SU = Substitute User
If any user needs to log in as another user in the same Command Line Interface CLI (shell)
In some cases where a normal user wants to execute a command(that can normally be executed only by root) if the local system administrator(root) is not available, sharing the root’s password is not advisable, so sudo command can be used
Eg:su -l user-name
- The root user can log in any account without needing the password of the other users.
- A normal user only log in as any of the other users with a password.
SUDO
To execute any command with root privilege – prepend sudo in front of the command
Eg: sudo useradd testuser
but, not all the users are in sudo users by default.
To Make a SUDO user a in RHEL
Add a user to the wheel group
usermod -aG wheel testuser
Now test user can execute any command with root privilege without needing the root password
and all the commands that are executed by a sudo user will be logged in a file/var/log/secure
if the non-sudo user tries to give any command it will be sending the report as a mail(auto-generated) to root.
