Systemd Introduces Its Own "su" Like Command

Written by Michael Larabel in systemd on 29 August 2015 at 11:27 AM EDT. 65 Comments
The latest addition to systemd is offering its own command to provide su-like behavior on Linux systems. The machinectl shell command is meant to replace su for running privileged sessions.

If you've spent anytime using Linux systems, chances are you've encountered su to substitute a user's session, most often to become the super user. However, Lennart Poettering has been arguing that su isn't good. On a recent report, the systemd lead developer explained:
Well, there have been long discussions about this, but the problem is that what "su" is supposed to do is very unclear. On one hand it's supposed to open a new session and change a number of execution context parameters (uid, gid, env, ...), and on the other it's supposed to inherit a lot concepts from the originating session (tty, cgroup, audit, ...). Since this is so weakly defined it's a really weird mix&match of old and new paramters. To keep this somewhat managable we decided to only switch the absolute minimum over, and that excludes XDG_RUNTIME_DIR, specifically because XDG_RUNTIME_DIR is actually bound to the session/audit runtime and those we do not transition. Instead we simply unset it.

Long story short: "su" is really a broken concept. It will given you kind of a shell, and it's fine to use it for that, but it's not a full login, and shouldn't be mistaken for one.

This has come up many times, but nothing really changed, hence closing this now. I understand this is confusing and unexpected, but well, that's UNIX...

So as of this week he's now introduced a "machinectl shell" command for su(1)-like behaviour. Using machinectl shell can now create su-like privileged sessions that are fully isolated from the original session. Machinectl's shell sub-command also accepts --uid= for specifying the user ID to open for the interactive shell switch, with the default being root. There's also a --setenv= optional parameter for setting any needed environment variables of the new session.

This new machinectl shell feature is just one of many new (and sometimes controversial) features added to systemd in the past year as it re-architects key portions of the Linux stack. Later this year is also the first systemd conference taking place in Berlin, Germany.
Related News
About The Author
Author picture

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week