Sudo vs su command differences

Overview

Hello there fellow Linuxers. Hopefully you’re all being practicing your skills or at least learning new skills. On your journey learning or trying to master Linux you must have came across certain commands that you saw others use and you just copy-paste it? For example, I’ve noticed that new users have troubles understanding the difference in (not holy) trinity of commands sudo, su and su- so they don’t use them properly. Ergo, on today’s menu is a special about sudo vs su command differences -. Let’s get started.

sudo

First one to mention is sudo. sudo (meaning super user do) is command that allows you to run a certain command as root user. It doesn’t require root password to be entered, just user’s password. But, the trick is user has to be in sudo group and to add one to a sudo group you’ll have to enter:

usermod -aG sudo [username] or adduser [username] sudo - (this works on Debian, haven’t tested it on other distros)

Caution! If by any chance you found an info on the net or someone has told you that you can add user to sudo group by editing /etc/sudoers file - it’s true. But, if you’re unexperienced user I’ll advice you against it. The reason is if you mistype you can lock yourself out of root access, so be very cautious if you decide to experiment with it.

Now let’s put it to a test. A regular user cannot access /root directory:

ls /root

Logical, innit? However, when you put user to a sudo group, situation changes:

sudo ls /root

sudo is mostly used to run certain commands regular user could not.

su

Next command is su which is short for substitute user. As its name suggests, this command allows you to switch to another user account. Quite handy option for sys admins when they have to do something on other users account. Syntax is quite simple:

su [option] [username]

So, if I wanted to switch to another user account (which I created just for this reason) I would use:

su tester

As you can see, I’m now logged as another user and with that I’ve acquired user’s permissions and privileges. Let’s see what happens when you omit username:

su

On the surface looks just like previous case but closer inspection shows a difference - in first case you were asked to enter password of user you’re trying to switch to and in second case, when you omitted username, you were asked for a root’s password. Why? Because when you omit username, system defaults to root account. By now some of you surely asked where are mentioned options? Well, for basic switch between accounts options are unnecessary. But when you need some extra things to be done, you’ll add options:

• -s (to specify which shell to use {sh, bash, zsh,…})
• -m (to preserve current enviroment)
• -p (same as -m)
• -c (to run specified command and returns user to original login)
• - (to log you into user’s enviroment)
• -l (same as -)

Now that we mentioned su - command let’s see what is it about.

su -

You must be confused seeing login option with su command considering that switching to another account means you’re logging in. Well, there is a slight difference. Let’s see it in an example.

At first glance it seems the same, but notice the difference: when I used su tester I switched to another user’s account, but enviroment remained the same for me (notice /home/orbywan$), while using su - tester logged me directly in that user’s enviroment. And, yes, it’s same situation with root account.

Basically, you’ll use su when you need to do something as root user under your enviroment (like running some script) and su - when you need to do something as root user under root’s enviroment (like installing nginx or apache and setting them to autorun).

Summary

In quick retrospective:

• sudo is a command that allows you to run important commands with elevated privileges
• su is a command that allows you to switch to another user, but under your enviroment and your variables, which is suitable, for example, to run some scripts
• su - is a command that allows you to switch to another user with its original variables and enviroment

That’s it folks! That’s all required info you need about those three commands. Now you should be able to understand the differences between sudo, su. Practice your skills so you don’t get rusty. Till the next time stay sharp.

Thank you for your time…