![]() Sudo is a better way and it is safer than su(switch user) which switches a user, assuming we switch to a root user using the su, when we are in the super user mode, any command we execute will be preformed with elevated privileges, there is no stopping a command and no password prompt, this can be dangerous especially when we forget to switch back. Su allows one to temporarily become another user and execute commands as the user, by default one switches to the root user. Sudo command gives a user elevated privileges to execute commands, it can allow users to run only specified commands with root privileges. The command changes the current shell to Z shell. To change the shell, we use the -s option, su -s /usr/bin/zsh The above command switches to user to john and deletes the Documents directory. We can also run commands as a different user by writing, su -c rm -rf ~/Documents john To switch the logged-in user to another user john we write, su -l john We can use the whoami command to view the current user. To check if a certain user is a sudo user we use the -l and U options as follows, sudo -l -U johnĪfter which we are prompted to enter a password, when the password is authenticated, the current user will have elevated privileges and can now run commands as root without ever being prompted for a password again which means from this point we should be careful what commands we execute since there is no going back. The above command deleted the Documents directory as a user john. We can also run a command as another user provided we have root privileges, Tasks such as editing important files, updating the system, rebooting the system require elevated privileges.Ī normal user cannot reboot a system and therefore for this the user needs to elevate his/her privileges by using sudo, sudo reboot Sudo will now have to wait 10 minutes before prompting for a password again. To change timeout for a user, we write, Defaults:john time_stamp=10 We can change this by editing the sudoers file as follows, sudo visudoĬhanging the default timeout, Defaults timestamp_timeout=10 To allow john to execute sudo command without a password prompt by editing the file as follows, john ALL=(ALL) NOPASSWD: ALLĪfter entering the password when sudo is invoked, by default the timeout is set to 5 minutes before any other sudo user command requires a password again. To allow a user john to only execute chmod command as sudo, we edit the file as follows, sudo visudo We can also limit the programs a user can execute as sudo by editing this file. To add a user to this group we write, usermod -aG sudo username Members of the sudo group which is defined in the sudoers file have administrative rights and are able to execute any command as the root user. -p, -preserve-environment, for preserving the current shell environment. ![]() -s, -shell SHELL, to specify a different shell.-l, -login USERNAME, to run a login script so as to change to a specific user.-c, -command COMMAND, to run a specific command as a specified user.The syntax for su command is as follows, su ] When the above command is executed sudo check the sudoers file to check whether the user invoking the command has rights. The basic form without any options is as follows, sudo command The syntax for the sudo command is as follows, sudo COMMAND Sudo grants a one time access where while su grants unlimited access. With it we can switch accounts without logging off from the current session. Su command allows a user to execute commands with another user's privileges. Sudo command allows a user with proper permissions to execute commands as root user with administrative privileges. In this article we discuss both the sudo and su commands in Linux both of which deal with assigning privileges to user so that they can execute certain commands.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |