Systemd Introduces Its Own "su" Like Command

Written by Michael Larabel in systemd on 29 August 2015 at 11:27 AM EDT. 65 Comments
SYSTEMD
The latest addition to systemd is offering its own command to provide su-like behavior on Linux systems. The machinectl shell command is meant to replace su for running privileged sessions.

If you've spent anytime using Linux systems, chances are you've encountered su to substitute a user's session, most often to become the super user. However, Lennart Poettering has been arguing that su isn't good. On a recent report, the systemd lead developer explained:
Well, there have been long discussions about this, but the problem is that what "su" is supposed to do is very unclear. On one hand it's supposed to open a new session and change a number of execution context parameters (uid, gid, env, ...), and on the other it's supposed to inherit a lot concepts from the originating session (tty, cgroup, audit, ...). Since this is so weakly defined it's a really weird mix&match of old and new paramters. To keep this somewhat managable we decided to only switch the absolute minimum over, and that excludes XDG_RUNTIME_DIR, specifically because XDG_RUNTIME_DIR is actually bound to the session/audit runtime and those we do not transition. Instead we simply unset it.

Long story short: "su" is really a broken concept. It will given you kind of a shell, and it's fine to use it for that, but it's not a full login, and shouldn't be mistaken for one.

This has come up many times, but nothing really changed, hence closing this now. I understand this is confusing and unexpected, but well, that's UNIX...

So as of this week he's now introduced a "machinectl shell" command for su(1)-like behaviour. Using machinectl shell can now create su-like privileged sessions that are fully isolated from the original session. Machinectl's shell sub-command also accepts --uid= for specifying the user ID to open for the interactive shell switch, with the default being root. There's also a --setenv= optional parameter for setting any needed environment variables of the new session.

This new machinectl shell feature is just one of many new (and sometimes controversial) features added to systemd in the past year as it re-architects key portions of the Linux stack. Later this year is also the first systemd conference taking place in Berlin, Germany.
65 Comments
Related News
systemd In 2023 Added Windows-Inspired "Blue Screen Of Death" & macOS-Inspired T.D.M.
systemd 255 Released With A "Blue Screen of Death" For Linux Systems
systemd 255-rc1 Brings "Blue Screen of Death" Support & New Tool To Spawn VMs
Systemd Working On "Storage Target Mode" Feature - Inspired By Apple macOS
systemd's All Systems Go Conference Returns Next Week
systemd 254 With New Soft Reboots Feature, systemd-battery-check
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
Fedora Linux 40 Cleared For Release Next Week
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Ubuntu 24.04 Supports Easy Installation Of OpenZFS Root File-System With Encryption
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"