su (short for substitute user or switch user) is a Unix command used to run the shell of another user without logging out. It is commonly used to change to root user permissions for administrative work without logging off and back on; it is also used to switch to other users in the same way. Desktop environments such as KDE and GNOME have programs that pop up a password query box before allowing a user to run commands that would typically require such access.
When invoked without a target user, the root user is assumed (identical to su root).
Contents |
Usage
When run from a command line, as is typical, su asks for the target user's password, and, if accepted, grants the user access to that account and all of the files associated with it.
john@localhost:~$ su Password: root@localhost:/home/john# exit logout john@localhost:~$
Additionally, one can switch to another user who is not the superuser; e.g. su jane.
john@localhost:~$ su jane Password: jane@localhost:/home/john$ exit logout john@localhost:~$
It should generally be used with a hyphen by administrators (su -, which is identical to su - root), which can be used to start a login shell. This way users can assume the user environment of the target user:
john@localhost:~$ su - jane Password: jane@localhost:~$
A related command called sudo executes a command as another user but observes a set of constraints about which users can execute which commands as which other users (generally in a configuration file named /etc/sudoers, best editable by the command visudo). Unlike su, sudo authenticates users against their own password rather than that of the target user (to allow the delegation of specific commands to specific users on specific hosts without sharing passwords among them and while mitigating the risk of any unattended terminals).
Some Unix-like systems have a wheel group of users, and only allow these users to su to root.[1] This may or may not mitigate these security concerns, since an intruder might first simply break into one of those accounts. GNU su, however, does not support a wheel group; this was done for philosophical reasons.[2]
See also
References
- ^ Levi, Bozidar (2002). UNIX Administration: A Comprehensive Sourcebook for Effective Systems and Network Management. CRC Press. pp. 207. ISBN 0849313511.
- ^ "Why GNU su does not support the wheel group". http://www.gnu.org/software/coreutils/manual/html_node/su-invocation.html#index-MIT-AI-lab-2101.
External links
- su — manual pages from GNU coreutils.
- – Linux man page
- The su command — by The Linux Information Project (LINFO)
- Definition of su — dictionary.die.net
- runas — Windows XP has a similar command
|
||||||||||||||||||||||||||
 |
This Unix-related article is a stub. You can help Wikipedia by expanding it. |
This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)
