Skip to Main Content
Linux Security Cookbook
book

Linux Security Cookbook

by Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
June 2003
Intermediate to advanced content levelIntermediate to advanced
336 pages
8h 54m
English
O'Reilly Media, Inc.
Content preview from Linux Security Cookbook

5.1. Running a root Login Shell

Problem

While logged in as a normal user, you need to run programs with root privileges as if root had logged in.

Solution

$ su -

Discussion

This recipe might seem trivial, but some Linux users don’t realize that su alone does not create a full root environment. Rather, it runs a root shell but leaves the original user’s environment largely intact. Important environment variables such as USER, MAIL, and PWD can remain unchanged.

su - (or equivalently, su -l or su —login) runs a login shell, clearing the original user’s environment and running all the startup scripts in ~root that would be run on login (e.g., .bash_profile).

Look what changes in your environment when you run su:

$ env > /tmp/env.user
$ su
# env > /tmp/env.rootshell
# diff  /tmp/env.user /tmp/env.rootshell
# exit

Now compare the environment of a root shell and a root login shell:

$ su -
# env > /tmp/env.rootlogin
# diff /tmp/env.rootshell /tmp/env.rootlogin
# exit

Or do a quick three-way diff:

$ diff3 /tmp/env.user /tmp/env.rootshell /tmp/env.rootlogin

See Also

su(1), env(1), environ(5). Your shell’s manpage explains environment variables.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux Administration Cookbook

Linux Administration Cookbook

Adam K. Dean

Publisher Resources

ISBN: 0596003919Errata Page