Switching between different user accounts – Linux `su` command

In Linux, su (stands for ‘substitute user’) is a command that lets the current user switch to a different user account in the system.

su is commonly used to switch to the root user account of the system. To do that, you may run either of the below two variants of the command:

1. su with a hyphen

$ su -

which is also equivalent to:

$ su --login

2. su without a hyphen

$ su

What’s the difference between having or not having a hyphen?

Using the hyphen gives you an interactive login shell to the targeted user (here the root user) environment. Once logged in, your current environment variables will get replaced by those of the targeted user. You can verify that by running the env command before and after executing the su command. Your current working directory will also switch to the home directory of the targeted user.

If you omit the hyphen, your current working directory and the environment variables will stay the same even though you have logged in as a different user. That brings up an important question. Does that behavior has anything to do with the actions we would perform? The answer is Yes. For instance, it can affect which commands you can execute as the switched user depending on how the PATH variable is set. Don’t be surprised to find yourself in situations where a command that worked before, refusing to run after switching the user account. When that happens, the PATH should be the one to take the blame. The inclusion or non-inclusion of the hyphen may also affect in which environment the command history will be stored, as well as running commands that offer graphical user interfaces.

In addition to logging into the root user account, su can also be used to log into any other user account on your system.

Here’s the syntax, which is a slight variant from the one that you’ve used earlier:

  1. su username, will result in a non-login interactive session, which means your user environment will not change
  2. su - username, will result in an interactive login session, which means your user environment will reset and replaced by the targeted user’s environment variables

Again, the hyphen works just the same way as I’ve explained previously.

Let’s add sudo into the mix …

It’s important to remember that su requires you to have the password of your targeted user. However, that won’t be necessary if your user account is one with sudo privileges on the system. In that case, you can just put sudo in front of the su command to gain access to the desired user account:

  1. sudo su - username, is equivalent to su - username but sudo brings in elevated privileges, and therefore, you don’t need to know the password of the targeted user
  2. sudo su username, is equivalent to su username but sudo brings in elevated privileges, and therefore, you don’t need to know the password of the targetted user

You can also try logging into the root account with the below commands:

$ sudo su -

OR

$ sudo -i

OR

$ sudo su

OR

$ sudo -s

sudo su - and sudo -i will also give you an interactive login shell similar to that of the su - (hyphened) command. sudo su and sudo -s will give you a non-login interactive shell similar to that of su (non-hyphened) command. However, if you are just trying to execute a command with root user privileges, running su with the sudo command looks pointless because sudo alone allows you to run your commands with root user privileges. There’s no need to switch to the root user environment when you already have sudo privileges.

Regardless, the sudo variant still has its uses on sudo-only systems such as Ubuntu which doesn’t have its root account active by default. Ubuntu gives you no option either to set a root password while installing the system. Therefore, if you try to log into the root account at some point, you’ll likely get stuck when the command prompts you to enter the password. However, using sudo su or sudo su -, you’ll still be able to log in to the root user account. Alternatively, you can even set a password to the root account by running sudo passwd root command and then use the su command along with that password to log into your root account. I believe this is not the case with Ubuntu-based servers but on Desktops it certainly is.

Was this helpful?
+1
0
+1
1
+1
0
+1
0
+1
0
+1
0
+1
0