|
| NAVIGATION |
|
Home |
|
Store |
|
|
| INSIDE MAC |
|
Television Shows |
|
Broadcast Shows |
|
Daily News Shows |
|
Special Shows |
|
|
| EVENTS |
|
|
|
|
|
|
|
|
| DAILY TIPS |
|
Design |
|
Mac OS X |
|
Mac OS X UNIX |
|
|
| COMMUNITY |
|
Surveys |
|
|
| NEWS |
|
Current |
|
Press |
|
Archive |
|
|
| FEATURES |
|
Editorial |
|
Dr. Mac |
|
Reviews |
|
Reader Reports |
|
|
| RESOURCES |
|
FAQ |
|
Documentation |
|
Learning Center |
|
MAN pages |
|
Glossary |
|
Tutorials |
|
Tips |
|
Links |
|
|
|
|
|
|
su [-Kflm] [login [shell arguments]]
DESCRIPTION
su requests the Kerberos password for login (or for ``login.root'', if no
login is provided), and switches to that user and group ID after obtain-
ing a Kerberos ticket granting ticket. A shell is then executed, and any
additional shell arguments after the login name are passed to the shell.
su will resort to the local password file to find the password for login
if there is a Kerberos error. If su is executed by root, no password is
requested and a shell with the appropriate user ID is executed; no addi-
tional Kerberos tickets are obtained.
Alternatively, if the user enters the password "s/key", authentication
will use the S/Key one-time password system as described in skey(1).
S/Key is a Trademark of Bellcore.
By default, the environment is unmodified with the exception of USER,
HOME, and SHELL. HOME and SHELL are set to the target login's default
values. USER is set to the target login, unless the target login has a
user ID of 0, in which case it is unmodified. The invoked shell is the
target login's. This is the traditional behavior of su.
The options are as follows:
-K Do not attempt to use Kerberos to authenticate the user.
-f If the invoked shell is csh(1), this option prevents it from
reading the ``.cshrc'' file.
-l Simulate a full login. The environment is discarded except for
HOME, SHELL, PATH, TERM, and USER. HOME and SHELL are modified as
above. USER is set to the target login. PATH is set to
``/bin:/usr/bin''. TERM is imported from your current environ-
ment. The invoked shell is the target login's, and su will
change directory to the target login's home directory.
-m Leave the environment unmodified. The invoked shell is your lo-
gin shell, and no directory changes are made. As a security pre-
caution, if the target user's shell is a non-standard shell (as
defined by getusershell(3)) and the caller's real uid is non-ze-
ro, su will fail.
The -l and -m options are mutually exclusive; the last one specified
overrides any previous ones.
Only users in group ``wheel'' (normally gid 0), as listed in /etc/group,
can su to ``root''.
By default (unless the prompt is reset by a startup file) the super-user
prompt is set to ``#'' to remind one of its awesome power.
SEE ALSO
TERM Provides terminal type which may be retained for the substituted
user ID.
USER The user ID is always the effective ID (the target user ID) after
an su unless the user ID is 0 (root).
HISTORY
A su command appeared in Version 7 AT&T UNIX.
BSD Experimental April 18, 1994 2
|
|
Copyright © 2000-2010 Inside Mac Media, Inc. All rights reserved. |
Apple assumes no responsibility with regard to the selection, performance, or use of the products or services. All understandings, agreements, or warranties, if any, take place directly between the vendors and prospective users. |
| Apple, the Apple logo, Mac, PowerMac G4, PowerMac G5, Xserve, Xserve RAID, PowerBook, iBook, Airport, AirPort Extreme, iMac, eMac, iLife, iMovie, iCal, iPhoto, iTunes, QuickTime, FireWire, iPod, iSight, AppleWorks, Macintosh, Jaguar, Panther, Mac OS, Mac OS X and Mac OS X Server are trademarks of Apple Computer, Inc. |
|
