su (stands for ‘substitute user’) is a command that lets the current user switch to a different user account in the system.
su is commonly used to switch to the root user account of the system. To do that, you may run either of the below two variants of the command:
su with a hyphen
$ su -
which is also equivalent to:
$ su --login
su without a hyphen
What’s the difference between having or not having a hyphen?
Using the hyphen gives you an interactive login shell to the targeted user (here the root user) environment. Once logged in, your current environment variables will get replaced by those of the targeted user. You can verify that by running the
env command before and after executing the
su command. Your current working directory will also switch to the home directory of the targeted user.
If you omit the hyphen, your current working directory and the environment variables will stay the same even though you have logged in as a different user. That brings up an important question. Does that behavior has anything to do with the actions we would perform? The answer is Yes. For instance, it can affect which commands you can execute as the switched user depending on how the PATH variable is set. Don’t be surprised to find yourself in situations where a command that worked before, refusing to run after switching the user account. When that happens, the PATH should be the one to take the blame. The inclusion or non-inclusion of the hyphen may also affect in which environment the command history will be stored, as well as running commands that offer graphical user interfaces.
In addition to logging into the root user account,
su can also be used to log into any other user account on your system.
Here’s the syntax, which is a slight variant from the one that you’ve used earlier:
su username, will result in a non-login interactive session, which means your user environment will not change
su - username, will result in an interactive login session, which means your user environment will reset and replaced by the targeted user’s environment variables
Again, the hyphen works just the same way as I’ve explained previously.
sudo into the mix …
It’s important to remember that
su requires you to have the password of your targeted user. However, that won’t be necessary if your user account is one with
sudo privileges on the system. In that case, you can just put
sudo in front of the
su command to gain access to the desired user account:
sudo su - username, is equivalent to
su - usernamebut
sudobrings in elevated privileges, and therefore, you don’t need to know the password of the targeted user
sudo su username, is equivalent to
sudobrings in elevated privileges, and therefore, you don’t need to know the password of the targetted user
You can also try logging into the root account with the below commands:
$ sudo su -
$ sudo -i
$ sudo su
$ sudo -s
sudo su - and
sudo -i will also give you an interactive login shell similar to that of the
su - (hyphened) command.
sudo su and
sudo -s will give you a non-login interactive shell similar to that of
su (non-hyphened) command. However, if you are just trying to execute a command with root user privileges, running
su with the
sudo command looks pointless because
sudo alone allows you to run your commands with root user privileges. There’s no need to switch to the root user environment when you already have
sudo variant still has its uses on sudo-only systems such as Ubuntu which doesn’t have its root account active by default. Ubuntu gives you no option either to set a root password while installing the system. Therefore, if you try to log into the root account at some point, you’ll likely get stuck when the command prompts you to enter the password. However, using
sudo su or
sudo su -, you’ll still be able to log in to the root user account. Alternatively, you can even set a password to the root account by running
sudo passwd root command and then use the
su command along with that password to log into your root account. I believe this is not the case with Ubuntu-based servers but on Desktops it certainly is.