.\" Copyright (c) 1988 The Regents of the University of California.
.\" %sccs.include.redist.man%
.\" @(#)su.1 6.11 (Berkeley) %G%
requests the Kerberos password for
(or for ``\fIlogin\fP.root'', if no login is provided), and switches to
that user and group ID after obtaining a Kerberos ticket granting ticket.
will resort to the local password file to find the password for
if there is a Kerberos error.
is executed by root, no password is requested and a shell
with the appropriate user ID is invoked; no additional Kerberos tickets
By default, the environment is unmodified with the exception of
are set to the target login's default values.
is set to the target login, unless the target login has a user ID of 0,
in which case it is unmodified.
The invoked shell is the target login's.
This is the traditional behavior of
The options are as follows:
Do not attempt to use Kerberos to authenticate the user.
this option prevents it from reading the ``.cshrc'' file.
The environment is discarded except for
is set to the target login.
is set to ``/bin:/usr/bin''.
is imported from your current environment.
The invoked shell is the target login's, and
will change directory to the target login's home directory.
Leave the environment unmodified.
The invoked shell is your login shell, and no directory changes are made.
As a security precaution, if the target user's shell is a non-standard
shell (as defined by \fIgetusershell\fP(3)) and the caller's real uid is
The \-l and \-m options are mutually exclusive; the last one specified
overrides any previous ones.
Only users in group 0 (normally ``wheel'') can
By default (unless the prompt is reset by a startup file) the super-user
prompt is set to ``#'' to remind one of its awesome power.
csh(1), login(1), sh(1), kinit(1), kerberos(1), passwd(5), group(5), environ(7)