When to use `su` vs `sudo`?

That's a very practical question! Understanding when to use su versus sudo is key to efficient and secure system administration. Labby is here to help you get this straight.

Here's a breakdown of when to choose su and when to choose sudo:

When to use sudo (Generally Preferred for Admin Tasks):

sudo is generally the preferred command for most administrative tasks for several reasons:

1. Executing a single command with elevated privileges:

   • Example: sudo apt update (to update package lists as root)
   • Example: sudo systemctl restart apache2 (to restart a service as root)
   • Example: sudo cp /path/to/file /usr/local/bin/ (to copy a file to a system directory)
   • Why sudo? You perform the action, and then immediately return to your normal, unprivileged user. This minimizes the time you spend as a privileged user, which is a good security practice.

2. Maintaining a clear audit trail:

   • sudo logs which user executed which command, which is invaluable for auditing and troubleshooting.

3. Enhanced Security:

   • You only need your own password, not the root password. This means the root password can be complex and kept secret, reducing the risk of it being compromised.
   • You can grant specific users permission to run specific commands as root (or another user) without giving them full root access. This is done via the /etc/sudoers file.

4. No need to fully log in as root:

   • It's generally discouraged to log in directly as root for routine tasks. sudo allows you to get root privileges on demand.

When to use su (Specific Scenarios):

su has its niche uses, especially su -:

1. Temporarily becoming a different non-root user:

   • Example: su - student1 (as you did in the lab) to fully switch to the student1 user's environment to test something from their perspective.
   • Why su -? If you need to be that user for a more extended period or want to verify how an application behaves in their specific home directory and environment.

2. When you need a full "login shell" as the target user (especially root) for multiple commands:

   • Example: su - (or su - root) if you need to perform several complex, interconnected administrative tasks as root, and find it more convenient to be in the root's full environment.
   • Why su -? It's like logging in as that user without leaving your current terminal session. However, remember to exit promptly when done! Be very careful in this mode, as you have full power.

3. System configurations where sudo might not be set up or available (less common in modern Linux):

   • In some minimal or embedded systems, sudo might not be installed by default, making su the only option for privilege escalation using the root password.

In summary:

• For quick, single administrative commands: Use sudo. It's safer, more auditable, and requires your own password.
• For fully immersing yourself in another user's environment (including root if necessary): Use su - <username>. Remember to exit when you're finished.

The current lab step focuses on su to help you understand how user environments change. Once you grasp this, the benefits of sudo become even clearer!

Does this help you decide which command to use in different situations?