Linux - su command (switch user)

1 - About

The su command (switch user) is a part of the user management.

To switch to another user, use the su command. This is most commonly used to switch to the root account.

su run a shell with substitute user and group IDs

Change the effective user id and group id to that of USER.

3 - Synopsis

su [OPTION]... [-] [USER [ARG]...]


  • -, -l, –login: make the shell a login shell
  • -c, –command=COMMAND: pass a single COMMAND to the shell with -c
  • –session-command=COMMAND pass a single COMMAND to the shell with -c and do not create a new session
  • -f, –fast: pass -f to the shell (for csh or tcsh)
  • -m, –preserve-environment: do not reset environment variables
  • -p same as -m
  • -s, –shell=SHELL: run SHELL if /etc/shells allows it
  • –help display this help and exit
  • –version: output version information and exit

A mere - implies -l. If USER not given, assume root.

4 - Management

4.1 - Autorization

4.2 - Configuration

su reads the following configurtion files:

  • /etc/default/su
  • /etc/login.defs

cat /etc/login.defs

# Please note that the parameters in this configuration file control the
# behavior of the tools from the shadow-utils component. None of these
# tools uses the PAM mechanism, and the utilities that use PAM (such as the
# passwd command) should therefore be configured elsewhere. Refer to
# /etc/pam.d/system-auth for more information.

#   Directory where mailboxes reside, _or_ name of file, relative to the
#   home directory.  If you _do_ define both, MAIL_DIR takes precedence.
#   QMAIL_DIR is for Qmail
#QMAIL_DIR      Maildir
MAIL_DIR        /var/spool/mail
#MAIL_FILE      .mail

# Password aging controls:
#       PASS_MAX_DAYS   Maximum number of days a password may be used.
#       PASS_MIN_DAYS   Minimum number of days allowed between password changes.
#       PASS_MIN_LEN    Minimum acceptable password length.
#       PASS_WARN_AGE   Number of days warning given before a password expires.

# Min/max values for automatic uid selection in useradd
UID_MIN                  1000
UID_MAX                 60000
# System accounts
SYS_UID_MIN               201
SYS_UID_MAX               999

# Min/max values for automatic gid selection in groupadd
GID_MIN                  1000
GID_MAX                 60000
# System accounts
SYS_GID_MIN               201
SYS_GID_MAX               999

# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#USERDEL_CMD    /usr/sbin/userdel_local

# If useradd should create home directories for users by default
# On RH systems, we do. This option is overridden with the -m flag on
# useradd command line.

# The permission mask is initialized to this value. If not specified,
# the permission mask will be initialized to 022.
UMASK           077

# This enables userdel to remove user groups if no members exist.

# Use SHA512 to encrypt password.


5 - Example

5.1 - To switch to root account...

  • By default, su switch to root.

su -
# or sudo su -

- start a login shell
  • The login prompt shows that your are root

[[email protected] gerardnico]#

  • And you when exiting, you come back to your session (here as gerardnico)

[[email protected] gerardnico]# exit
[[email protected] ~]$

5.2 - To switch to the user 'gerardnico'...

[[email protected] /]# su gerardnico
[[email protected] /]$
[[email protected] /]$ exit
[[email protected] /]#

Data Science
Data Analysis
Data Science
Linear Algebra Mathematics

Powered by ComboStrap