How does the “su” command work internally?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












I am tying to understand how the su command work internally.



Say that I did the following:



su someUser


The following is what I think will happen:




  • su will ask me for the password of someUser.


  • su will hash the entered password.


  • su will compare the entered password with the password in the
    /etc/shadow file, and if the two passwords are the same, then su will
    launch the default shell for someUser (which exist in
    /etc/passwd), and su will set the user IDs and group IDs of the launched shell to the user IDs and group IDs of someUser.

Note that su has the setuid bit set, so su will run with root privileges.



Am I correct?







share|improve this question






















  • Yes, but su doesn't directly access /etc/shadow, it uses pam for this. ( /etc/pam.d/su )
    – Ipor Sircer
    Dec 6 '17 at 1:08














up vote
1
down vote

favorite












I am tying to understand how the su command work internally.



Say that I did the following:



su someUser


The following is what I think will happen:




  • su will ask me for the password of someUser.


  • su will hash the entered password.


  • su will compare the entered password with the password in the
    /etc/shadow file, and if the two passwords are the same, then su will
    launch the default shell for someUser (which exist in
    /etc/passwd), and su will set the user IDs and group IDs of the launched shell to the user IDs and group IDs of someUser.

Note that su has the setuid bit set, so su will run with root privileges.



Am I correct?







share|improve this question






















  • Yes, but su doesn't directly access /etc/shadow, it uses pam for this. ( /etc/pam.d/su )
    – Ipor Sircer
    Dec 6 '17 at 1:08












up vote
1
down vote

favorite









up vote
1
down vote

favorite











I am tying to understand how the su command work internally.



Say that I did the following:



su someUser


The following is what I think will happen:




  • su will ask me for the password of someUser.


  • su will hash the entered password.


  • su will compare the entered password with the password in the
    /etc/shadow file, and if the two passwords are the same, then su will
    launch the default shell for someUser (which exist in
    /etc/passwd), and su will set the user IDs and group IDs of the launched shell to the user IDs and group IDs of someUser.

Note that su has the setuid bit set, so su will run with root privileges.



Am I correct?







share|improve this question














I am tying to understand how the su command work internally.



Say that I did the following:



su someUser


The following is what I think will happen:




  • su will ask me for the password of someUser.


  • su will hash the entered password.


  • su will compare the entered password with the password in the
    /etc/shadow file, and if the two passwords are the same, then su will
    launch the default shell for someUser (which exist in
    /etc/passwd), and su will set the user IDs and group IDs of the launched shell to the user IDs and group IDs of someUser.

Note that su has the setuid bit set, so su will run with root privileges.



Am I correct?









share|improve this question













share|improve this question




share|improve this question








edited Dec 6 '17 at 0:48









Jeff Schaller

32k848109




32k848109










asked Dec 6 '17 at 0:48









user7681202

237414




237414











  • Yes, but su doesn't directly access /etc/shadow, it uses pam for this. ( /etc/pam.d/su )
    – Ipor Sircer
    Dec 6 '17 at 1:08
















  • Yes, but su doesn't directly access /etc/shadow, it uses pam for this. ( /etc/pam.d/su )
    – Ipor Sircer
    Dec 6 '17 at 1:08















Yes, but su doesn't directly access /etc/shadow, it uses pam for this. ( /etc/pam.d/su )
– Ipor Sircer
Dec 6 '17 at 1:08




Yes, but su doesn't directly access /etc/shadow, it uses pam for this. ( /etc/pam.d/su )
– Ipor Sircer
Dec 6 '17 at 1:08










1 Answer
1






active

oldest

votes

















up vote
2
down vote













su doesn't do any password stuff in most Linux distros. Instead it delegates authn/authz to PAM and only handles the user-changing.






share|improve this answer




















  • Yup.
    – JdeBP
    Dec 6 '17 at 7:04










Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f409066%2fhow-does-the-su-command-work-internally%23new-answer', 'question_page');

);

Post as a guest






























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
2
down vote













su doesn't do any password stuff in most Linux distros. Instead it delegates authn/authz to PAM and only handles the user-changing.






share|improve this answer




















  • Yup.
    – JdeBP
    Dec 6 '17 at 7:04














up vote
2
down vote













su doesn't do any password stuff in most Linux distros. Instead it delegates authn/authz to PAM and only handles the user-changing.






share|improve this answer




















  • Yup.
    – JdeBP
    Dec 6 '17 at 7:04












up vote
2
down vote










up vote
2
down vote









su doesn't do any password stuff in most Linux distros. Instead it delegates authn/authz to PAM and only handles the user-changing.






share|improve this answer












su doesn't do any password stuff in most Linux distros. Instead it delegates authn/authz to PAM and only handles the user-changing.







share|improve this answer












share|improve this answer



share|improve this answer










answered Dec 6 '17 at 1:08









Ignacio Vazquez-Abrams

32.1k66780




32.1k66780











  • Yup.
    – JdeBP
    Dec 6 '17 at 7:04
















  • Yup.
    – JdeBP
    Dec 6 '17 at 7:04















Yup.
– JdeBP
Dec 6 '17 at 7:04




Yup.
– JdeBP
Dec 6 '17 at 7:04

















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f409066%2fhow-does-the-su-command-work-internally%23new-answer', 'question_page');

);

Post as a guest













































































Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?