su — run a command with substitute user and group ID
su
[ options... ]
[−
] [ user [ args... ]
]
su allows to run commands with substitute user and group ID.
When called without arguments su defaults to running an interactive shell as root.
For backward compatibility su defaults to not change
the current directory and to only set the environment
variables HOME
and SHELL
(plus USER
and LOGNAME
if the target user
is not root). It is
recommended to always use the −−login
option (instead it's
shortcut −
) to avoid side
effects caused by mixing environments.
This version of su uses PAM for authentication, account and session management. Some configuration options found in other su implementations such as e.g. support of a wheel group have to be configured via PAM.
−c
command, −−command
=commandPass command to the shell
with the −c
option.
−−session−command
=commandSame as −c
but do
not create a new session (discouraged).
−f
, −−fast
Pass −f
to the
shell which may or may not be useful depending on the
shell.
−g
, −−group
=groupspecify the primary group, this option is allowed for root user only
−G
, −−supp−group
=groupspecify a supplemental group, this option is allowed for root user only
−
, −l
, −−login
Starts the shell as login shell with an environment similar to a real login:
o
clears all environment variables except for
TERM
o
initializes the environment variables
HOME
,SHELL
,USER
,LOGNAME
,PATH
o
changes to the target user's home directory
o
sets argv[0] of the shell to '
−
' in order to make the shell a login shell
−m
, −p
, −−preserve−environment
Preserves the whole environment, ie does not set
HOME
, SHELL
, USER
nor LOGNAME
. The option is ignored if the
option −−login
is specified.
−s
SHELL
, −−shell
=SHELL
Runs the specified shell instead of the default. The shell to run is selected according to the following rules in order:
o
the shell specified with
−−shell
o
The shell specified in the environment variable
SHELL
if the−−preserve−environment
option is used.o
the shell listed in the passwd entry of the target user
o
/bin/sh
If the target user has a restricted shell (i.e. not
listed in /etc/shells) the −−shell
option and the
SHELL
environment
variables are ignored unless the calling user is
root.
−−help
Display help text and exit.
−−version
Display version information and exit.
su reads the
/etc/default/su
and
/etc/login.defs
configuration
files. The following configuration items are relevant for
su(1):
FAIL_DELAY
(number)
Delay in seconds in case of authentication failure. Number must be a non-negative integer.
ENV_PATH
(string)
Defines the PATH environment variable for a regular user. The default value is
/usr/local/bin:/bin:/usr/bin
.
ENV_ROOTPATH
(string)
ENV_SUPATH
(string)
Defines the PATH environment variable for root. The default value is
/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
.
ALWAYS_SET_PATH
(boolean)
If set to yes and −−login and −−preserve−environment were not specified su initializes
PATH
.
su normally returns the exit status of the command it executed. If the command was killed by a signal, su returns the number of the signal plus 128.
Exit status generated by su itself:
1
Generic error before executing the requested command
126
The requested command could not be executed
127
The requested command could was not found
/etc/pam.d/su
default PAM configuration file
/etc/pam.d/su-l
PAM configuration file if −−login is specified
/etc/default/su
command specific logindef config file
/etc/login.defs
global logindef config file
The su command is part of the util-linux package and is available from Linux Kernel Archive
|