SU(1) RISC/os Reference Manual SU(1)
NAME
su, ssu - become super-user or another user
SYNOPSIS
su [ - ] [ name [ arg ... ] ]
ssu
DESCRIPTION
With the su command it is possible to become another user
without logging off. The default user name is root (that
is, super-user). However, a user may not su to root unless
that user is a member of group 0 (root) or is listed in
/etc/su_people. /etc/su_people is a configuration file that
allows specified users to su to root without password or
permissions checking. The file must be owned by root (user
0), belong to group root (group 0), and have permissions set
to 0600 (read and write by owner only.) The system adminis-
trator can give a user authorization to su to root by adding
the user to group 0 in /etc/group, or to the corresponding
database if NIS is enabled. su authorization also can be
given by the system administrator by creating the user with
a basic group of root in etc/passwd or the corresponding NIS
database.
Otherwise, to use su the appropriate password must be sup-
plied (unless the user already is root). If the password is
correct, su will execute a new shell with the real and
effective user and group IDs set to that of the specified
user. If the line
INITGROUPS=YES
is specified in the file /etc/default/su, su will call
initgroups(3C) to set the supplementary group list to that
of the specified user. The new shell will be the optional
program named in the shell field of the specified user's
password file entry [see passwd(4)] or /usr/bin/sh if none
is specified [see sh(1)]. To restore normal user ID
privileges, type an EOF character (CTRL-d) to the new shell.
Any additional arguments given on the command line are
passed to the program invoked as the shell. When using pro-
grams such as sh, an arg of the form -c string executes
string via the shell and an arg of -r gives the user a res-
tricted shell.
The following statements are true only if the optional pro-
gram named in the shell field of the specified user's pass-
word file entry is like sh. If the first argument to su is
a -, the environment will be changed to what would be
expected if the user actually logged in as the specified
user. This is done by invoking the program used as the
Printed 11/19/92 Page 1
SU(1) RISC/os Reference Manual SU(1)
shell with an arg0 value whose first character is -, thus
causing first the system's profile (/etc/profile) and then
the specified user's profile (.profile in the new HOME
directory) to be executed. Otherwise, the environment is
passed along with the possible exception of $PATH, which is
set to /sbin:/usr/sbin:/usr/bin:/etc for root. Note that if
the optional program used as the shell is /usr/bin/sh, the
user's .profile can check arg0 for -sh or -su to determine
if it was invoked by login or su, respectively. If the
user's program is other than /usr/bin/sh, then .profile is
invoked with an arg0 of -program by both login and su.
All attempts to become another user using su are logged in
the file /var/adm/sulog, unless a different file is speci-
fied using SULOG in /etc/default/su.
ssu is the same as su -e -c root:
-e Do not reset the shell.
-c Execute extra arguments directly as commands instead of
using the shell. If no arguments are given, use the
shell.
EXAMPLES
To become user bin while retaining your previously exported
environment, execute:
su bin
To become user bin but change the environment to what would
be expected if bin had originally logged in, execute:
su - bin
To execute command with the temporary environment and per-
missions of user bin, type:
su - bin -c "command args"
FILES
/etc/passwd system's password file
/etc/profile system's profile
$HOME/.profile user's profile
/var/adm/sulog default log file
/etc/su_people su configuration file
/etc/default/su the default parameters that live here are:
SULOG: If defined, all attempts to su
to another user are logged in
the indicated file.
CONSOLE: If defined, all attempts to su
to root are logged on the con-
sole.
PATH: Default path.
SUPATH: Default path for a user invoking
Page 2 Printed 11/19/92
SU(1) RISC/os Reference Manual SU(1)
su to root.
INITGROUPS: Set supplementary group list to
that of the specified user.
SEE ALSO
env(1), login(1), sh(1) in the User's Reference Manual.
passwd(4), profile(4), environ(5) in the Programmer's Refer-
ence Manual.
Printed 11/19/92 Page 3