What is the difference between sudo -i and sudo su -

Solution 1:

They may provide functionally close to the same thing, but it seems 'sudo -i' is lighter weight and keeps some handy back references in your environment.

You can see the extra processes by looking at 'ps auxf' (f gives you a forest view)

sudo -i yields this process tree

jkrauska  4480  0.0  0.0  76828  1656 ?        S    23:38   0:00  |   \_ sshd: jkrauska@pts/0
jkrauska  4482  0.0  0.0  21008  3816 pts/0    Ss   23:38   0:00  |       \_ -bash
root      4675  0.6  0.0  19512  2260 pts/0    S+   23:42   0:00  |           \_ -bash

sudo su - yields this process tree

jkrauska  4480  0.0  0.0  76828  1656 ?        S    23:38   0:00  |   \_ sshd: jkrauska@pts/0
jkrauska  4482  0.0  0.0  21008  3816 pts/0    Ss   23:38   0:00  |       \_ -bash
root      4687  0.5  0.0  43256  1488 pts/0    S    23:42   0:00  |           \_ su -
root      4688  0.5  0.0  19508  2252 pts/0    S+   23:42   0:00  |               \_ -su

Note that they are starting from the same bash process pid, 4482, but that su - seems to spawn another step.)

Your first 'sudo' is already elevating your access level to root. Running su without specifying a username inside sudo changes the current user to root twice.

Another way to investigate this is by running both commands with strace -f.

strace -f -o sudoi sudo -i

vs

strace -f -o sudosu sudo su -

If you diff those two straces, you'll see more exeve's being run for sudo su -.

One more thing.

sudo -i maintains the extra environment variables set by SUDO.

SUDO_USER=jkrauska
SUDO_UID=1000
SUDO_COMMAND=/bin/bash
SUDO_GID=1000

sudo su - clobbers those variables.

Solution 2:

Shot answer: No, they are not the same.

Long answer: sudo and su - are different programs that accomplish the same task, that is elevating you to root privileges.

su used to be the de facto way of becoming root on Linux systems. However there was always the need to separate privileges and leave some auditing info behind. Also when you do su - everything you do is done as root and is dangerous to have that much power. Here is where sudo came to the rescue.

sudo has some characteristics that su does not. The key element in sudo is it's ability to to run "one" command as root and then drop privileges to normal user. Example: Remove a file owned by root.

sudo rm /root/someFile

This command will erase the file because sudo will elevate you to root every time you use the sudo command before another command. The next command you ran will be run like a normal user (unless you append the sudo command in the beginning). This allows you to accomplish administrative task and then drop privileges immediately helping you avoid dangerous conditions.

sudo also provides other benefits likes restricting the set of program a user can run, logs commands run under sudo and other things. For more info sudo in a nutshell

When you do su - or sudo -i you do the same thing. That is becoming root but keep in mind that su and sudo are completely different and provide you with different tools as a system admin. Personally I NEVER run su - and my pam policy prohibits it, allowing no one to run it. In my systems you always have to use sudo cause of the added benefits.

More info: Using and enabling sudo