Teach you how to prohibit ordinary users from using the su command in Linux
su command is a special command that allows a user to run commands as another user and group. It also allows you to switch to the root account or another designated user account.
To switch to another user account, users can run the su command from their current login session, as shown below Users can switch users via su:
[bob@localhost ~]$ su - user01 Password:
By default, all users can use the su command. We can disable the su command in /etc/sudoers.
To switch to the root account, the user must have a root password. In this example, the user is switching to the root account.
[user01@localhost ~]$ su - Password:
Disable su access for ordinary users
Disable su access rights for ordinary users. First, back up the original files of the following /etc/sudoers as follows:
[bob@localhost ~]$ sudo cp -p /etc/sudoers /etc/sudoers.back [sudo] password for bob:
Use the visudo command to open the sudoers configuration file
[bob@localhost ~]$ sudo visudo
Add the following lines below the ## Command Aliases section:
Cmnd_Alias DISABLE_SU = /usr/bin/su
Then add the following line at the end of the file, replacing username bob with the user you need to disable su access:
bob ALL=(ALL) NOPASSWD: ALL, !DISABLE_SU
Save and exit
Use bob user to verify. The system should return the following error message “Sorry, user bob is not allowed to execute ‘/bin/su – user01’ as root on localhost.localdomain.”
[bob@localhost ~]$ sudo su - user01 Sorry, user bob is not allowed to execute '/bin/su - user01' as root on localhost.localdomain.
Disable su access for user group
You can also disable the su access rights of the user group. For example, to disable su access for all users in the group wheel, you can execute the following command:
[bob@localhost ~]$ sudo visudo %wheel ALL=(ALL) ALL, !DISABLE_SU
Save and exit~
The above is the detailed content of Teach you how to prohibit ordinary users from using the su command in Linux. For more information, please follow other related articles on the PHP Chinese website!
Is it hard to learn Linux?Apr 18, 2025 am 12:23 AMLearning Linux is not difficult. 1.Linux is an open source operating system based on Unix and is widely used in servers, embedded systems and personal computers. 2. Understanding file system and permission management is the key. The file system is hierarchical, and permissions include reading, writing and execution. 3. Package management systems such as apt and dnf make software management convenient. 4. Process management is implemented through ps and top commands. 5. Start learning from basic commands such as mkdir, cd, touch and nano, and then try advanced usage such as shell scripts and text processing. 6. Common errors such as permission problems can be solved through sudo and chmod. 7. Performance optimization suggestions include using htop to monitor resources, cleaning unnecessary files, and using sy
What is the salary of Linux administrator?Apr 17, 2025 am 12:24 AMThe average annual salary of Linux administrators is $75,000 to $95,000 in the United States and €40,000 to €60,000 in Europe. To increase salary, you can: 1. Continuously learn new technologies, such as cloud computing and container technology; 2. Accumulate project experience and establish Portfolio; 3. Establish a professional network and expand your network.
What is the main purpose of Linux?Apr 16, 2025 am 12:19 AMThe main uses of Linux include: 1. Server operating system, 2. Embedded system, 3. Desktop operating system, 4. Development and testing environment. Linux excels in these areas, providing stability, security and efficient development tools.
Does the internet run on Linux?Apr 14, 2025 am 12:03 AMThe Internet does not rely on a single operating system, but Linux plays an important role in it. Linux is widely used in servers and network devices and is popular for its stability, security and scalability.
What are Linux operations?Apr 13, 2025 am 12:20 AMThe core of the Linux operating system is its command line interface, which can perform various operations through the command line. 1. File and directory operations use ls, cd, mkdir, rm and other commands to manage files and directories. 2. User and permission management ensures system security and resource allocation through useradd, passwd, chmod and other commands. 3. Process management uses ps, kill and other commands to monitor and control system processes. 4. Network operations include ping, ifconfig, ssh and other commands to configure and manage network connections. 5. System monitoring and maintenance use commands such as top, df, du to understand the system's operating status and resource usage.
Boost Productivity with Custom Command Shortcuts Using Linux AliasesApr 12, 2025 am 11:43 AMIntroduction Linux is a powerful operating system favored by developers, system administrators, and power users due to its flexibility and efficiency. However, frequently using long and complex commands can be tedious and er
What is Linux actually good for?Apr 12, 2025 am 12:20 AMLinux is suitable for servers, development environments, and embedded systems. 1. As a server operating system, Linux is stable and efficient, and is often used to deploy high-concurrency applications. 2. As a development environment, Linux provides efficient command line tools and package management systems to improve development efficiency. 3. In embedded systems, Linux is lightweight and customizable, suitable for environments with limited resources.
Essential Tools and Frameworks for Mastering Ethical Hacking on LinuxApr 11, 2025 am 09:11 AMIntroduction: Securing the Digital Frontier with Linux-Based Ethical Hacking In our increasingly interconnected world, cybersecurity is paramount. Ethical hacking and penetration testing are vital for proactively identifying and mitigating vulnerabi
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
WebStorm Mac version
Useful JavaScript development tools
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
Atom editor mac version download
The most popular open source editor
