su(1) su(1)NAME su - substitute user ID SYNOPSIS su [-] [name[arg ...]] DESCRIPTION su allows a user to become another user without logging off. The default user name is root (that is, superuser). To use su, the appropriate password must be supplied (unless one is already root). If the password is correct, su will execute a new shell with the real and effective user ID set to that of the specified user. The new shell will be the optional program named in the shell field of the specified user's password file entry (see passwd(4)), or /bin/sh if none is specified (see sh(1)). To restore normal user ID privileges, type an EOF (CONTROL-D) to the new shell. Any additional arguments given on the command line are passed to the program invoked as the shell. When using pro- grams like sh(1), an arg of the form -c string executes string via the shell and an argument of -r will give the user a restricted shell. The following statements are true only if the optional pro- gram named in the shell field of the specified user's pass- word file entry is like sh(1). If the first argument to su is a -, the environment will be changed to what would be ex- pected if the user actually logged in as the specified user. This is done by invoking the program used as the shell with an arg0 value whose first character is -, thus causing the system's profile (/etc/profile) and then the specified user's profile (.profile in the new HOME directory) to be executed. Otherwise, the environment is passed along with the possible exception of $PATH, which is set to /bin:/etc:/usr/bin:/usr/etc for root. Note that if the op- tional program used as the shell is /bin/sh, the user's .profile can check arg0 for -sh or -su to determine if it was invoked by login(1) or su(1), respectively. If the user's program is other than /bin/sh, then the program is invoked with an arg0 of -program by both login(1) and su(1). All attempts to become another user using su are logged in the log file /usr/adm/sulog. EXAMPLES The command su trip would cause the system to prompt for trip's password; if the April, 1990 1
su(1) su(1)password is typed in correctly, trip's identity is substi- tuted. To become user bin while retaining the previously exported environment, execute su bin To become user bin but change the environment to what would be expected if bin had originally logged in, execute su - bin To execute command with the temporary environment and per- mission of user bin, type su - bin -c "command args" FILES /bin/su /etc/passwd /etc/profile $HOME.profile /usr/adm/sulog SEE ALSO csh(1), env(1), ksh(1), login(1), sh(1), passwd(4), pro- file(4), environ(5). 2 April, 1990