[Leaplist] sudo vs su

John Simpson jms1 at jms1.net
Tue Jun 30 20:43:42 EDT 2009 

On 2009-06-09, at 1108, Dan Trevino wrote:
> On Mon, Jun 8, 2009 at 11:13 PM, John Simpson<jms1 at jms1.net> wrote:
>>
>> my non-root account uses tcsh, with a customized set of aliases and a
>> visually distinctive prompt (so i can tell where the commands are  
>> when
>> scrolling back up in a window.) even if root uses an un-modified  
>> bash with
>> the boring "[hostname] #" prompt, if i log into my own account and  
>> do "sudo
>> -s", it makes me root, running tcsh, using the .tcshrc from my non- 
>> root
>> user's home directory, which gives me all of my aliases and the  
>> special
>> prompt, only running as root. this is because "sudo" doesn't re- 
>> write the
>> HOME and/or SHELL variables.
>
> what is the difference between running 'sudo -s' or 'sudo -i' in  
> this case?

(yes, i'm a bit behind on personal email.)

the "-i" option tries as hard as it can to act like a login shell,  
including looking up the values of the SHELL and HOME variables from  
the /etc/passwd entry of the user you are becoming.

the "-s" option uses the existing value of the SHELL variable.

so if i'm user "jms1", running tcsh with SHELL=/bin/tcsh, and root's / 
etc/passwd line specifies /bin/sh as the login shell, then...

- "sudo -s" would run /bin/tcsh as root, without changing HOME

- "sudo -i" would run /bin/sh as root, changing HOME to root's home  
directory.

what i needed was to change HOME without changing SHELL. the closest i  
could find was to have my .tcshrc explicitly change HOME if it was  
running as root (which is what i did), or resign myself to typing  
"exec /bin/tcsh" every time i used "sudo" to become root (which i want  
to avoid.)

----------------------------------------------------------------
| John M. Simpson    ---   KG4ZOW   ---    Programmer At Large |
| http://www.jms1.net/                         <jms1 at jms1.net> |
----------------------------------------------------------------
| http://video.google.com/videoplay?docid=-1656880303867390173 |
----------------------------------------------------------------





-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
Url : http://lists.leap-cf.org/pipermail/leaplist/attachments/20090630/fe2e1cf6/PGP.bin

More information about the Leaplist mailing list