su and your terminal / console sessions: logout root
Posted: Mar 25, 07, 14:00 techAdmin
Status: Site Admin
Joined: 26 Sep 2003
Location: East Coast, West Coast? I know it's one of them.
I found a good article on root, su, terminals, and consoles. Finally this stuff starts to click in place, though I'm slow.
:: Quote ::When su is used while in console mode (i.e., with a text-only screen display), the original user's session cannot, of course, be used on the same machine (because the su session occupies the entire screen). However, when su is used in a terminal window (i.e., a text-only window in a GUI), only that terminal window and programs that are started from it are run with the new user's account (e.g., root), and all other programs, including any other terminal windows, can continue to be run by the original user.
I've had that backwards for years.
This su stuff came up because a user wanted to use sudo instead of su, because he always forgets to log out of root session.
The solution to that turned out to be very simple:
:: Quote ::The "root" account is the most privileged account on a Unix system. When the administrator forgot to logout from the system root prompt before leaving the system then the system should automatically logout from the shell. To do that, you must set the special variable of Linux named "TMOUT" to the time in seconds.
Edit your profile file "vi /etc/profile" and add the following line somewhere after the line that read
The value we enter for the variable "TMOUT=" is in second and represent 1 hours (60 * 60 =
3600 seconds). If you put this line in your "/etc/profile" file, then the automatic logout after one hour of inactivity will apply for all users on the system. You can set this variable in user's individual ".bashrc " file to automatically logout them after a certain time.
After this parameter has been set on your system, you must logout and login again (as root) for the change to take effect.
Alternately, you can simply use this method, listed in the first article:
:: Quote ::Among the most commonly used of su's few options is -c, which tells su to execute the command that directly follows it on the same line. Such command is executed as the new user, and then the terminal window or console from which su was run immediately returns to the account of the former user after the command has completed execution or after any program that it has launched has been closed.
so, if you want to say edit /etc/fstab with nano, you'd type this in:
:: Code ::su -c "nano /etc/fstab"
But that's kind of a pain, I'd rather just use su directly, with a timeout. The above works just like sudo, with some extra characters to type in. Personally, I prefer to do my root tasks, then end the session when I'm done.
So to do that, in my /root/ directory, if there isn't one, I make it, .bashrc, and if there is one already, I just add this line to /root/.bashrc (note the . in front of bashrc, that's required):
:: Code ::TMOUT=180
The number is the number of seconds you want root to remain logged in if no root owned process is running, or inactivity.
This works really well, and avoids leaving those logged in roots I tend to forget all about.
Also useful is to color your root prompt red, with this code in /root/.bashrc
:: Code ::export PS1="\[\033[1;31m\]\u@\h:[\w] #\[\033[0m\]"
Or any other color you want, of course.
Back to top
All times are GMT - 8 Hours