这篇文章通过具体的示例来介绍Linux下su命令的常见用法。
- 准备如下用户
- 操作系统:CentOS 7
[root@liumiaocn ~]# useradd liumiao [root@liumiaocn ~]# useradd liumiaocn [root@liumiaocn ~]# passwd liumiao Changing password for user liumiao. New password: BAD PASSWORD: The password contains the user name in some form Retype new password: passwd: all authentication tokens updated successfully. [root@liumiaocn ~]# [root@liumiaocn ~]# passwd liumiaocn Changing password for user liumiaocn. New password: BAD PASSWORD: The password contains the user name in some form Retype new password: passwd: all authentication tokens updated successfully. [root@liumiaocn ~]# [root@liumiaocn ~]# cat /etc/redhat-release CentOS Linux release 7.6.1810 (Core) [root@liumiaocn ~]#用法1: 切换用户
su是switch user的缩写,自然就是完成切换用户之用,比如:
[root@liumiaocn ~]# id uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [root@liumiaocn ~]# su liumiao [liumiao@liumiaocn root]$ id uid=1000(liumiao) gid=1000(liumiao) groups=1000(liumiao) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiao@liumiaocn root]$
注意事项:
- 从root切换为其他用户,不需密码输入,否则需要输入密码
- su 用户名 和 su - 用户名方式的区别在于是否读入用户配置信息
[liumiao@liumiaocn root]$ id uid=1000(liumiao) gid=1000(liumiao) groups=1000(liumiao) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiao@liumiaocn root]$ [liumiao@liumiaocn root]$ su liumiaocn Password: [liumiaocn@liumiaocn root]$ id uid=1001(liumiaocn) gid=1001(liumiaocn) groups=1001(liumiaocn) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$用法2: 非交互式输入密码
如果希望嵌在脚本中,则往往需要使用非交互方式输入密码,可考虑使用如下方式:
[liumiaocn@liumiaocn root]$ id uid=1001(liumiaocn) gid=1001(liumiaocn) groups=1001(liumiaocn) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$ su liumiao < liumiaocn > id > ! Password: uid=1000(liumiao) gid=1000(liumiao) groups=1000(liumiao) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$ [liumiaocn@liumiaocn root]$ id uid=1001(liumiaocn) gid=1001(liumiaocn) groups=1001(liumiaocn) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$ [liumiaocn@liumiaocn root]$ id uid=1001(liumiaocn) gid=1001(liumiaocn) groups=1001(liumiaocn) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$ su - liumiao < liumiaocn > id > ! Password: Last login: Fri Aug 21 08:49:21 EDT 2020 uid=1000(liumiao) gid=1000(liumiao) groups=1000(liumiao) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$ id uid=1001(liumiaocn) gid=1001(liumiaocn) groups=1001(liumiaocn) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$用法3: 指定用户执行指定命令
[liumiaocn@liumiaocn root]$ id uid=1001(liumiaocn) gid=1001(liumiaocn) groups=1001(liumiaocn) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$ su -l liumiao -c id Password: uid=1000(liumiao) gid=1000(liumiao) groups=1000(liumiao) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$
或者
[liumiaocn@liumiaocn root]$ id uid=1001(liumiaocn) gid=1001(liumiaocn) groups=1001(liumiaocn) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$ su -c id liumiao Password: uid=1000(liumiao) gid=1000(liumiao) groups=1000(liumiao) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$用法4: su -切换为root用户
[liumiaocn@liumiaocn root]$ su - Password: Last login: Fri Aug 21 08:38:34 EDT 2020 from gateway on pts/0 Last failed login: Fri Aug 21 08:47:59 EDT 2020 on pts/0 There was 1 failed login attempt since the last successful login. [root@liumiaocn ~]#用法5: 使用当前环境变量切换用户su -p
[liumiaocn@liumiaocn root]$ id uid=1001(liumiaocn) gid=1001(liumiaocn) groups=1001(liumiaocn) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [liumiaocn@liumiaocn root]$ echo $HOME /home/liumiaocn [liumiaocn@liumiaocn root]$ su -p liumiao Password: bash: /home/liumiaocn/.bashrc: Permission denied bash-4.2$ echo $HOME /home/liumiaocn bash-4.2$ id uid=1000(liumiao) gid=1000(liumiao) groups=1000(liumiao) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 bash-4.2$
