What is the difference between commands sudo -i
and sudo su -
?
Are they the same?
They may provide functionally close to the same thing, but it seems 'sudo -i' is lighter weight and keeps some handy back references in your environment.
You can see the extra processes by looking at 'ps auxf' (f gives you a forest view)
sudo -i yields this process tree
jkrauska 4480 0.0 0.0 76828 1656 ? S 23:38 0:00 | \_ sshd: jkrauska@pts/0
jkrauska 4482 0.0 0.0 21008 3816 pts/0 Ss 23:38 0:00 | \_ -bash
root 4675 0.6 0.0 19512 2260 pts/0 S+ 23:42 0:00 | \_ -bash
sudo su - yields this process tree
jkrauska 4480 0.0 0.0 76828 1656 ? S 23:38 0:00 | \_ sshd: jkrauska@pts/0
jkrauska 4482 0.0 0.0 21008 3816 pts/0 Ss 23:38 0:00 | \_ -bash
root 4687 0.5 0.0 43256 1488 pts/0 S 23:42 0:00 | \_ su -
root 4688 0.5 0.0 19508 2252 pts/0 S+ 23:42 0:00 | \_ -su
Note that they are starting from the same bash process pid, 4482, but that su - seems to spawn another step.)
Your first 'sudo' is already elevating your access level to root. Running su without specifying a username inside sudo changes the current user to root twice.
Another way to investigate this is by running both commands with strace -f.
strace -f -o sudoi sudo -i
vs
strace -f -o sudosu sudo su -
If you diff those two straces, you'll see more exeve's being run for sudo su -.
One more thing.
sudo -i maintains the extra environment variables set by SUDO.
SUDO_USER=jkrauska
SUDO_UID=1000
SUDO_COMMAND=/bin/bash
SUDO_GID=1000
sudo su - clobbers those variables.
Shot answer: No, they are not the same.
Long answer: sudo and su - are different programs that accomplish the same task, that is elevating you to root privileges.
su used to be the de facto way of becoming root on Linux systems. However there was always the need to separate privileges and leave some auditing info behind. Also when you do su - everything you do is done as root and is dangerous to have that much power. Here is where sudo came to the rescue.
sudo has some characteristics that su does not. The key element in sudo is it's ability to to run "one" command as root and then drop privileges to normal user. Example: Remove a file owned by root.
sudo rm /root/someFile
This command will erase the file because sudo will elevate you to root every time you use the sudo command before another command. The next command you ran will be run like a normal user (unless you append the sudo command in the beginning). This allows you to accomplish administrative task and then drop privileges immediately helping you avoid dangerous conditions.
sudo also provides other benefits likes restricting the set of program a user can run, logs commands run under sudo and other things. For more info sudo in a nutshell
When you do su - or sudo -i you do the same thing. That is becoming root but keep in mind that su and sudo are completely different and provide you with different tools as a system admin. Personally I NEVER run su - and my pam policy prohibits it, allowing no one to run it. In my systems you always have to use sudo cause of the added benefits.
More info: Using and enabling sudo