Administrative Access

There are many Linux commands which deal with sensitive information like passwords, system hardware, or otherwise operate under other exceptional circumstances. Preventing regular users from executing these commands helps to protect the system. Logging in as the root user provides administrative access, allowing for the execution of some of the privileged commands.

The su Command

su OPTIONS USERNAME

The su command allows you to temporarily act as a different user. It does this by creating a new shell. By default, if a user account is not specified, the sucommand will open a new shell as the root user, which provides administrative privileges.

Follow Along

Utilizing the login shell option is recommended, as the login shell fully configures the new shell with the settings of the new user. This option can be specified one of three ways:

su -
su -l
su --login 

Use the su command to switch to the root account

Use the exit command again to return to the sysadmin account.

root@localhost:~# exit
exit
sysadmin@localhost:~$

The sudo Command

sudo [OPTIONS] COMMAND

​⁠​‌‌⁠⁠⁠⁠​

The sudo command allows a user to execute a command as another user without creating a new shell. Instead, to execute a command with administrative privileges, use it as an argument to the sudocommand. Like the su command, the sudo command assumes by default the root user account should be used to execute commands.

Consider This

The sudo command can be used to switch to other user accounts as well. To specify a different user account use the -u option.

The sudo command only provides administrative access for the execution of the specified command. This is an advantage as it reduces the risk that a user accidentally executes a command as root. The intention to execute a command is clear; the command is executed as root if prefixed with the sudocommand. Otherwise, the command is executed as a regular user.