There are many Linux commands which deal with sensitive information like passwords, system hardware, or otherwise operate under other exceptional circumstances. Preventing regular users from executing these commands helps to protect the system. Logging in as the root user provides administrative access, allowing for the execution of some of the privileged commands.
su OPTIONS USERNAME
su command allows you to temporarily act as a different user. It does this by creating a new shell. The shell is simply a text input console that lets you type in commands. By default, if a user account is not specified, the su command will open a new shell as the root user, which provides administrative privileges. After executing the
su command, a password is required. Note the command prompt has changed to reflect that you are now logged in as the root user. To logout and return to the sysadmin account, use the exit command. Note the prompt changes back:
To avoid executing any sensitive commands, we’ve configure the Steam Locomotive command, the
sl command, to require administrative access. If the command is executed as sysadmin, it fails. Use the
su command to switch to the root account and execute the
sl command with administrative access:
sudo [OPTIONS] COMMAND
sudo command allows a user to execute a command as another user without creating a new shell. Instead, to execute a command with administrative privileges, use it as an argument to the
sudo command. Like the
su command, the
sudo command assumes by default the root user account should be used to execute commands.
Execute the sl command as the root user by putting
sudo in front of it:
Once the command has completed, notice the prompt has not changed, you are still logged in as sysadmin. The
sudo command only provides administrative access for the execution of the specified command. This is an advantage as it reduces the risk that a user accidentally executes a command as root. The intention to execute a command is clear; the command is executed as root if prefixed with the
sudo command. Otherwise, the command is executed as a regular user.