Find the answer to your Linux question:
Results 1 to 8 of 8
Hi, I have been doing quite a few commands on the terminal lately and I would just like to ask if there is a rule of thumb to follow when ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer nujinini's Avatar
    Join Date
    Apr 2009
    Posts
    1,272

    When to use (su -) (su) & (sudo)


    Hi,

    I have been doing quite a few commands on the terminal lately and I would just like to ask if there is a rule of thumb to follow when or when not to use the following if I have to execute a command as root.

    su -

    su

    sudo

    Thank you very much for any thoughts shared!

  2. #2
    Administrator MikeTbob's Avatar
    Join Date
    Apr 2006
    Location
    Texas
    Posts
    7,864
    Not all systems use sudo, you use sudo only if your system is set up for it. I don't have it set up on my machine. As for su -, always use the hyphen (-), it gives you the right paths and variables.
    The su Command
    Thus, it is advisable that administrative users, as well as any other users that are authorized to use su (of which there should be very few, if any), acquire the habit of always following the su command with a space and then a hyphen. The hyphen has two effects: (1) it switches the current directory to the home directory of the new user (e.g., to /root in the case of the root user) and (2) it changes the environmental variables to those of the new user. That is, if the first argument to su is a hyphen, the current directory and environment will be changed to what would be expected if the new user had actually logged on to a new session (rather than just taking over an existing session).
    I do not respond to private messages asking for Linux help, Please keep it on the forums only.
    All new users please read this.** Forum FAQS. ** Adopt an unanswered post.

    I'd rather be lost at the lake than found at home.

  3. #3
    Linux Guru reed9's Avatar
    Join Date
    Feb 2009
    Location
    Boston, MA
    Posts
    4,651
    From The su Command
    It sometimes can be advantageous for a system administrator to use the shell account of an ordinary user rather than its own. In particular, occasionally the most efficient way to solve a user's problem is to log into that user's account in order to reproduce or debug the problem.

    However, in many situations it is not desirable, or it can even be dangerous, for the root user to be operating from an ordinary user's shell account and with that account's environmental variables rather than from its own. While inadvertently using an ordinary user's shell account, root could install a program or make other changes to the system that would not have the same result as if they were made while using the root account. For instance, a program could be installed that could give the ordinary user power to accidentally damage the system or gain unauthorized access to certain data.

    Thus, it is advisable that administrative users, as well as any other users that are authorized to use su (of which there should be very few, if any), acquire the habit of always following the su command with a space and then a hyphen. The hyphen has two effects: (1) it switches the current directory to the home directory of the new user (e.g., to /root in the case of the root user) and (2) it changes the environmental variables to those of the new user. That is, if the first argument to su is a hyphen, the current directory and environment will be changed to what would be expected if the new user had actually logged on to a new session (rather than just taking over an existing session).

    Thus, administrators should generally use su as follows:

    su -
    To be honest, on a single user desktop computer, using su no hyphen probably doesn't matter much. But it's still considered good practice.

    When following instructions from a forum or website help, the key thing is to note what actually needs to occur. I know you've tripped up in the past with the hyphen, moving you from your current directory to /root, and then being unable to find a particular file that's back in your home folder. Try to figure out what the commands are doing. It will help you learn, help you avoid your own mistakes, and possibly more important, help you avoid other people's mistakes - sometimes we don't always post our commands exactly right.

    To take a recent example with the debian backport keys.
    Code:
    cd ~
    wget http://www.backports.org/debian/pool/main/d/debian-backports-keyring/debian-backports-keyring_2009.02.20_all.deb
    su -c 'dpkg -i debian-backports-keyring_2009.02.20_all.deb'
    A lot of times when posters download stuff, you have no idea where it actually ended up. It's a challenge when trying to help. So I've taken to just adding a cd ~ at the beginning to change them to their home folder before downloading. Then the download, then dpkg needs to be run as root, on a file in the home directory. You have a few options.
    Code:
    su -c 'dpkg -i debian-backports-keyring_2009.02.20_all.deb'
    Code:
    su
    dpkg -i debian-backports-keyring_2009.02.20_all.deb
    Code:
    su -
    dpkg -i /home/jun/debian-backports-keyring_2009.02.20_all.deb
    The first two assume you are in the same directory as the file you're operating on. You can always use the full path to the file to be sure.

    sudo can mostly be used as a drop in replacement. I like to use it, so I don't need to log in as root and only run individual commands will elevated privileges.

    On the forums, anytime someone is using Ubuntu or Opensuse, I post commands using sudo. Anytime they are using Fedora or Debian, I post using su, because I know the first two setup sudo by default and the latter two don't. When in doubt, I say run such and such "as root".

    There are times when a command run with sudo doesn't work the way it would if run while logged in as root. Famous example is with redirecting echo output to a file.

    This will work:
    Code:
    su -
    echo wl >> /etc/modules
    This will not
    Code:
    sudo echo wl >> /etc/modules
    There's two parts to this command. You're saying echo "wl", then take that output and write it to the file /etc/modules. But sudo only applied to the first part of that. So we have to rewrite the command to make sure sudo gets applied to the correct bit.
    Code:
    echo wl | sudo tee -a /etc/modules
    Tee is a command that reads from standard input and writes to standard output. The -a flag means it appends rather than overwrites the file (like the two >> with echo), and sudo is now applied to opening and writing to the file. There are other ways to achieve this.

    So the rule of thumb is, know what you want to achieve and do whichever one works for you. There's always more than one way to do things in linux.
    Last edited by reed9; 11-14-2009 at 11:46 AM.

  4. #4
    Linux Guru reed9's Avatar
    Join Date
    Feb 2009
    Location
    Boston, MA
    Posts
    4,651
    I stopped in the middle of my post to make coffee, and I didn't see that MikeTbob beat me to my quote.

  5. #5
    Administrator MikeTbob's Avatar
    Join Date
    Apr 2006
    Location
    Texas
    Posts
    7,864
    Quote Originally Posted by reed9 View Post
    I stopped in the middle of my post to make coffee, and I didn't see that MikeTbob beat me to my quote.
    But you explained it much better reed9!
    I do not respond to private messages asking for Linux help, Please keep it on the forums only.
    All new users please read this.** Forum FAQS. ** Adopt an unanswered post.

    I'd rather be lost at the lake than found at home.

  6. #6
    oz
    oz is offline
    forum.guy
    Join Date
    May 2004
    Location
    arch linux
    Posts
    18,733
    Quote Originally Posted by reed9 View Post
    I stopped in the middle of my post to make coffee
    Yummy... that reminds me, I've got to go get a cup of good coffee!

    Regarding su, su-, and sudo... I've used su for so long now that I can never really get used to sudo oriented distros, like the *buntus. They really drive me a little nutty at times trying to get used to them. In addition, from all the posts that I've read through the years on the forums, sudo seems to cause users more problems in various ways than su, but I might be wrong about that.

    Either way, I'm going to stick to su for the time being.

    By the way, nujinini, there's a short article here that explains a little about su and sudo under the *buntu distros:

    http://www.linuxforums.org/forum/ubu...in-ubuntu.html
    oz

  7. #7
    Linux Engineer nujinini's Avatar
    Join Date
    Apr 2009
    Posts
    1,272
    Thanks guys!

    Food for thought. Or thought for food rather

  8. #8
    Linux Engineer nujinini's Avatar
    Join Date
    Apr 2009
    Posts
    1,272
    "So the rule of thumb is, know what you want to achieve and do whichever one works for you. There's always more than one way to do things in linux." reed9

    This is what I need to know.

    Thanks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •