When you have a server of some sort you can access it through, e.g., ssh user1@ip
and you can also do ssh root@ip
to go to your root user with su priveleges and then go to su user1
. In my thinking both those ways should lead me to the same user environment(in this case, "user1"), but in my actual experience it does not, cause in ssh user1@ip
there's things installed that in su user1
there isn't.
Why is that?
Best Answer
SSH starts a login shell.
su
, by default does not.In particular, this means that the
~/.profile
(or similar file) for that user is not sourced. So changes made in~/.profile
won't take effect. It might also be the case that:~/.profile
, which might pollute the user's environment./etc/profile
and/etc/profile.d/*
may apply settings differently for different users (not by default, though)PAM configuration is different. For example,
/etc/pam.d/ssh
has:whereas
/etc/pam.d/su
has:This means SSH loads
~/.pam_environment
, butsu
doesn't. This is a big one, since~/.pam_environment
is the shell-independent place for environment variables, and it is applied if you login from the GUI, the TTY or SSH.To start a login shell, run either of:
Example:
Even with SSH, if you run a command instead of starting a shell, a login shell won't be run (note the absence of
~/bin
in the SSH test, which is present insu -
andsudo -i
). To get the true result, I will run my shell as a login shell:This is also why
sudo su
andsudo -s
are crappy ways of getting a root shell. Both these ways are polluted by the environment.Related: