11-30-2011
Each process has a real user id and an effective user id.
sudo has the same effect as su username
This DOES NOT "login", you have to run the .profile manually, for example.
This simply changes the effective user id
su - username
This DOES "login"
This changes the real user id.
Is that what you mean?
10 More Discussions You Might Find Interesting
1. Solaris
I'm setting up a Solaris 10 box to run Lawson application, which needs users to have Unix acounts, but the users will not be using interactive shell. To make it more secure, I'd rather not give them a valid shell. I know there's a trick by putting /noshell in the /etc/passwd file, but the problem... (2 Replies)
Discussion started by: GKnight
2 Replies
2. AIX
is the nologin shell available in AIX 5.2? I am familiar with the nologin shell in linux and restricting shell access but still allowing ftp etc. Can this be done in AIX? I have not been able to locate any documentation. Thanks in advance (5 Replies)
Discussion started by: zuessh
5 Replies
3. Shell Programming and Scripting
Hi all,
I am trying to eject the cdrom from a livecd after certain stage...
Now assuming that it is possible to eject,please consider my issue!!!
The OS boots into a regular user by default...so i am unable to use the eject command to push out the drive...
However if i try pfexec eject it... (3 Replies)
Discussion started by: wrapster
3 Replies
4. UNIX for Dummies Questions & Answers
Thanks
AVKlinux (3 Replies)
Discussion started by: avklinux
3 Replies
5. Shell Programming and Scripting
Hi All
I have written one shell script for GPRS route add is given below named GPRSRouteSet.sh
URL="www.google.com"
VBURL="10.5.2.211"
echo "Setting route for $URL for GPRS"
URL_Address=`nslookup $URL|grep Address:|grep -v "#"|awk -F " " '{print $2}'|head -1`
echo "Executing ... (3 Replies)
Discussion started by: mnmonu
3 Replies
6. UNIX for Advanced & Expert Users
Besides doing some shell-script which loops through /etc/passwd, I was wondering if there was some command that would tell me, like an enhanced version of getent.
The Operating system is Solaris 10 (recent-ish revision) using Sun DS for LDAP. (5 Replies)
Discussion started by: ckmehta
5 Replies
7. Shell Programming and Scripting
Hi I need help..........
I have an Sun One Directory server LDIF file with 5000 user entries, I need to change the data to match Test ID's, so I can run a perf test.
I'm way out of my league as I have not done any scripting for 10 years.
There are four entries for each user in the file... (3 Replies)
Discussion started by: Macdaddy99
3 Replies
8. UNIX for Dummies Questions & Answers
Is it possible to SSH with an account that has its shell set to /sbin/nologin?
The reason I ask is because I am running an instance of nagios where I need to use SSH keys to run a check, but I am getting connect errors in Nagios. Also, what is the risk I run into if I just simply change my... (2 Replies)
Discussion started by: streetfighter2
2 Replies
9. Solaris
Trying to figure out the best method of security for oracle user accounts. In Solaris 10 they are set as regular users but have nologin set forcing the dev's to login as themselves and then su to the oracle users.
In Solaris11 we have the option of making it a role because RBAC is enabled but... (1 Reply)
Discussion started by: os2mac
1 Replies
10. Shell Programming and Scripting
Hi
Part of our security audit we found that following system account's had shells configured;
sync
halt
shutdown
I believe this can be achieved by following commands:
chsh -s /sbin/nologin (user)
usermod -s /sbin/nologin (user)
However, I would like simple script to... (5 Replies)
Discussion started by: Gamma
5 Replies
ID(1) BSD General Commands Manual ID(1)
NAME
id -- return user identity
SYNOPSIS
id [user]
id -G [-n] [user]
id -g [-nr] [user]
id -p [user]
id -u [-nr] [user]
DESCRIPTION
The id utility displays the user and group names and numeric IDs, of the calling process, to the standard output. If the real and effective
IDs are different, both are displayed, otherwise only the real ID is displayed.
If a user (login name or user ID) is specified, the user and group IDs of that user are displayed. In this case, the real and effective IDs
are assumed to be the same.
The options are as follows:
-G Display the different group IDs (effective, real and supplementary) as white-space separated numbers, in no particular order.
-g Display the effective group ID as a number.
-n Display the name of the user or group ID for the -G, -g and -u options instead of the number. If any of the ID numbers cannot be
mapped into names, the number will be displayed as usual.
-p Make the output human-readable. If the user name returned by getlogin(2) is different from the login name referenced by the user ID,
the name returned by getlogin(2) is displayed, preceded by the keyword ``login''. The user ID as a name is displayed, preceded by
the keyword ``uid''. If the effective user ID is different from the real user ID, the real user ID is displayed as a name, preceded
by the keyword ``euid''. If the effective group ID is different from the real group ID, the real group ID is displayed as a name,
preceded by the keyword ``rgid''. The list of groups to which the user belongs is then displayed as names, preceded by the keyword
``groups''. Each display is on a separate line.
-r Display the real ID for the -g and -u options instead of the effective ID.
-u Display the effective user ID as a number.
The id utility exits 0 on success, and >0 if an error occurs.
SEE ALSO
who(1)
STANDARDS
The id function is expected to conform to IEEE Std 1003.2 (``POSIX.2'').
HISTORY
The historic groups(1) command is equivalent to ``id -Gn [user]''.
The historic whoami(1) command is equivalent to ``id -un''.
The id command first appeared in 4.4BSD.
BSD
May 5, 1994 BSD