19

What is the difference between commands sudo -i and sudo su -?

Are they the same?

MadHatter
  • 78,442
  • 20
  • 178
  • 229
Howard
  • 2,005
  • 11
  • 47
  • 70

2 Answers2

32

They may provide functionally close to the same thing, but it seems 'sudo -i' is lighter weight and keeps some handy back references in your environment.

You can see the extra processes by looking at 'ps auxf' (f gives you a forest view)

sudo -i yields this process tree

jkrauska  4480  0.0  0.0  76828  1656 ?        S    23:38   0:00  |   \_ sshd: jkrauska@pts/0
jkrauska  4482  0.0  0.0  21008  3816 pts/0    Ss   23:38   0:00  |       \_ -bash
root      4675  0.6  0.0  19512  2260 pts/0    S+   23:42   0:00  |           \_ -bash

sudo su - yields this process tree

jkrauska  4480  0.0  0.0  76828  1656 ?        S    23:38   0:00  |   \_ sshd: jkrauska@pts/0
jkrauska  4482  0.0  0.0  21008  3816 pts/0    Ss   23:38   0:00  |       \_ -bash
root      4687  0.5  0.0  43256  1488 pts/0    S    23:42   0:00  |           \_ su -
root      4688  0.5  0.0  19508  2252 pts/0    S+   23:42   0:00  |               \_ -su

Note that they are starting from the same bash process pid, 4482, but that su - seems to spawn another step.)

Your first 'sudo' is already elevating your access level to root. Running su without specifying a username inside sudo changes the current user to root twice.

Another way to investigate this is by running both commands with strace -f.

strace -f -o sudoi sudo -i

vs

strace -f -o sudosu sudo su -

If you diff those two straces, you'll see more exeve's being run for sudo su -.

One more thing.

sudo -i maintains the extra environment variables set by SUDO.

SUDO_USER=jkrauska
SUDO_UID=1000
SUDO_COMMAND=/bin/bash
SUDO_GID=1000

sudo su - clobbers those variables.

Joel K
  • 5,765
  • 2
  • 29
  • 34
  • Thanks, I voted you as the correct answer. One more question, so is `sudo su -` pointless? – Howard Jun 04 '12 at 08:07
  • If you wanted to clobber the SUDO back references it could be useful. So not pointless in that case. – Joel K Jun 04 '12 at 18:37
  • There are also big differences in argument handling, environment variable handling, and in security when becoming a non-root user. See what I added here: http://serverfault.com/q/601140/102814 – Craig Ringer Jun 02 '14 at 08:27
1

Shot answer: No, they are not the same.

Long answer: sudo and su - are different programs that accomplish the same task, that is elevating you to root privileges.

su used to be the de facto way of becoming root on Linux systems. However there was always the need to separate privileges and leave some auditing info behind. Also when you do su - everything you do is done as root and is dangerous to have that much power. Here is where sudo came to the rescue.

sudo has some characteristics that su does not. The key element in sudo is it's ability to to run "one" command as root and then drop privileges to normal user. Example: Remove a file owned by root.

sudo rm /root/someFile

This command will erase the file because sudo will elevate you to root every time you use the sudo command before another command. The next command you ran will be run like a normal user (unless you append the sudo command in the beginning). This allows you to accomplish administrative task and then drop privileges immediately helping you avoid dangerous conditions.

sudo also provides other benefits likes restricting the set of program a user can run, logs commands run under sudo and other things. For more info sudo in a nutshell

When you do su - or sudo -i you do the same thing. That is becoming root but keep in mind that su and sudo are completely different and provide you with different tools as a system admin. Personally I NEVER run su - and my pam policy prohibits it, allowing no one to run it. In my systems you always have to use sudo cause of the added benefits.

More info: Using and enabling sudo

Termiux
  • 163
  • 1
  • 1
  • 8