The su command in Linux: change user in terminal

Posted on by BlockmyIP | Category: Linux terminal commands

Introduction

In the Linux world, the terminal is one of the most powerful tools for managing the system. Often we need to execute actions with the privileges of another user, whether to perform maintenance tasks, test configurations, or access restricted files. The su (switch user) command allows changing user directly from the command line without closing the current session. In this article we will explore its operation, syntax, most common options, and some security recommendations for using it responsibly.

What does the su command do?

The su command starts a new shell under the identity of another user. By default, if no username is specified, su switches to the root user. Unlike sudo, which runs a single command with elevated privileges, su opens a full interactive session, allowing you to execute several successive commands under the same identity.

Basic syntax

The simplest form is:

su [nombre_de_usuario]

If nombre_de_usuario is omitted, the system assumes root. After executing the command, the password of the target user will be requested. Once authenticated, a new shell will open and the prompt will change to reflect the new user.

Most used options

  • -l o --login: starts a login shell, meaning the user’s profile files (.profile, .bashrc, etc.) are read and the environment is set as if the user had logged in normally.
  • -c command or --command command: executes only the specified command and then returns to the original shell, without maintaining an interactive session.
  • -s shell or --shell shell: indicates which shell should be used (e.g., /bin/zsh) instead of the user's default.
  • -m, -p or --preserve-environment: preserves the environment variables of the current user instead of loading the target user’s environment.
  • --help and --version: display the help and version of the command.

Practical examples

    • Switch to root and obtain a login shell:
su -l
    • Switch to user juan and execute a single command:
su -c "ls -la /home/juan" juan
    • Start a shell as juan preserving the current environment:
su -p juan
    • Specify a different shell:
su -s /bin/zsh juan

Differences between su and sudo

Although both allow performing actions with another user’s privileges, their behavior is distinct:

  • su completely changes user and opens a new shell, requiring the target user’s password.
  • sudo runs a single command with another user’s privileges (usually root) using the current user’s password, provided they are authorized in the /etc/sudoers file.
  • In environments seeking to minimize exposure of the root password, sudo is often preferable because it does not require knowing the root key.
  • When a prolonged session under another user is needed (e.g., to test several scripts), su is more convenient.

Security best practices

  • Use su -l whenever you need a clean and complete environment; this prevents unexpected environment variables from influencing the session.
  • Avoid leaving su sessions

    This post is also available in ESPAÑOL.

Leave a Reply

Your email address will not be published. Required fields are marked *

Esta obra está bajo una Licencia Creative Commons Atribución 4.0 Internacional para Francesc Roig francesc@vivaldi.net .