sudo vs su and more

It took me a while to figure out that “sudo -s” was usually what I wanted in Ubuntu. On these forums, I see people using “su” and “su -l” and other variants.

Below are some notes I collected/edited for Ubuntu. Would anyone be kind enough to suggest edits so I can use these notes for opensuse? (Let’s make these notes into an opensuse “super user” mini-tutorial.)

[ubuntu] How is root’s PATH set? - Ubuntu Forums]([ubuntu] How is root's PATH set?)

sudo su
with su you are basically root, but your own environmental variables are "preserved".
sudo -s
And your environmental variables are merged with that of root's.
sudo -i
On the other hand is "true" root access. None of your variables are carried over and only the root Defaults remain.

I tried “sudo -i”, “sudo -s”, “sudo bash”, and “sudo su”, and ran
env > env-{i,s,bash,su} after each one. This is what I found out:

                                corrupted by user's 
        HOME=/root    root's PATH     env vars
sudo -i         Y        [2]                 N
sudo -s        N        [2]                 Y
sudo bash    N        [2]                 Y
sudo su        Y        [1]                 Y

[1] PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
probably set by /etc/environment
[2] PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin


[ubuntu] Adding variables to the ROOT account $PATH - Ubuntu Forums]([ubuntu] Adding variables to the ROOT account $PATH)
[ubuntu] How is root’s PATH set? - Ubuntu Forums]([ubuntu] How is root's PATH set?) (same as link above)


RootSudo - Community Help Wiki

To start a root shell (i.e. a command window where you can run Root commands), starting Root’s environment and login scripts, use:

sudo -i (similar to sudo su - , gives you roots environment configuration)

To start a root shell, but keep the current shell’s environment, use:

sudo -s (similar to sudo su)

For a brief overview of some of the differences between su, su -, and sudo -{i,s} see : Ubuntu Forums Post with nice table .

For a detailed description of the differences see man su and man sudo .


RootSudoTimeout - Community Help Wiki

RootSudoTimeout

By default sudo remembers your password for 15 minutes. If you want to change that you can do so by

sudo visudo

This opens an editor and points it to the sudoers file – Ubuntu defaults to nano, other systems use Vi. You’re now a super user editing one of the most important files on your system. No stress!

(Vi specific instructions noted with (vi!). Ignore these if you’re using nano)

Use the arrow keys to move to the end of the Defaults line.
(vi!) press the A (capital "a") key to move at the end of the current line and enter editing mode (append after the last character on the line).
Now type
,timestamp_timeout=X
where X is the timeout expiration in minutes. If you specify 0 you will always be asked the password. If you specify a negative value, the timeout will never expire. E.g. Defaults env_reset,timestamp_timeout=5
(vi!) hit Escape to return to command mode. Now, if you're happy with your editing, type in :w <ENTER> to write the file and :q <ENTER> to exit vi. If you made a mistake, perhaps the easiest way is to redo from start, to exit without saving (hit Escape to enter the command mode) and then type :q! <ENTER>.
hit CTRL + X, then Y, then <ENTER> to save your file and exit nano. 

You might want to read the sudoers and vi manual pages for additional information.

man sudoers

man vi

Have a read of

http://forums.opensuse.org/information-new-users/unreviewed-how-faq/424498-become-su-terminal-howto.html

SDB:Login as root - openSUSE

and read the man pages.

After some experimentation with sudo, it appears that opensuse sets the -H option ( set the HOME environment variable to the home directory of the target user (root by default)). That’s not what I want. I prefer the Ubuntu behavior which is that sudo keeps the HOME environment variable set to the original user’s home directory.

How would I change this? There must be an alias defined for sudo that sets it to “sudo -H”. Where would this be defined (so I can undefine it)? Thanks.

I would also like to find a method for merging user history with root history (similar to the way the PATH environment variables are merged with “su”). Any suggestions?

