Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

su(1) [opendarwin man page]

SU(1)							    BSD General Commands Manual 						     SU(1)

NAME

     su -- substitute user identity

SYNOPSIS

     su [-flm] [login] [-c shell arguments]

DESCRIPTION

     su requests the password for login and switches to that user and group ID after obtaining proper authentication.  A shell is then executed,
     and any additional shell arguments after the login name are passed to the shell.  If su is executed by root, no password is requested and a
     shell with the appropriate user ID is executed.

     The options are as follows:

     -c      Invoke the following command in a subshell as the specified user.

     -f      If the invoked shell is csh(1), this option prevents it from reading the ``.cshrc'' file.

     -l      Simulate a full login.  The environment is discarded except for HOME, SHELL, PATH, TERM, and USER.  HOME and SHELL are modified as
	     above.  USER is set to the target login.  PATH is set to ``/bin:/usr/bin''.  TERM is imported from your current environment.  The
	     invoked shell is the target login's, and su will change directory to the target login's home directory.  This option is identical to
	     just passing "-", as in "su -".

     -m      Leave the environment unmodified.	The invoked shell is your login shell, and no directory changes are made.  As a security precau-
	     tion, if the target user's shell is a non-standard shell (as defined by getusershell(3)) and the caller's real uid is non-zero, su
	     will fail.

     The -l and -m options are mutually exclusive; the last one specified overrides any previous ones.

     Only users in group ``wheel'' (normally gid 0) or group ``admin'' (normally gid 20) can su to ``root''.

     By default (unless the prompt is reset by a startup file) the super-user prompt is set to ``#'' to remind one of its awesome power.

SEE ALSO

     csh(1), login(1), sh(1), skey(1), kinit(1), kerberos(1), passwd(5), group(5), environ(7)

ENVIRONMENT

     Environment variables used by su :

     HOME  Default home directory of real user ID unless modified as specified above.

     PATH  Default search path of real user ID unless modified as specified above.

     TERM  Provides terminal type which may be retained for the substituted user ID.

     USER  The user ID is always the effective ID (the target user ID) after an su unless the user ID is 0 (root).

HISTORY

     A su command appeared in Version 7 AT&T UNIX.

BSD
								  April 18, 1994							       BSD

Check Out this Related Man Page

CALIFE(1)						    BSD General Commands Manual 						 CALIFE(1)

NAME

     calife -- becomes root (or another user) legally.

SYNOPSIS

     calife [-] [login]

	    or

     ... [-] [login] for some sites (check with your administrator).

DESCRIPTION

     Calife requests user's own password for becoming login (or root, if no login is provided), and switches to that user and group ID after veri-
     fying proper rights to do so.  A shell is then executed.  If calife is executed by root, no password is requested and a shell with the appro-
     priate user ID is executed.

     The invoked shell is the user's own except when a shell is specified in the configuration file calife.auth.

     If ``-'' is specified on the command line, user's profile files are read as if it was a login shell.

     This is not the traditional behavior of su.

     Only users specified in calife.auth can use calife to become another one with this method.

     You can specify in the calife.auth file the list of logins allowed for users when using calife.  See calife.auth(5) for more details.

     calife.auth is installed as /etc/calife.auth.

FILES

     /etc/calife.auth  List of users authorized to use calife and the users they can become.
     /etc/calife.out   This script is executed just after getting out of calife.

SEE ALSO

     su(1), calife.auth(5), group(5), environ(7)

ENVIRONMENT

     The original environment is kept. This is not a security problem as you have to be yourself at login (i.e. it does not have the same security
     implications as in su(1) ).

     Environment variables used by calife:

     HOME  Default home directory of real user ID.

     PATH  Default search path of real user ID unless modified as specified above.

     TERM  Provides terminal type which may be retained for the substituted user ID.

     USER  The user ID is always the effective ID (the target user ID) after an su unless the user ID is 0 (root).

BUGS

     The MD5-based crypt(3) function is slower and probably stronger than the DES-based one but it is usable only among FreeBSD 2.0+ systems.

HISTORY

     A calife command appeared in DG/UX, written for Antenne 2 in 1991. It has evolved considerably since this period with more OS support, user
     lists handling and improved logging.

     PAM support was introduced in 2005 to port it to MacOS X variants (Panther and up).

AUTHOR

     Ollivier Robert <roberto@keltia.freenix.fr>

BSD
								September 25, 1994							       BSD
Man Page