tool. In the event of an outage, engineers can identify which hosts or containers caused the problem. As a result, support tickets can be resolved more quickly and problems can be addressed more efficiently.

Impel your application swifter and bug-free, try the 14-days free trial of Atatus!

Aarthi

Aarthi

Content Writer at Atatus.
Chennai

Monitor your entire software stack

Gain end-to-end visibility of every business transaction and see how each layer of your software stack affects your customer experience.