Here are my opensuse notes for anyone else who is interested. The short summary for the default configuration in opensuse:

  • “sudo -s”, “sudo su” and “sudo bash” are equivalent and they have the fewest elements in the path.
  • “sudo -i” and “su -” seem equivalent and they have the most elements in the path, but /home/<user> is not in the path and neither is “.”
  • “su” falls between the two and it does include /home/<user> in the path

me@desktop
$PATH: /home/me/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:.
user history available
HOME=/root NO

sudo -s
$PATH: /usr/bin:/bin:/usr/sbin:/sbin
root history available
HOME=/root YES

sudo su
$PATH: /usr/bin:/bin:/usr/sbin:/sbin
root history available
HOME=/root YES

sudo bash
$PATH: /usr/bin:/bin:/usr/sbin:/sbin
HOME=/root YES

su
Password:
$PATH: /home/me/bin:/usr/local/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin
root history available
HOME=/root YES

sudo -i
root’s password:
$PATH: /sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin
root history
HOME=/root YES

su -
$PATH: /sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin
root history available
HOME=/root YES

On Mon, 16 Jan 2012 17:36:02 +0000, MountainX wrote:

> After some experimentation with sudo, it appears that opensuse sets the
> -H option ( set the HOME environment variable to the home directory of
> the target user (root by default)). That’s not what I want. I prefer the
> Ubuntu behavior which is that sudo keeps the HOME environment variable
> set to the original user’s home directory.
>
> How would I change this? There must be an alias defined for sudo that
> sets it to “sudo -H”. Where would this be defined? Thanks.

man sudo

Points to:

man sudoers

Which explains how to configure sudo. :slight_smile:

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

I’m sure that somewhere in those 1680 lines of dense text there is at least a hint of how to solve the simple question I asked. Unfortunately, it would take me hours to dig out that solution.

Can someone please give me a direct answer (in the spirit of StackOverflow)?

References:
Discussion etiquette, Google factor - Meta Stack Overflow
*(I mean... still "google it" answers? - Meta Stack Exchange)

Although it is realistic to say “You should just google it”, one of the goals of Stack Overflow and other related sites is to make our answers the #1 hit on Google and other search engines. If that is the case, then telling them to “go google it” makes no sense.
If they ask a question and you can provide an answer from Google, it may help if you provide some relevant links with descriptions about the information provided. Maybe give some short quoted material and examples. There is nothing wrong with providing information from Google, but don’t just go and say “Just Google It, dummy”.

BTW, I think I have already proven by my longer follow up about the specifics of the behaviors of these commands in both Ubuntu and OpenSuse, that generic answers are not what I’m seeking. I’m seeking specific details that are not spelled out in the man pages. For example, the man pages don’t tell me exactly how OpenSuse and Ubuntu differ in their handling of setting environment variables when a user types the sudo command. The man pages are far too generic to be a good response to my specific question. And again, in the spirit of StackOverflow, providing good answers (rather than sending people to Google or man pages) can be a good policy, right?

Do you have a problem with openSuSE that you need help with (this is a user-to-user technical help forum for openSuSE installation problems), or are looking for someone to do your school homework for you?

On Mon, 16 Jan 2012 18:16:03 +0000, MountainX wrote:

> I’m sure that somewhere in those 1680 lines of dense text there is at
> least a hint of how to solve the simple question I asked. Unfortunately,
> it would take me hours to dig out that solution.
>
> Can someone please give me a direct answer (in the spirit of
> StackOverflow)?

If you search for ‘home’ (try “/home” while in ‘man’) that will help you
find what you’re looking for.

If you also look at the sudoers file and search on ‘home’, you’ll see
that there’s a default in the file that covers this.

As for “direct answers” - there are two schools of thought:

  1. A direct answer certainly answers that particular question.

  2. people answering questions and people asking questions both have
    access to the same documentation. Why should one person read another
    person documentation they have access to? Kinda along the lines of “feed
    someone else” vs “teach someone else how to fish”.

