projects / unix-history / blob
? search:
summary | tags | clone url | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Kerberos include files are in a subdirectory now
[unix-history] / usr / src / usr.bin / su / su.1
.\" Copyright (c) 1988 The Regents of the University of California.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms are permitted
.\" provided that the above copyright notice and this paragraph are
.\" duplicated in all such forms and that any documentation,
.\" advertising materials, and other materials related to such
.\" distribution and use acknowledge that the software was developed
.\" by the University of California, Berkeley. The name of the
.\" University may not be used to endorse or promote products derived
.\" from this software without specific prior written permission.
.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
.\"
.\" @(#)su.1 6.8 (Berkeley) %G%
.\"
.TH SU 1 ""
.UC
.SH NAME
su \- substitute user id
.SH SYNOPSIS
.B su
[-flmn] [login]
.SH DESCRIPTION
\fISu\fP requests the Kerberos password
for \fIlogin\fP (or for ``\fIlogin\fP.root'', if no
login is provided), and switches to that user and group ID after
issueing a Kerberos ticket granting ticket.
A shell is then invoked .
\fISu\fP will resort to the local password file to find the password
for \fIlogin\fP if there is a Kerberos error or if the \fB-n\fP flag is given.
.PP
By default, your environment is unmodified with the exception of
\fIUSER\fP, \fIHOME\fP, and \fISHELL\fP. \fIHOME\fP and \fISHELL\fP
are set to the target login's \fI/etc/passwd\fP values. \fIUSER\fP
is set to the target login, unless the target login has a UID of 0,
in which case it is unmodified. The invoked shell is the target
login's. This is the traditional behavior of \fIsu\fP.
.PP
The \fI-l\fP option simulates a full login. The environment is discarded
except for \fIHOME\fP, \fISHELL\fP, \fIPATH\fP, \fITERM\fP, and \fIUSER\fP.
\fIHOME\fP and \fISHELL\fP are modified as above. \fIUSER\fP is set to
the target login. \fIPATH\fP is set to ``/usr/ucb:/bin:/usr/bin''.
\fITERM\fP is imported from your current environment. The invoked shell
is the target login's, and \fIsu\fP will change directory to the target
login's home directory.
.PP
The \fI-m\fP option causes the environment to remain unmodified, and
the invoked shell to be your login shell. No directory changes are
made. As a security precaution, if the
.I -m
option is specified, the target user's shell is a non-standard shell
(as defined by \fIgetusershell\fP(3)) and the caller's real uid is
non-zero,
.I su
will fail.
.PP
If the invoked shell is \fIcsh\fP, the \fI-f\fP option prevents it from
reading the \fI.cshrc\fP file. Otherwise, this option is ignored.
.PP
Only users in group 0 (normally ``wheel'') can \fIsu\fP to ``root''.
.PP
By default (unless the prompt is reset by a startup file) the super-user
prompt is set to ``#'' to remind one of its awesome power.
.SH "SEE ALSO"
csh(1), login(1), sh(1), passwd(5), group(5), environ(7)
Continuous source code history from original PDP-7 UNIX to FreeBSD 2, the first fully unencumbered FreeBSD release.