su(1M) su(1M)
NAME
su - become another user
SYNOPSIS
su [-] [name [arg . . .]
DESCRIPTION
su allows one to become another user without logging off. The
default user name is root.
To use su, the appropriate password for the login name
specified must be supplied (unless one is already root). The
default password validation behavior can be altered via the
PROMPT default parameter found in /etc/default/su (see FILES).
Upon successful execution, su will execute a new shell with
the real and effective user and group IDs and supplementary
group list set to that of the specified user. The new shell
will be the optional program named in the shell field of the
specified user's password file entry [see passwd(4)] or
/usr/bin/sh if none is specified [see sh(1)].
To restore the normal user ID environment, type an EOF
character (CTRL-d) to the new shell.
Any additional arguments given on the command line are passed
to the program invoked as the shell. When using programs such
as sh, an arg of the form -c string executes string via the
shell and an arg of -r gives the user a restricted shell.
The following statements are true only if the optional program
named in the shell field of the specified user's password file
entry is like sh. If the first argument to su is a -, the
environment will be changed to what would be expected if the
user actually logged in as the specified user. This is done
by invoking the program used as the shell with an arg0 value
whose first character is -, thus causing first the system's
profile (/etc/profile for sh orksh, or /etc/.login for csh)
and then the specified user's profile (.profile in the new
HOME directory) to be executed. Otherwise, the environment is
passed along with the possible exception of $PATH, which is
set to /sbin:/usr/sbin:/usr/bin:/etc for root. Note that if
the optional program used as the shell is /usr/bin/sh, the
user's .profile can check arg0 for -sh or -su to determine if
it was invoked by login or su, respectively. If the user's
program is other than /usr/bin/sh, then .profile is invoked
Copyright 1994 Novell, Inc. Page 1
su(1M) su(1M)
with an arg0 of -program by both login and su.
Note that if you are using csh, /etc/profile is replaced by
/etc/.login and $HOME/.profile is replaced by $HOME/.login.
All attempts to become another user using su are logged in the
log file /var/adm/sulog.
EXAMPLES
Become user bin while retaining your previously exported
environment:
su bin
Become user bin but change the environment to what would be
expected if bin had originally logged in:
su - bin
Execute command with the temporary environment and permissions
of user bin:
su - bin -c "command args"
FILES
/etc/passwd system's password file
/etc/security/ia/master
system's I&A data file
/etc/profile
system's profile
/etc/.login system's profile
$HOME/.profile
user's profile
$HOME/.login
user's profile
/var/adm/sulog
log file
/usr/lib/locale/locale/LC_MESSAGES/uxcore.abi
language-specific message file [See LANG on
environ (5).]
Copyright 1994 Novell, Inc. Page 2
su(1M) su(1M)
/etc/default/su
default parameters in this file are:
SULOG:
If defined, all attempts to su to another
user are logged in the indicated file.
CONSOLE:
If defined, all attempts to su root are
logged on the console.
PATH: Default path.
SUPATH:
Default path for a user invoking su root.
PROMPT:
If this parameter exists and is set to No,
the su command will not prompt for a
password (even if one is defined for the
login name); however, the invoking user
must still have appropriate privilege to use
su successfully. If this parameter does not
exist, or is set to anything other than No
(including NULL), su will prompt for a
password when invoked and validate the
password (if one is defined for the login
name).
REFERENCES
defadm(1M), env(1), login(1), passwd(4), profile(4), sh(1)
Copyright 1994 Novell, Inc. Page 3