In the long run, if users learn where to look for answers, then those
providing the answers aren’t just regurgitating documented answers
already.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 01/16/2012 06:36 PM, MountainX wrote:
>
> After some experimentation with sudo, it appears that opensuse sets the
> -H option ( set the HOME environment variable to the home directory of
> the target user (root by default)). That’s not what I want. I prefer the
> Ubuntu behavior which is that sudo keeps the HOME environment variable
> set to the original user’s home directory.

well, it seems to me the last time i checked if i have logged into the
DE, then open a konsole or xterm and type/enter


sudo $PATH

i do not get root’s path as you seem to indicate i should…it seems to
me i have always experienced that when i do a simple sudo i
am doing with my environment and the powers granted to me
by sudoers…or am i missing something…

How would I change this? There must be an alias defined for sudo that
sets it to “sudo -H”. Where would this be defined? Thanks.

i do not think so…but, if you type/enter this you can look for yourself:


alias

sudo su

why would anyone ever want/need to do that? (i admit i may need more
training on this!)

su is to switch user from whoever your are when issuing the command, to
whoever you wanna be…and, sudo is to allow one to do things not
usually available to be done with one’s own rights…

since su is a command which can be prosecuted as a regular user or as
the root user i can’t see a reason for “sudo su” ??

that is:

if you are me and wanna become root with root’s environment do


su -     <and there are other variations which will do this

if you are me and wanna become root with me’s environment do


su

if you are root and wanna become me, do


su me

or even easier,
if you are root and wanna become me, do


exit

unless of course you are root and wanna become someone other that the
former user, like say you wanna be someoneElse, then as root do


su someoneElse

and, by the way, that last one can be given by root, me or You…as long
as you know the root pass…

but, i am open to learning something.

but…please do not tell me that you set up your sudoer so that
everyone on your system is able to become anyone that wanna be.


DD http://tinyurl.com/DD-Caveat http://tinyurl.com/DD-Hardware
http://tinyurl.com/DD-Software
openSUSE®, the “German Engineered Automobiles” of operating systems!

On 01/16/2012 07:16 PM, MountainX wrote:
> a good policy

each individual here is allowed to define their own policy, without your
help…

which is another way of saying:

grab a copy of the su man from Ubuntu and bounce it against the su man
from openSUSE…i’d guess diff could be helpful, but i do not know…

and, that way neither Jim nor anyone else here who may have never used
Ubuntu needs to do the research necessary for you to build a
‘translator’ you can use to understand the differences…


DD http://tinyurl.com/DD-Caveat http://tinyurl.com/DD-Hardware
http://tinyurl.com/DD-Software
openSUSE®, the “German Engineered Automobiles” of operating systems!

On 2012-01-16 19:16, MountainX wrote:
>
> BTW, I think I have already proven by my longer follow up about the
> specifics of the behaviors of these commands in both Ubuntu and
> OpenSuse, that generic answers are not what I’m seeking. I’m seeking
> specific details that are not spelled out in the man pages. For example,
> the man pages don’t tell me exactly how OpenSuse and Ubuntu differ in
> their handling of setting environment variables when a user types the
> sudo command. The man pages are far too generic to be a good response to
> my specific question. And again, in the spirit of StackOverflow,
> providing good answers (rather than sending people to Google or man
> pages) can be a good policy, right?

But you are asking us to tell you the differences with Ubuntu. How can I,
if I have never used Ubuntu save for a few minutes?

I can not say how the default sudo works, because I change it. I did my
homework once, and I don’t have to figure it out again. In my system you
can not do, for example “sudo fdisk -l” because it will not work.
Intentionally, by the way.

I always use “su -”, and I know what it does. Other variations do not worry me.

You say:

> After some experimentation with sudo, it appears that opensuse sets the
> -H option ( set the HOME environment variable to the home directory of
> the target user (root by default)). That’s not what I want. I prefer the
> Ubuntu behavior which is that sudo keeps the HOME environment variable
> set to the original user’s home directory.
>
> How would I change this? There must be an alias defined for sudo that
> sets it to “sudo -H”. Where would this be defined? Thanks.

