version 1.7, 1998/09/27 16:57:54 |
version 1.8, 1999/06/05 01:21:41 |
|
|
.Op Fl Kflm |
.Op Fl Kflm |
.Op Ar login Op Ar "shell arguments" |
.Op Ar login Op Ar "shell arguments" |
.Sh DESCRIPTION |
.Sh DESCRIPTION |
.Nm su |
.Nm |
requests the Kerberos password for |
requests the Kerberos password for |
.Ar login |
.Ar login |
(or for |
(or for |
|
|
.Ar "shell arguments" |
.Ar "shell arguments" |
after the login name |
after the login name |
are passed to the shell. |
are passed to the shell. |
.Nm su |
.Nm |
will resort to the local password file to find the password for |
will resort to the local password file to find the password for |
.Ar login |
.Ar login |
if there is a Kerberos error or if Kerberos is not installed. |
if there is a Kerberos error or if Kerberos is not installed. |
If |
If |
.Nm su |
.Nm |
is executed by root, no password is requested and a shell |
is executed by root, no password is requested and a shell |
with the appropriate user ID is executed; no additional Kerberos tickets |
with the appropriate user ID is executed; no additional Kerberos tickets |
are obtained. |
are obtained. |
|
|
.Ev TERM |
.Ev TERM |
is imported from your current environment. |
is imported from your current environment. |
The invoked shell is the target login's, and |
The invoked shell is the target login's, and |
.Nm su |
.Nm |
will change directory to the target login's home directory. |
will change directory to the target login's home directory. |
.It Fl m |
.It Fl m |
Leave the environment unmodified. |
Leave the environment unmodified. |
|
|
.Xr getusershell 3 ) |
.Xr getusershell 3 ) |
and the caller's real UID is |
and the caller's real UID is |
non-zero, |
non-zero, |
.Nm su |
.Nm |
will fail. |
will fail. |
.El |
.El |
.Pp |
.Pp |
|
|
.Fl m |
.Fl m |
options are mutually exclusive; the last one specified |
options are mutually exclusive; the last one specified |
overrides any previous ones. |
overrides any previous ones. |
.Pp |
.Pp |
If the optional |
If the optional |
.Ar "shell arguments" |
.Ar "shell arguments" |
are provided on the command line, they are passed to the login shell of |
are provided on the command line, they are passed to the login shell of |
the target login. This allows it to pass arbitrary commands via |
the target login. This allows it to pass arbitrary commands via |
the |
the |
.Fl c |
.Fl c |
option as understood by most shells. Note that |
option as understood by most shells. Note that |
.Fl c |
.Fl c |
usually expects a single argument only; you have to quote it when |
usually expects a single argument only; you have to quote it when |
passing multiple words. |
passing multiple words. |
.Pp |
.Pp |
If group 0 (normally |
If group 0 (normally |
.Dq wheel ) |
.Dq wheel ) |
has users listed then only those users can |
has users listed then only those users can |
.Nm su |
.Nm |
to |
to |
.Dq root . |
.Dq root . |
It is not sufficient to change a user's |
It is not sufficient to change a user's |
|
|
If no one is in the |
If no one is in the |
.Dq wheel |
.Dq wheel |
group, it is ignored, and anyone who knows the root password is permitted to |
group, it is ignored, and anyone who knows the root password is permitted to |
.Nm su |
.Nm |
to |
to |
.Dq root . |
.Dq root . |
.Pp |
.Pp |
|
|
prompt is set to |
prompt is set to |
.Dq Sy \&# |
.Dq Sy \&# |
to remind one of its awesome power. |
to remind one of its awesome power. |
.Sh EXAMPLES |
.Sh EXAMPLES |
.Bl -tag -width 5n -compact |
.Bl -tag -width 5n -compact |
.It Li "su bin -c makewhatis" |
.It Li "su bin -c makewhatis" |
Runs the command |
Runs the command |
.Li makewhatis |
.Li makewhatis |
as user |
as user |
.Li bin . |
.Li bin . |
You will be asked for bin's password unless your real UID is 0. |
You will be asked for bin's password unless your real UID is 0. |
.Pp |
.Pp |
.It Li "su bin -c 'makewhatis /usr/local/man'" |
.It Li "su bin -c 'makewhatis /usr/local/man'" |
Same as above, but the target command consists of more than a |
Same as above, but the target command consists of more than a |
single word. |
single word. |
.Pp |
.Pp |
.It Li "su -l foo" |
.It Li "su -l foo" |
Pretend a login for user |
Pretend a login for user |
.Li foo . |
.Li foo . |
.El |
.El |
.Sh SEE ALSO |
.Sh SEE ALSO |
.Xr csh 1 , |
.Xr csh 1 , |
.Xr kerberos 1 , |
.Xr kerberos 1 , |
|
|
user ID. |
user ID. |
.It Ev LOGNAME |
.It Ev LOGNAME |
The user ID is always the effective ID (the target user ID) after an |
The user ID is always the effective ID (the target user ID) after an |
.Nm su |
.Nm |
unless the user ID is 0 (root). |
unless the user ID is 0 (root). |
.It Ev USER |
.It Ev USER |
Same as |
Same as |