1 , su applicable conditions and power
su command is the tool to switch users, how to understand it? For example, we beinan log in as a normal user, but you want to add user tasks, execute useradd, beinan users do not have this authority, and this authority is precisely owned by root. Remedy You can not have two, one exit beinan user, log back in as the root user, but this approach is not the best; and second, we do not need to quit beinan users can use su to switch to the root user to add work, and other tasks to complete before exit root. Of course, we can see that by switching su is a better way;
The user can switch between by su, if the super-user privileges root password is not required to switch to the ordinary user or virtual, what is power? This is! Switching ordinary user to any other user that require password authentication;
2 , su usage:
su [OPTION Option parameter] [users]
-, -l, --login user login and change switched environment;
-c, --commmand = COMMAND to execute a command, and then exit the switch to the user environment;
For further details, see man su;
3 , su examples:
su without any arguments, the default is to switch to the root user, but does not go to the root user's home directory, that is to say at this time though is to switch to the root user, but does not change the root login environment; the user's default login environment in the / etc / passwd to search, can be obtained, including the home directory, SHELL definitions;
[Beinan @ localhost ~] $ su
Password:
[root@localhost beinan]# pwd
/ Home / beinan
su additional parameters - indicates default to root, and root user to change the environment;
[beinan@localhost ~]$ pwd
/ Home / beinan
[Beinan @ localhost ~] $ su -
Password:
[root@localhost ~]# pwd
/root
su parameters - user name
[Beinan @ localhost ~] $ su - root Note: This and su - is the same function;
Password:
[root@localhost ~]# pwd
/root
[Beinan @ localhost ~] $ su - linuxsir Note: This is to switch to the user linuxsir
Password: Note: Here enter the password;
[Linuxsir @ localhost ~] $ pwd Note: See the current position of the user is located;
/home/linuxsir
[Linuxsir @ localhost ~] $ id Note: View user's UID and GID information, mainly to see whether to switch came;
uid=505(linuxsir) gid=502(linuxsir) groups=0(root),500(beinan),502(linuxsir)
[linuxsir@localhost ~]$
[Beinan @ localhost ~] $ su - -c ls Note: This is a combination of parameters su, expressed switch to the root user and change to the root environment, and then list the files in the root directory of the home, and then exit the root user;
Password: Note: Here enter the root password;
anaconda-ks.cfg Desktop install.log install.log.syslog testgroup testgroupbeinan testgrouproot
[Beinan @ localhost ~] $ pwd Note: See the current location of the user is located;
/ Home / beinan
[Beinan @ localhost ~] $ id NOTE: To view the current user information;
uid = 500 (beinan) gid = 500 (beinan) groups = 500 (beinan)
4 , su advantages and disadvantages;
su indeed for the management of convenience, by switching to the next root, able to complete all system management tools, as long as the root password to any regular user, he can switch to root to do all the system administration;
However, after switching to the root by su, also insecurity; such system has 10 users and management are involved. If these 10 are related to the use of super user privileges, as administrator if you want to switch to another user via su root authority's root, root access password must be told that 10 users; if 10 users have root privileges, you can do anything with root privileges, which would threaten to create a security system to some extent; Windows think of it, is simply a nightmare;
"There is no unsafe system, only insecure people," we absolutely can not guarantee that these 10 users can press the normal operating procedures to manage the system, any of them major mistake on system operation, it may lead to a system crash or data loss ;
So su tool in the management of people involved in the system, not the best choice, su applies only to one or two people involved in the management of the system, after all, it does not allow ordinary users su limited use;
Super user root password should be mastered in a few hands of users, this is definitely the truth! So there is still authoritarian rule of a grain of truth;