What is the difference between "su" and "sudo" ?
in [General Linux]
|
Prev: chdir usage
Next: how to alias
From: SINNER on 31 Dec 2009 11:32 * Chris Cox wrote in comp.os.linux.misc: > Matthew Lincoln wrote: >> Sorry for this newbie question: >> >> at is the difference between "su" and "sudo" command ? > > sudo is a more flexible and feature full way of doing something > as another user. Has more options allowing for things like > executing only specific commands, executing things without > password, etc. It's closer to allowing role based security. > > su is pretty basic. You have that backwards. su opens a shell as that user, from there you can do anything as the new user. sudo limits you to one command and is far more limited. sudo elevates your permissions, su makes you the specified user. -- David
From: GangGreene on 31 Dec 2009 12:14 SINNER wrote: > * Chris Cox wrote in comp.os.linux.misc: > >> Matthew Lincoln wrote: >>> Sorry for this newbie question: >>> >>> at is the difference between "su" and "sudo" command ? >> >> sudo is a more flexible and feature full way of doing something >> as another user. Has more options allowing for things like >> executing only specific commands, executing things without >> password, etc. It's closer to allowing role based security. >> >> su is pretty basic. > > You have that backwards. su opens a shell as that user, from there you can > do anything as the new user. sudo limits you to one command and is far > more limited. > > sudo elevates your permissions, su makes you the specified user. > Wrong! sudo -i whoami
From: Florian Diesch on 31 Dec 2009 12:59 Robert Riches <spamtrap42(a)verizon.net> writes: >> sudo requires you to enter your own password. It checks a configuration >> file (/etc/sudoers) to determine who is allowed to execute different >> commands. > > Whether you have to enter a password, and which password you have > to enter, is configured. From what I have read, the thing of > entering your own password appears to be a Ubuntuism. I use sudo > all the time and have never seen the practice of entering my own > password to use sudo. It's often used if you don't want to change the root password every time somebody leaves the admin team and of course it's the only sane thing if you want to give only partial sudo access to somebody. Florian -- <http://www.florian-diesch.de/software/shell-scripts/>
From: John Hasler on 31 Dec 2009 13:18 Robert Riches writes: > From what I have read, the thing of entering your own password appears > to be a Ubuntuism. I use sudo all the time and have never seen the > practice of entering my own password to use sudo. It is the default configuration in Debian. You are, of course, free to change it in either Debian or Ubuntu. Florian writes: > It's often used if you don't want to change the root password every > time somebody leaves the admin team and of course it's the only sane > thing if you want to give only partial sudo access to somebody. Offhand, I can't think of a good reason to configure it to require the root password. -- John Hasler jhasler(a)newsguy.com Dancing Horse Hill Elmwood, WI USA
From: Alan Mackenzie on 31 Dec 2009 13:43
In comp.os.linux.setup Matthew Lincoln <kmlincoln100(a)hotmail.com> wrote: > Sorry for this newbie question: > What is the difference between "su" and "sudo" command ? su switches to another user, root by default. More precisely, it starts a command shell as that user (unless you explicitly give another command). You get prompted for the pertinent password. sudo <command> executes <command> as though you were root. You _don't_ get prompted for any password; instead, there's some sort of configuration file that constitutes a database of who's allowed to execute what commands via sudo. The functionality of these commands overlaps somewhat; su -c <command> does pretty much the same as sudo <command>. sudo bash does pretty much the same as su. The main use of sudo, as far as I can tell, is to create systems without a root user (or without a root password). Ubuntu does this. The theory is that Ubuntu users aren't really to be trusted with a proper root account because they'll likely foul things up, but they need a certain degree of root capability, so this is the safest way to give it them. I find this attitude rather snotty, and when I additionally discovered that Ubuntu had put in it's own non-standard init program (for no good reason), and they had forgotten to document its configuration, I chucked Ubuntu. Happy New Year! > Matthew -- Alan Mackenzie (Nuremberg, Germany). |