Su vs Sudo: Key Differences Every Linux User Should Know
su swaps your login shell to another user (default root) and inherits their full environment; sudo runs a single command as another user while keeping your own environment and logs the action.
People mash them up because both can grant root power, but one quietly hands over the keys while the other politely asks for just one favor and then locks the door behind you.
Key Differences
su requires the target user’s password, spawns a new shell, and leaves no audit trail. sudo asks for your password, respects granular rules in /etc/sudoers, logs every command, and exits cleanly to your original session.
Which One Should You Choose?
Need a long, interactive root session? Use su -. Need quick, tracked admin tasks or want safer multi-user servers? Stick with sudo. Disable root logins and give users sudo for the sweet spot of security and convenience.
Examples and Daily Life
sudo apt update && sudo apt upgrade keeps your box patched without ever touching root’s shell. Conversely, su - followed by visudo is the classic way to edit sudo rules themselves—proof both tools still have seats at the table.
Can I combine su and sudo?
Yes; su -c 'visudo' edits sudoers if sudo itself is broken, chaining both tools when recovery is required.
Is sudo always safer?
Mostly, but mis-configured rules can still give away the kingdom; audit your sudoers and avoid NOPASSWD for all.