Switching Users and Running Commands as Others

Start course
Overview
Difficulty
Intermediate
Duration
2h 10m
Students
13
Description

As the title suggests, this course looks at intermediate-level skills for those who already know a bit about Linux but want to enhance that knowledge. In this course, we build upon some of the topics covered in our Linux Fundamentals course, including files and shell scripting, but also introduce new concepts such as wildcards, job control, switching users, and installing software. 

This course is part of the Linux Administration Bootcamp learning path, designed to get you up and running with Linux.

Learning Objectives

  • Learn what wildcards are and how and when to use them
  • Understand input, output, and redirection
  • Work with files and shell scripting
  • Implement processes and job control, and switch between users
  • Install software using RPM- and Debian-based systems

Intended Audience

  • Anyone with basic knowledge of Linux who wants to learn more
  • Professionals who want to learn more about Linux to enhance their career prospects

Prerequisites

This is an intermediate-level course so some knowledge of Linux is expected. If you're just starting out, then try our Linux Fundamentals course first.

Transcript

This lesson will cover how to switch to other accounts and how to run commands and programs as other users. One way to start a session as another user on the system is to use the su command. If no arguments are supplied to su, it assumes that you are trying to become the super user or root account.

Executing su without any options is the same thing as executing su root. Your current environment is passed to the new shell unless you specify a hyphen or a dash. In that case, su creates an environment like you would expect to see had you logged in as that user.

Use the -c option to su, to specify command to be executed. If the command you want to execute is more than one word in length, then you need to surround it with quotes. If you want to know what user you are working as, run the whoami command. If you run whoami, it should return your current account name, and after you su or switched to another user, whoami should return that user account's name.

Let's set an environment variable to test with. I'll set TEST=one. Now let's use the su command to switch to the oracle user for instance. And you can see that that environment variable is passed on. Our environment exist after we changed to the oracle user. Let's use su with a dash to get oracle's environment. And you can see that our environment variable of TEST was not passed on when we su - to the oracle user. Also, we ended up in the oracle's home directory. Let's pass a command.

Let's do this; 'echo $ORACLE_HOME'. And nothing was returned. We didn't specify that we wanted oracle's environment. Rather, we used our environment. Let's use a dash to say, "Let's get oracle's environment." And now you can see that that environment variable that exists in the oracle account is accessible to us.

Another way to switch users or execute commands as others is to use the sudo command. Sudo allows you to run programs with a security privileges of another user. Like su, if no username is specified, it assumes that you are trying to run commands as the super user. This is why sudo is referred to as superuser do. It is commonly used to install, start, and stop applications that require root privileges.

One of the advantages of using sudo over the su command is that you don't need to know the password of the other user. This can eliminate some issues that arise from using shared passwords and generic accounts. When you execute the sudo command, you are prompted for your password.

If the sudo configuration permits access, that command is executed. The sudo configuration is typically controlled by the system administrator and requires root access to change. Of course, on your personal system, you have access to the root account and you are effectively the system administrator as well. To see the commands that are available for you to run with sudo, use sudo -l.

To run a command as a root user, just run sudo space the command you want to execute. You can specify a user with -u. So sudo -u root command is the exact same thing as sudo command. However, if you want to run a command as another user, you need to specify that with -u. So sudo -u oracle command, for example. You can use sudo su to switch to the super user account. If you use sudo su - and hit enter, you get switched to the super user account with the root's environment. Sudo su - username would switch to that username's account with an environment like you would expect to see had you logged in as that user. 

Another way to switch to another account with sudo is to use the -s option. If you run sudo -s, that will start a shell as root. You can specify a user with a -u option. We can use the sudo -l command to see what commands we can run with sudo. In this case, it looks like it can run any command and I don't even need to specify a password.

Here's an example where you would use sudo to execute a command as root. For instance, let's start an application called Oracle. You can also run sudo with -u to run programs as other users besides root. So let's run something as the user bob, and let's say we need to stop, start bob's app as the user bob. And that worked and that program is running as bob.

Let's switch to the oracle account. And you can see that I'm the oracle user. And now I'm back to my normal jason account, and I can also use sudo -s. Let's do that to change to the root account. And you can see that I'm a root account and I'm in my home directory.

Let's do this another way. You can also switch to the root account with sudo su or even sudo su - to get roots environment. If you need to modify the sudo configuration, use the command visudo. It effectively starts the vi editor and edits the /etc/sudoers file. The visudo command has to be executed with a root privileges. This means that you either need to switch to the root account and run visudo. For example, su root then run visudo, or run sudo visudo as your own account. the sudoers file contains a list of users and what commands that those users can run, and as what users those commands can be run as.

There are many options to the sudoers file, but the most simple format and one that you'll see quite often is a line that gives a specific user a set of commands that he or she can run. The specification starts with the user that is getting the sudo privilege followed by the host on which that user can execute those privileges on. This allows system administrators to use one sudoers configuration file and distribute that to multiple servers.

The user listed in parentheses is the user that the commands will run as. Finally, a list of commands is provided that the user can run. You can separate multiple commands with a comma. Also, if you don't require that a password be entered when using sudo, you can supply the no password decorator in front of the commands. Use the su command to switch users.

To get the user's environment that you're switching to, remember to use a hyphen or a dash. The whoami command displays your current account name. The sudo command allows you to execute programs as other users. To switch users with sudo, use sudo -s or sudo su. If you need to change the sudoers configuration, use the visudo command to edit the sudoers file.

About the Author
Avatar
Jason Cannon
Founder, Linux Training Academy
Students
210
Courses
40
Learning Paths
4

Jason is the founder of the Linux Training Academy as well as the author of "Linux for Beginners" and "Command Line Kung Fu." He has over 20 years of professional Linux experience, having worked for industry leaders such as Hewlett-Packard, Xerox, UPS, FireEye, and Amazon.com. Nothing gives him more satisfaction than knowing he has helped thousands of IT professionals level up their careers through his many books and courses.

Covered Topics