unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (OSF1-V5.1-alpha)
Page:
Section:
Apropos / Subsearch:
optional field



su(1)									su(1)



NAME

  su - Substitutes user	ID temporarily

SYNOPSIS

  su [-	| -f] [user] [shell_option] [shell_command]

OPTIONS

  -f  Prevents the user's shell	initialization file from being executed	by
      passing the -f option to the user's shell, thus making su	start up fas-
      ter. The -f option is supported by the csh family	of shells.

  -   Simulates	a full login by	executing the commands in either the .cshrc
      and .login files for csh or the .profile file for	sh and ksh and by
      setting the current working directory to the user's home directory.

  shell_option
      Passes the specified shell option	flag to	the newly invoked user's
      shell for	execution. The shell_option must be supported by the invoked
      shell. The csh, sh, ksh, and any other interactive command shell sup-
      port the commonly	used -c	shell option. By default (no "shell_option"),
      the shell	is opened with the -i (interactive) shell option. See the
      reference	page for the shell you are using for more information on the
      shell options.

  shell_command
      Passes the specified command to the newly	invoked	user's shell for exe-
      cution.  The shell_command must be supported by the invoked shell.

DESCRIPTION

  The su command demands the password of the specified user, and if it is
  given, changes to that user and invokes the user's shell without changing
  the current directory.

  Except in a case where the - option is used, the user	environment is
  unchanged except for HOME, SHELL, USER, and LOGNAME which are	taken from
  the password file for	the user being substituted (see	environ).  The new
  user ID stays	in force until the shell exits.

  If no	user is	specified, root	is assumed.  Only users	who belong to group
  number 0 (system) can	issue su to become root, even with the root password.
  To remind superusers of their	responsibilities, the shell substitutes	a #
  (number sign)	for its	usual prompt.

  Shell	commands may be	passed to the shell that is spawned by su by includ-
  ing them on the command line after the su flags and arguments. After the
  flags	recognized by su and the user argument are processed, unrecognized
  command line flags (shell_options) and/or arguments (shell_commands) are
  passed to the	shell for execution. If	the spawned shell does not support
  the command or the format of the command, the	command	is not executed	and
  the resulting	shell behavior and error messages are determined by the
  shell.





  Security Restrictions


  The su command fails if any lock conditions exist on the target account.
  Specifically,	if the destination account was retired,	if the number of
  unsuccessful login attempts exceeds the maximum allowed, if the administra-
  tive lock was	applied, or the	password's lifetime was	exceeded, the Infor-
  mation System	Security Officer (ISSO)	must unlock the	destination account
  before any user can log in to	it or use su to	transition to it.

SECURITY NOTE

  This security-sensitive command uses SIA (Security Integration Architec-
  ture)	as an interface	to the security	mechanism(s) that perform the actual
  user validation. See the matrix.conf(4) reference page for more informa-
  tion.

ENVIRONMENT VARIABLES

  The following	environment variables affect the behavior of su:

SEE ALSO

  Commands:  csh(1), ksh(1), sh(1)