Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ su(1) — HP-UX 10.20

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

env(1)

login(1)

sh(1)

initgroups(3C)

syslog(3C)

group(4)

passwd(4)

profile(4)

environ(5)

auth.adm(1m)

auth(5)

auth.dce(5)

su(1)

NAME

su − switch to another user name

SYNOPSIS

su [-] [username [arguments]]

DESCRIPTION

The su (set user or superuser) command allows one user to become another user without logging out. 

username is the name of a user defined in the /etc/passwd file (see passwd(4). The default name is root (i.e., superuser). 

To use su, you must supply the appropriate password (unless you are currently root).  If the password is correct, su executes a new shell with the real and effective user ID, real and effective group ID, and group access list set to that of the specified user. 

The new shell is the one specified in the shell field of the new user’s entry in the password file, /etc/passwd.  su uses the Bourne shell (see sh-bourne(1)).

The arguments (the balance of the command line after username) are passed along to the new shell for execution, permitting you to run shell procedures with the new user’s privileges.

When you exit from the new shell, the previous user name and environment are restored. 

If you specify the - option of the su command, the new shell starts up as if you just logged in, except as follows:

• The HOME variable is reset to the new user’s home directory. 

• If the new user name is root, the path and prompt variables are reset:

PATH=/usr/bin:/usr/sbin:/sbin
PS1=#

For other user names:

PATH=/usr/bin
PS1=$

• The rest of the environment is deleted and reset to the login state.  However, the login files are normally executed anyway, usually restoring the expected value of PATH and other variables. 

If you omit the - option, the new shell starts up as if you invoked it as a subshell, except as follows:

• If the new user name is root, the path and prompt variables are reset:

PATH=/usr/bin:/usr/sbin:/sbin
PS1=#

• The rest of the environment is retained. 

If the shell specified in /etc/passwd is /usr/bin/sh, su sets the value of parameter 0 in the new shell (referenced as $0) to su.  If you specify the - option of the su command, su sets parameter 0 to −su. 

If the shell specified in /etc/passwd is not /usr/bin/sh, su sets the value of parameter 0 in the new shell to shellname. If you specify the - option of the su command, su sets parameter 0 to −shellname.  For example for the Korn shell, the value of shellname would be ksh or -ksh. 

(By comparison, the login command always sets parameter 0 to −shellname.) 

All attempts to become another user are logged in /var/adm/sulog, including failures.  Successful attempts are flagged with +, failures with -.  They are also logged with syslog() (see syslog(3C)).

SECURITY FEATURES

Except for user root, users on a trusted system cannot use su to change to an account that has been locked because of expired passwords or other access restrictions,

EXTERNAL INFLUENCES

Environment Variables

LANG determines the language in which messages are displayed. 

If LANG is not specified or is null, it defaults to "C" (see lang(5)).

If any internationalization variable contains an invalid setting, all internationalization variables default to "C" (see environ(5)).

International Code Set Support

Characters in the 7-bit USASCII code sets are supported in login names (see ascii(5)).

EXAMPLES

Become user bin while retaining the previously exported environment:

su bin

Become user bin but change the environment to what would be expected if bin had originally logged in:

su - bin

Execute command and its arguments using the temporary environment and permissions of user bin:

su - bin -c command arguments

WARNINGS

After a successful password has been supplied (if needed), su uses information from /etc/passwd and /etc/logingroup to determine the user’s group ID and group access list.  If /etc/group is linked to /etc/logingroup, and group membership for the user trying to log in is managed by the Network Information Service (NIS), and no NIS server is able to respond, su waits until a server does respond. 

DEPENDENCIES

HP-UX Integrated Login Library

su can use the HP-UX Integrated Login Library, if it is configured.  For further details, see auth(5) and auth.adm(1m).

The HP-UX Integrated Login typically uses the Distributed Computing Environment (DCE) for its user registry.  The DCE user registry and its relationship to the HP-UX Integrated Login are described in auth.dce(5).

FILES

$HOME/.profile User’s profile

/etc/logingroup System’s default group access list file

/etc/passwd System’s password file

/etc/profile System’s profile

/var/adm/sulog Log of all attempts

VARIABLES

HOME User’s home directory

LOGNAME User’s login name

PATH Command name search path

PS1 Default prompt

SHELL Name of the user’s shell

SEE ALSO

env(1), login(1), sh(1), initgroups(3C), syslog(3C), group(4), passwd(4), profile(4), environ(5). 

HP-UX Integrated Login Library: auth.adm(1m), auth(5), auth.dce(5). 

STANDARDS CONFORMANCE

su: SVID2, SVID3, XPG2
 

Hewlett-Packard Company  —  HP-UX Release 10.20:  July 1996

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026