Introduction
The su command in Linux lets you switch to another user's account or execute commands as a different user. It's useful for administrative tasks that require elevated privileges. su is also used to test commands with different user permissions to ensure the system requires authentication for user switches.
This guide will teach you how to use the su command with practical examples.
Prerequisites
- A system running Linux (this tutorial uses Ubuntu 22.04).
- Access to the terminal.
su Command Syntax
The su command syntax is:
su [options] [username]The [username] represents the user account you want to switch to or execute commands as. If not specified, the default is the root user. [options] are not mandatory, but when used, they modify the su command.
su Command Options
The su command has many options that modify how it works. The table below presents common su options:
| Option | Description |
|---|---|
-m, -p, --preserve-environment | Prevents the environment variables to reset when switching users. It preserves the original user's current environment variables. |
-P, --pty | Creates a new pseudo-terminal for the user session. |
-s, --shell [shell] | Runs the specified shell after switching users. |
-f, --fast | Starts a shell quickly by skipping reading the initialization files (~/.bashrc, ~/.bash_profile, etc.). It's useful for non-interactive shell sessions and executing single commands without loading the full shell environment. |
-c, --command [command] | Passes a single command to the shell after switching users. |
--session-command [command] | Passes a single command to the shell after switching users, but it does not create a new session. |
-, -l, --login | Makes the shell a login shell, which means it reads the user's login profile and initializes the environment as if the user had logged in directly. |
-g, --group [group] | Sets the primary group for the new user session. |
-G, --supp-group [group] | Determines a supplemental group for the new user session. |
-w, --whitelist-environment [list] | Specifies environment variables list that should not be reset when switching users. |
-h, --help | Prints the help information for the su command. |
-V, --version | Displays the version information for the su command. |
How Does su Work? (su Functions)
The su command executes a command under a different user's identity. It is the easiest way to switch to a different user or the root account in the current logged-in session.
The su command functions are:
- Checking accounts.
suensures the user account exists and is set up forsuuse. It also checks if the current user is able to switch to the specified user account. - Confirming terminal access.
suchecks that the specified user account can be accessed from the current terminal. - Authenticating users.
suverifies users' identities using system authentication methods before switching accounts. - Initiating session. With the
-flag,sustarts the user's environment based on system settings and files like /etc/environment.
su vs. su -
Understanding the difference between su and su- is crucial because it clarifies the extent of environment changes when switching to another user's account.
When you use su, the system switches to the specified user's account but keeps the current environment, including the current working directory, shell variables, and other settings. It doesn't fully simulate a login session as the specified user.
On the other hand, su- or su -l or su --login simulates a full login session for the specified user. It resets the environment to that of the target user, including the home directory, shell, and environment variables.
sudo vs. su
The sudo command grants limited-time access to root functionality. This command allows you to execute administrative commands temporarily and then return to regular user permissions. This is especially useful for tasks that require elevated privileges but don't need constant root access. Users gain sudo access by being added to the sudo group.
On the other hand, su lets you switch to any other user, including root, and provides full access to that user's environment and privileges until you exit the session. Unlike sudo, su doesn't require users to be added to specific groups. However, the target user's password is required to switch accounts.
Additionally, su can mimic sudo functionality using the -c option to execute a single command as another user without starting an interactive session.
su Command Examples
The su command has several use cases. The following text presents common su usage examples.
Switch to a Different User
To switch to another user, enter the following:
su [other_user]For instance, switch to user1 with:
su user1
The system asks for the password. Enter it, and the login changes to that user. Use the whoami command to verify the switch to a different user.
whoami
Switch to Root
Certain Linux distributions disable the root user account by default. This measure, while restricting certain commands, ensures a safer computing environment.
Using su to act as a root user temporarily allows you to bypass this restriction and perform different tasks with different users.
To switch to root, omit the username:
su
Note: If you have authentication issues, you can change the root or sudo password in a couple of steps.
Simulate a Full Login Session
To switch to another user's environment, including their home directory, shell settings, and environment variables, use su with -. -l or --login. For instance:
su - user1
After entering the correct password, the environment is set up according to the target user's settings. This includes changing the shell prompt to reflect the target user's identity, such as username and hostname.
To confirm this, use the echo $HOME command:
echo $HOME
Run Specific Command as a Different User
To run a specific command as a different user, use the –c option:
su –c [command] [other_user]For example, run ls as user1:
su -c ls user1
The system uses the specified account to run the ls command.
Use a Different Shell
To use a different shell, use the following syntax:
su -s [shell] [username]For example, switch to the user1 in Z shell with:
su -s /usr/bin/zsh user1
The current user in Z shell is user1, as verified by the whoami command output,
Use a Different User in the Same Environment
Keep the environment of the current user account with the –p option:
su -p [other_user]For instance, to switch to user1 but keep the environment, run:
su -p user1
The user account switches, but the home directory doesn't change. This is useful if you need to run a command as a different user, but you need access to the current user's data.
To verify the home environment is unchanged, use the echo $HOME command that prints the current directory.
echo $HOME
The output shows that the current directory is the one of the user before the switch.
Conclusion
After reading this article, you know how to use the su command to change users. You have also learned the differences between su and -su, as well as su and sudo commands.
Next, learn about other important Linux commands.
