How to Use the Command 'su' (with examples)

The su command, short for “substitute user,” is a utility in Unix and Linux-based operating systems that allows a user to switch to another user’s shell. Primarily used to execute commands with the privileges of another user, the su command is essential for system administrators and users who need to operate with elevated permissions or access a different user environment. This article will illustrate various use cases of the su command with practical examples.

Use Case 1: Switch to Superuser (requires the root password)

Code:

su

Motivation: Switching to the superuser is a critical action for system administrators. The root user, also known as the superuser, has access to all commands and files on a Unix/Linux system. This privilege level is necessary for tasks such as installing software, changing system settings, or managing user permissions. Ensuring that these tasks are performed with the correct permissions helps maintain the system’s integrity and security.

Explanation: In this command, su is used without specifying any user. By default, this switches the session to the root user. To successfully execute this command, the user must know the root password.

Example Output: Upon entering the su command and the correct password, the prompt may change to indicate superuser status, often shown by a hash character (#):

Password:
#

Use Case 2: Switch to a Given User (requires the user’s password)

Code:

su username

Motivation: Switching to another user’s shell is helpful when you need to perform actions as that user. For example, a system administrator might need to verify file permissions or perform user-level troubleshooting without having root privileges, which can sometimes overstep access boundaries and security constraints enforced on regular users.

Explanation: Here, su is followed by the username argument, indicating the target user to switch to. The command requires the password of the specified user to proceed, ensuring that only authorized users can perform actions on behalf of others.

Example Output: After entering the correct password for the specified user, the prompt will change, reflecting the user’s credentials:

Password:
username@hostname:~$

Use Case 3: Switch to a Given User and Simulate a Full Login Shell

Code:

su - username

Motivation: Using su - username is ideal when you need to simulate a full login environment for the specified user, ensuring all their shell startup scripts are executed. This method is especially useful when testing user-specific configurations or when an application must run in an environment faithful to the user’s normal login.

Explanation: In this command, the hyphen (-) is followed by the username. The hyphen simulates a login shell for the user, loading the environment as if the user had logged in afresh, including profile scripts in paths like /etc/profile, ~/.bash_profile, or ~/.profile.

Example Output: The console prompt will reflect the target user’s environment setup, similar to the output of a new session:

Password:
username@hostname:~$

Use Case 4: Execute a Command as Another User

Code:

su - username -c "command"

Motivation: Executing a specific command as another user is a powerful feature of su, providing users with the flexibility to run tasks with the exact user privileges, without needing to switch the entire shell session. This use case is crucial for scripting and automation, where temporarily elevated privileges for particular commands are necessary while maintaining script execution flow.

Explanation: This command uses su followed by - username to specify user privileges and -c "command" to define a singular command to execute in the user’s environment. The -c flag tells su to pass the enclosed string as a command to be executed.

Example Output: The output will depend on the command specified within quotes. For example, running su - john -c "whoami" would produce:

Password:
john

Here, whoami outputs the current user’s name, confirming the execution under the specified account.

Conclusion:

The su command is a versatile tool for Unix/Linux system administration, crucial for managing user environments and system permissions. By understanding how to leverage su’s capabilities, users can efficiently perform tasks across different user contexts, maintain system security, and streamline command execution workflows. Whether switching to a superuser, accessing another user’s shell, simulating full login sessions, or executing specific commands with alternate privileges, su provides a dynamic and robust solution to many administrative challenges.