LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-22-2012, 10:32 AM   #1
LeonardoNaanMan
LQ Newbie
 
Registered: Mar 2012
Posts: 4

Rep: Reputation: Disabled
how show and switch users?


please tell me the command used to 'show current user'. also is there a command to 'switch user'.
thank you,
new to linux guy!
 
Old 03-22-2012, 10:37 AM   #2
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,577
Blog Entries: 14

Rep: Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969
who am i = shows which user initially logged in

su - <username> = Switch to username specified (if no username specified it assumes "su - root") You have to know the password of the user to which you are switching.

whoami = shows which user you have switched to
 
1 members found this post helpful.
Old 03-22-2012, 10:38 AM   #3
LeonardoNaanMan
LQ Newbie
 
Registered: Mar 2012
Posts: 4

Original Poster
Rep: Reputation: Disabled
in the interim, i discovered (by searching here) how to show user. still curious if possible to 'switch user). thanks
 
Old 03-22-2012, 10:49 AM   #4
LeonardoNaanMan
LQ Newbie
 
Registered: Mar 2012
Posts: 4

Original Poster
Rep: Reputation: Disabled
thank you MensaWater: in addition to answering the question, your reply cleared up a misconception of mine. I was exposed to su at work, where it is referred to as SuperUser. it is used with no entry as <username>. I see now that it is not superuser, but is a switch to user=root, hence the 'super'. (we also use sudo, which is referred to as 'SuperUser Do Once'.
is there validity to the 'do once' component of the acronym?
thanks again for being kind to the new kids!
 
Old 03-22-2012, 11:14 AM   #5
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,577
Blog Entries: 14

Rep: Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969
su = switch user

The root user is known as the "super user" which has nothing to do with the "su" command (except that you can become root by using that command). You can become the "super user", root, by logging in directly as root.

sudo = superuser do (not superuser do once). It allows a permitted user to execute a command as the superuser or another user, as specified in the sudoers file. When you run "sudo <command>" you are saying to run the command as the root user. So if you run "sudo su -" you are saying to use root's permissions to switch from your current user to root. The benefit to using sudo is that when you are prompted for a password it is YOUR user password and NOT the root password so you do not have to give out the root password to users. It also does logging of who executed commands so can be a good audit trail for things.

Note that although it does the command as the superuser (root) it does not mean that the result is necessarily a root level access. For example if you did "sudo su - billybob" you'd end up switched to user billybob. Root would have done the switch but you would not have ever have gotten a root shell. We use this functionality here for application admin accounts where multiple users (e.g. DBAs) need to use a common admin account (e.g. mysql). We give each DBA a login then setup sudo to allow them to "sudo su - mysql". In this way we can see which DBA became mysql at which point in case there is a question later.

sudo isn't restricted to su though. You can give other commands as well. (e.g. sudo mount /cdrom would allow the user to mount filesystem /cdrom [which would have to be described in /etc/fstab for this simple syntax].)

When granting sudo access some key security considerations:
1) Do NOT give user's access to commands that can open a shell such as vi/vim. Since "sudo vim" would put the user in a vim session running as root they'd only have to type ":!/bin/bash" to get a shell and that shell would be the root shell.
2) If you wrote a script for a user to execute as sudo you must make sure that they can't break out of it at any point (because they end up with a root shell) and also need to insure the script is in a secure location that the user can't modify it because otherwise they could simply change it to do /bin/bash at start of script to get a shell prompt.

The sudoers file should only be edited with the visudo command (which for obvious reasons can only be run as root). This command will do syntax checking to verify what you're about to save isn't going to break sudo completely.

On UNIX/Linux there are man (manual) pages for most commands and other concepts. Typing:
man su
man who
man visudo
man sudo
will give you more details on each of those commands.
Also on Linux there are "info" pages that might give more information. Usually the man page will tell you if there is also an info page.

Last edited by MensaWater; 03-22-2012 at 11:16 AM.
 
1 members found this post helpful.
Old 03-22-2012, 08:31 PM   #6
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
Minor points
Code:
su bob
logs you in as bob, BUT maintains your orig env settings eg see content of $PATH
Code:
su - bob
logs you in as bob WITH his settings ie a full login

Also,
Code:
id
show who you are and your groups etc.
http://linux.die.net/man/1/id
As implied, if you are root, you can id another user thus
Code:
id bob
which gives bob's details

HTH
 
1 members found this post helpful.
Old 03-23-2012, 08:15 AM   #7
LeonardoNaanMan
LQ Newbie
 
Registered: Mar 2012
Posts: 4

Original Poster
Rep: Reputation: Disabled
thank you so much. this is all so fascinating. i've been in controls most of my life, but this is my first foray into the linux world. thanks again.
ciao,
lenny
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
show all users accounts cccc Debian 2 02-20-2011 09:09 PM
w does not show users thllgo Linux - Software 2 02-25-2008 10:18 AM
show live users er_gaurav22 Linux - General 4 01-14-2007 08:54 AM
Show users manomohan General 6 10-10-2006 01:00 PM
show last users login wisdom Programming 3 11-17-2005 03:56 AM


All times are GMT -5. The time now is 04:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration