"su -" instead of "su" ?

[saturnian]

I've been running Fedora since Fedora 14, but I still don't quite understand why Fedora documentation recommends using su - instead of su. I don't recall ever using su - in any distro other than Fedora. Anyone know the reasoning behind this? I've looked over man su in Fedora, and ran info coreutils 'su invocation' and took a look at that. I also found an old FAQ page, http://www.fedorafaq.org/basics/, where it says:

 

Note that the "-" is very important -- it sets things so that you have easy access to all the commands on the computer.

 

That makes sense, but... still, I haven't needed to use su - in Debian and other distros.

 

I also took a look at this, in Fedora 18:

 

steve[~]$ su
Password:
[root@localhost steve]# echo $PATH
/usr/lib/qt-3.3/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/home/steve/.local/bin:/home/steve/bin
[root@localhost steve]# exit
exit
steve[~]$ su -
Password:
[root@localhost ~]# echo $PATH
/usr/lib/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
[root@localhost ~]#

 

The differences seen there probably explain things to someone who understands this stuff better than I do. I know that when I run the same commands in Bridge Linux, the PATH variable is exactly the same both times. Same thing when I run the same commands in Debian Wheezy. But in Fedora, you get a different PATH with su - than with su.

[V.T. Eric Layton]

The only time I've ever seen the "su" command used with a hyphen was when root (an admin, usually) was attempting to run as a regular user.

 

vtel57@ericsbane05~:$ su
Password: *********

root@ericsbane05/home/vtel57:# su - vtel57

vtel57@ericsbane05~:$ [CTRL + D]

root@ericsbane05/home/vtel57:#

 

However, you can achieve the same without the hyphen, so I don't really know what the difference is. Maybe some old throwback to UNIX days of yore?

 

More about the su command --> http://en.wikipedia.org/wiki/Su_(Unix)

[securitybreach]

Thus, it is advisable that administrative users, as well as any other users that are authorized to use su (of which there should be very few, if any), acquire the habit of always following the su command with a space and then a hyphen. The hyphen has two effects: (1) it switches the current directory to the home directory of the new user (e.g., to /root in the case of the root user) and (2) it changes the environmental variables to those of the new user. That is, if the first argument to su is a hyphen, the current directory and environment will be changed to what would be expected if the new user had actually logged on to a new session (rather than just taking over an existing session).

 

Thus, administrators should generally use su as follows:

su -

 

An identical result is produced by adding the username root, i.e.,

su - root

 

Likewise, the same can be done for any other user, e.g., for a user named bob:

su - bob

 

http://www.linfo.org/su.html

[crp]

I use the hyphen almost all the time. Here is an example which shows the difference

[root@rh5 ~]# pwd
/root
[root@rh5 ~]# su userMEI
[userMEI@rh5 root]$ pwd
/root
[userMEI@rh5 root]$ exit
exit
[root@rh5 ~]# su - userMEI
[userMEI@rh5 ~]$ pwd
/home/userMEI

it does not just change the directory to the home of the target but also other things under the hood.

[amenditman]

The

su -

command argument gives you a user environment with system defaults, just like a root log in. Without the "-" you get an environment with settings exported from the creating shell, which can be very different depending upon how the system is configured for users vs. root.

[saturnian]

Thanks for the replies, folks! Good stuff! I followed all of the links and played around with things yesterday, and also spent some time talking with another Linux user and discussing the comments that were posted here.

[saturnian]

I use the hyphen almost all the time.

 

Hm. Although I'm currently using su - only in Fedora, it seems that using it in other distros might be a good idea.

 

 

http://www.linfo.org/su.html

 

This is a very nice article.

 

I have a question about the -c option, though. The article says that su -c [command] "is executed as the new user" but I wonder if that means that it has the same two effects as su -. As the article puts it (discussing su followed by a space and a hyphen):

 

(1) it switches the current directory to the home directory of the new user (e.g., to /root in the case of the root user) and (2) it changes the environmental variables to those of the new user.

 

The "is executed as the new user" part seems to imply that perhaps the current directory becomes the directory of the new user and the environmental variables are changed to those of the new user (when su -c [command] is used) (until after the command is executed or any program that it has launched has been closed), but I'm not sure if this is so.