49. User Management - su, sudo
Contents
We can switch between users through the su and sudo commands. Also, we can use these two commands to perform certain command operations with the privileges of other users.
su
Here are two arguments for mesg command:
Option | Meaning |
---|---|
- or -l or ‑‑login | Start a shell as a login shell and switch to the specified user’s home directory. |
Stay on the Current Working Directory After Switching User
By default, the su command replaces the current user with the root user.
|
|
When we replace root with user, we don’t need to enter a password.
Change Current Working Directory to the Switched User Home Directory
With the - or -l or -login option, we can use the new current user’s home directory as the working directory after replacing the user:
|
|
sudo
Edit Sudoers File
Locked Before Editing
A more rigorous approach, which locks the /etc/sudoers file and then opens it:
|
|
At this point, if a user logged in via another terminal also wants to edit the / etc/sudoers file via visudo, the following alert will appear:
Naked Editing
One less rigorous approach is to open the /etc/sudoers file directly and others can edit it at the same time:
|
|
Editing the Content
|
|
|
|
|
|
Run the Command as Another User
Let’s replace the current user with the newly created user:
|
|
We need to use the sudo command to run the administrator’s command:
|
|
When configured, if the command is assigned under passwd, you need to enter the user’s password when using the command to prevent malicious abuse of account permissions by others:
|
|
Alias
We can subdivide each as a part through alias:
|
|
|
|
wheel group
We can configure a user’s privileges the same as root through the wheel group:
|
|
|
|
Create a new user to append a wheel supplementary group to that user:
|
|
References 22.5 su: Run a command with substitute user and group id, SU(1), Sudoers Manual, Visudo 1.8.23 Manual
Author Dong Chen
LastMod Thu Mar 21 2019