If it were an alias, the output of the command “alias” would tell you the
answer you seek. I think instead that the sudoers file is different. How, I
can not say, I do not have an Ubuntu install to see it. I would vote for
these lines:

Defaults always_set_home
Defaults env_reset


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

su without parameters uses a sub mix of the users and roots environment. With the dash you get a pure root environment. Look at alias output after each and see the difference. Note for somethings you do need the dash because not all of roots paths are used.

Thanks for the helpful replies. I have not found a solution yet.

Just to be clear, what I want is this:

  • “su -” to work exactly like it does by default in OpenSuse.
  • a version of the command that preserves the non-root user’s HOME env var and that combines the root and user’s PATH env vars. This is very similar to the behavior of “sudo -s” in Ubuntu (but not in OpenSuse). It is also similar to “su” except for the HOME env var.

I haven’t figured out how to implement what I want yet. it appears that the options such as “env_reset” will change the behavior across the board, and that’s not really what I want. I want to leave everything “as is” except for the addition of one version of the command that does precisely what I want. Unfortunately, I don’t see an option that accomplishes that (but I know it can be done because Ubuntu does it somehow). So… still looking.

“sudo su” will always start the shell listed in the user’s /etc/passwd, whereas sudo -s will check the SHELL environmental variable first, and only execute the shell in /etc/passwd if SHELL is unset.

You didn’t enter the appropriate command. But may I politely suggest that if you have questions about that, it should go in a separate thread? (Or we can discuss it privately.) Here I would like to stay focused on finding a way to solve my issue as stated in the post above. Thanks.

Sudo and su are not the same and sudo in OpenSUSE doesn not act the same as sudo In Ubuntu. You can change the way sudo works in Yast if you really need this.

Yeah, I know they aren’t the same. But I’m just starting to realize how different things are in OpenSuse! Now that I realize most of what I knew (as little as it was) about sudo and su doesn’t apply here, I’m starting to feel a bit confused… maybe it wasn’t such a good idea to try to switch to OpenSuse in the middle of a project! I’m going to have my work cut out for me. Definitely cannot be spending hours trying to figure out every little thing such as this. I need to find quick answers because I’ve got hundreds of issues that need to be solved quickly if I’m going to make this switch successfully and not have to retreat.

On 01/17/2012 05:06 AM, gogalthorp wrote:
> sudo in OpenSUSE doesn not act the same
> as sudo In Ubuntu

which is, i guess (having never run ubuntu), why the “sudo su” combo
seems so alien to me…it is like saying:

[execute the following without switching user] [switch user]


DD
openSUSE®, the “German Engineered Automobiles” of operating systems!

On 01/17/2012 05:16 AM, MountainX wrote:
> maybe it wasn’t such a good idea to try to
> switch to OpenSuse in the middle of a project!

as ‘they’ say: If it ain’t broke don’t fix it.

> I need to find quick answers because
> I’ve got hundreds of issues that need to be solved quickly if I’m going
> to make this switch successfully and not have to retreat.

use what works!

a long time ago a gray haired old man told me:

“Consider each Linux distro to be a different operating system.”

and, his advice remains pretty good…yes, we all know that “Linux is
Linux” but when one starts poking around in the guts it soon becomes
obvious that Debian is not SUSE is not Red Hat is not . . .

which is a very GOOD thing.


DD http://tinyurl.com/DD-Caveat
openSUSE®, the “German Engineered Automobiles” of operating systems!

On 2012-01-17 09:09, DenverD wrote:
> a long time ago a gray haired old man told me:
>
> “Consider each Linux distro to be a different operating system.”

Indeed. All are Linux, but there are many obvious differences, and worse,
subtle differences.

Fir example, useradd/adduser.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)