About
The su command (switch user) is a part of the user management.
To switch to another user, use the su command. This is most commonly used to switch to the root account.
su run a shell with substitute user and group IDs
Articles Related
Synopsis
su [OPTION]... [-] [USER [ARG]...]
where:
- -, -l, –login: make the shell a login shell
- -c, –command=COMMAND: pass a single COMMAND to the shell with -c
- –session-command=COMMAND pass a single COMMAND to the shell with -c and do not create a new session
- -f, –fast: pass -f to the shell (for csh or tcsh)
- -m, –preserve-environment: do not reset environment variables
- -p same as -m
- -s, –shell=SHELL: run SHELL if /etc/shells allows it
- –help display this help and exit
- –version: output version information and exit
A mere - implies -l. If USER not given, assume root.
Management
Autorization
See:
sudo su -
Configuration
su reads the following configurtion files:
- /etc/default/su
- /etc/login.defs
cat /etc/login.defs
#
# Please note that the parameters in this configuration file control the
# behavior of the tools from the shadow-utils component. None of these
# tools uses the PAM mechanism, and the utilities that use PAM (such as the
# passwd command) should therefore be configured elsewhere. Refer to
# /etc/pam.d/system-auth for more information.
#
# *REQUIRED*
# Directory where mailboxes reside, _or_ name of file, relative to the
# home directory. If you _do_ define both, MAIL_DIR takes precedence.
# QMAIL_DIR is for Qmail
#
#QMAIL_DIR Maildir
MAIL_DIR /var/spool/mail
#MAIL_FILE .mail
# Password aging controls:
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_MIN_LEN Minimum acceptable password length.
# PASS_WARN_AGE Number of days warning given before a password expires.
#
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
#
# Min/max values for automatic uid selection in useradd
#
UID_MIN 1000
UID_MAX 60000
# System accounts
SYS_UID_MIN 201
SYS_UID_MAX 999
#
# Min/max values for automatic gid selection in groupadd
#
GID_MIN 1000
GID_MAX 60000
# System accounts
SYS_GID_MIN 201
SYS_GID_MAX 999
#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#
#USERDEL_CMD /usr/sbin/userdel_local
#
# If useradd should create home directories for users by default
# On RH systems, we do. This option is overridden with the -m flag on
# useradd command line.
#
CREATE_HOME yes
# The permission mask is initialized to this value. If not specified,
# the permission mask will be initialized to 022.
UMASK 077
# This enables userdel to remove user groups if no members exist.
#
USERGROUPS_ENAB yes
# Use SHA512 to encrypt password.
ENCRYPT_METHOD SHA512
where:
Example
To switch to root account…
- By default, su switch to root.
su -
# or sudo su -
- start a login shell
- The login prompt shows that your are root
[root@ebs121 gerardnico]#
- And you when exiting, you come back to your session (here as gerardnico)
[root@ebs121 gerardnico]# exit
exit
[gerardnico@ebs121 ~]$
To switch to the user 'gerardnico'…
[root@ebs121 /]# su gerardnico
[gerardnico@ebs121 /]$
[gerardnico@ebs121 /]$ exit
exit
[root@ebs121 /]#