Exploring the differences between sudo and su commands in Linux

This article explores the differences between sudo and su commands on Linux. You can also watch this video to learn about these commands. Becoming root permanently with your is a known ‘no-no’ in the *nix universe. Why? Because becoming root with your means that you are root, which is the same as logging into a terminal as the root user with the root password. And that’s dangerous for many reasons.

[ You may also be interested in: Linux command-line basics: sudo ]

Working as root means you have the power to:

Delete any or all files Change permissions for

  • any or all
  • files

  • Change the system runlevel
  • Modify user accounts
  • Mount or unmount
  • file systems

  • Remove or install software
  • Create, Delete and modify file systems

Basically, you can do anything to the system as root. It is the all-powerful administrative account. And, unlike other more talkative operating systems, you won’t see a “Are you sure?” dialog box to make sure the rm -rf* command you just issued was in /opt/tmp instead of /. As you can imagine, mistakes made as a root user can be irreversible and devastating. There is an alternative: sweat.

sudo sudo

, which is an

acronym for DO superuser or DO user surrogate, is a command that executes an elevated flag without changing its identity. Depending on your settings in the /etc/sudoers file, you can issue individual commands as root or as another user. To continue executing commands with root power, you should always use the sudo command. For example, if you want to install the Nginx package, run: $ dnf install nginx

But you will see an error if you are not root or in the sudo group. Instead,

if you run this command: $ sudo dnf install nginx

You will be prompted to enter your password, and then you can run

the command if you are part of the sudo group.

A simple way to switch to an interactive session as root is as follows:

$ sudo -i

The theory behind using sudo is that the act of issuing the sudo command before any command you execute makes you think more about what you’re doing and hopefully makes fewer mistakes with an account that possesses unlimited power.

Su

Su

,

on the other hand, is an acronym for switch user or substitute user. Basically, you are switching to a particular user and you need the password for the user you are switching to. Most of the time, the user account you switch to is the root account, but it can be any system account.

For example,

if you type

: $ your:

in the example above, you are switching to root and need the root password. The (-) switch provides you with the root’s environment (path and shell variables) instead of just giving you root user power for a single command while maintaining your own environment.

For the second example, you’re switching to bryant, so you need bryant

‘s password unless you’re root.

If you want to switch to the

bryant user account, including the bryant path and environment variables,

use the (-): $ su – bryant

switch The (-) switch has the same effect as logging on to a system directly with that user account. In essence, you become that user.

Conclusion

Recapping what you’ve learned.

sudo allows you to

  • issue commands as another user without
  • changing their identity

  • You need to have an entry in /etc/sudoers to run these restricted permissions sudo
  • -i takes you to an interactive session as
  • root su

  • means to change to a particular
  • user

  • Simply typing your change to the root
  • user sudo will ask for your password, while su will ask for the password of the user you are switching

to

[ Want to learn more about security? See the IT security and compliance checklist. ]

But when do you use one, not another? Since the sudo policy is defined in /etc/sudoers, this can provide powerful permission controls. Since sudo can do pretty much everything your can, I’d say it’s best to stick with sudo unless you’re working with some legacy code that requires the su command.