How to use su and sudo in linux system

Generally we recommend not to use the root account to log in to the server directly. It is recommended to use a normal account to log in, and only switch identities when the root user must be used to operate. Next, let’s talk about the two identity switching commands su and sudo.

su

The su command is used to switch from the current user to a new user. When switching to a new user identity, you need to enter the switching username. password.

一般用法：su - 用户名

-or-l: When changing the identity, the working directory, HOME, SHELL, USER, logname will also be changed at the same time. In addition, the PATH variable will also be changed;

The following demonstrates the usage of this command:

$ id # 当前用户是admin
uid=1005(admin) gid=1006(admin) groups=1006(admin)
$ su - # 不输入用户名则表示切换到root用户
Password: <===输入root用户的密码

sudo

##Use su To switch users, you need to enter the new user's password. We cannot give the root password to others at will. You can use sudo to solve this problem. Let's introduce sudo below.

Compared with su, which needs to know the newly switched user password (often the root user password), sudo execution only requires entering your own password. You can even set it up so you don’t need a password. If you want to use sudo well, you need to master the /etc/sudoers configuration file. But this file cannot be modified using vim or vim. It needs to be modified using the specified command, visudo.

The following shows the usage of sudo:

sudo [option] command

• -b: Run subsequent commands in the background anyway

• -u: Specify the user to run subsequent commands

• sh -c executes multiple commands

[root@bajiecxg tmp]# sudo -u gwx touch a.txt
[root@bajiecxg tmp]# ll a.txt 
-rw-r--r-- 1 gwx gwx 0 10月 29 17:49 a.txt
# 使用sh -c执行多条命令
[root@bajiecxg tmp]# sudo -u gwx sh -c "mkdir gwx;cd gwx;\
touch 1.txt"
[root@bajiecxg tmp]# ll gwx/
总用量 0
-rw-r--r-- 1 gwx gwx 0 10月 29 17:53 1.txt

Let’s take a look below Look at the /etc/sudoers file. The basic configuration format is as follows

root    ALL=(ALL)   ALL

User account Login source host = switchable user identity Executable command

above Meaning, the root user can log in from any host, switch to any identity, and execute any command

Now, we want to add a user admin so that he can also execute any command, then we need to use Add a new line to the visodu command, as follows:

admin ALL=(ALL) ALL

If we have multiple operation and maintenance managers, and they all need to be able to use sudo to execute any command, then multiple configurations need to be added. Is there an easy way? Yes, as long as we add the user to the wheel group. So why is it okay to just join this group? Take a look at /etc/sudoers, about line 99:

%wheel  ALL=(ALL)   ALL

We can also allow users to execute commands without using a password when using sudo

%wheel    ALL=(ALL)   NOPASSWD: ALL
# 属于wheel这个组的用户执行sudo命令时，不需要输入密码

We can also assign users Limited command permissions allow users to execute only a few commands

admin ALL=(ALL) /usr/bin/ls,/usr/bin/cd

In addition, sudo has many other uses, such as user aliases, command aliases, etc. Those who are interested can Check the relevant information yourself.

The above is the detailed content of How to use su and sudo in linux system. For more information, please follow other related articles on the PHP Chinese website!