[Last Call] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 652
  • Last Modified:

SUDO -SU ......

How do I know when I'm should use "sudo -su...." instead of just "su -..."?
2 Solutions
Kent OlsenData Warehouse Architect / DBACommented:
Hi paynestreet,

sudo -su      is designed to allow a user to su to a user (such as root) to whom he normally doesn't have access.  It also allows the user to su to privileged accounts (like root) without a password.

su -             is designed to allow any user to su to any other user.  If the originating user is privileged a password is not required.

Good Luck!
Also, sudo logs the accesses, and can be set up to allow a user to have access to only certain commands.

su gives total access (if you have the password).  

For example if you have a users that only needs to run a single command as root, you can set that person up in the sudoers file and they can run the command without knowing the root password of the box.

If you allow the to just us su to access root, then they need the root password, which means they basically have the master key to your entire system, and if you have the same password on other boxes, they can access those boxes too...
user visudo -s  instead of editing the /etc/sudoers file.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now