su man page on FreeBSD

Man page or keyword search:  
man Server   9747 pages
apropos Keyword Search (all sections)
Output format
FreeBSD logo
[printable version]

SU(1)			  BSD General Commands Manual			 SU(1)

NAME
     su — substitute user identity

SYNOPSIS
     su [-] [-flms] [-c class] [login [args]]

DESCRIPTION
     The su utility requests appropriate user credentials via PAM and switches
     to that user ID (the default user is the superuser).  A shell is then
     executed.

     PAM is used to set the policy su(1) will use.  In particular, by default
     only users in the “wheel” group can switch to UID 0 (“root”).  This group
     requirement may be changed by modifying the “pam_group” section of
     /etc/pam.d/su.  See pam_group(8) for details on how to modify this set‐
     ting.

     By default, the environment is unmodified with the exception of USER,
     HOME, and SHELL.  HOME and SHELL are set to the target login's default
     values.  USER is set to the target login, unless the target login has a
     user ID of 0, in which case it is unmodified.  The invoked shell is the
     one belonging to the target login.	 This is the traditional behavior of
     su.  Resource limits and session priority applicable to the original
     user's login class (see login.conf(5)) are also normally retained unless
     the target login has a user ID of 0.

     The options are as follows:

     -f	     If the invoked shell is csh(1), this option prevents it from
	     reading the “.cshrc” file.

     -l	     Simulate a full login.  The environment is discarded except for
	     HOME, SHELL, PATH, TERM, and USER.	 HOME and SHELL are modified
	     as above.	USER is set to the target login.  PATH is set to
	     “/bin:/usr/bin”.  TERM is imported from your current environment.
	     Environment variables may be set or overridden from the login
	     class capabilities database according to the class of the target
	     login.  The invoked shell is the target login's, and su will
	     change directory to the target login's home directory.  Resource
	     limits and session priority are modified to that for the target
	     account's login class.

     -	     (no letter) The same as -l.

     -m	     Leave the environment unmodified.	The invoked shell is your
	     login shell, and no directory changes are made.  As a security
	     precaution, if the target user's shell is a non-standard shell
	     (as defined by getusershell(3)) and the caller's real uid is non-
	     zero, su will fail.

     -s	     Set the MAC label to the user's default label as part of the user
	     credential setup.	Setting the MAC label may fail if the MAC
	     label of the invoking process is not sufficient to transition to
	     the user's default MAC label.  If the label cannot be set, su
	     will fail.

     -c class
	     Use the settings of the specified login class.  Only allowed for
	     the super-user.

     The -l (or -) and -m options are mutually exclusive; the last one speci‐
     fied overrides any previous ones.

     If the optional args are provided on the command line, they are passed to
     the login shell of the target login.  Note that all command line argu‐
     ments before the target login name are processed by su itself, everything
     after the target login name gets passed to the login shell.

     By default (unless the prompt is reset by a startup file) the super-user
     prompt is set to “#” to remind one of its awesome power.

ENVIRONMENT
     Environment variables used by su:

     HOME  Default home directory of real user ID unless modified as specified
	   above.

     PATH  Default search path of real user ID unless modified as specified
	   above.

     TERM  Provides terminal type which may be retained for the substituted
	   user ID.

     USER  The user ID is always the effective ID (the target user ID) after
	   an su unless the user ID is 0 (root).

FILES
     /etc/pam.d/su  PAM configuration for su.

EXAMPLES
     su -m man -c catman
	    Runs the command catman as user man.  You will be asked for man's
	    password unless your real UID is 0.	 Note that the -m option is
	    required since user “man” does not have a valid shell by default.
     su -m man -c 'catman /usr/share/man /usr/local/man'
	    Same as above, but the target command consists of more than a sin‐
	    gle word and hence is quoted for use with the -c option being
	    passed to the shell.  (Most shells expect the argument to -c to be
	    a single word).
     su -m -c staff man -c 'catman /usr/share/man /usr/local/man'
	    Same as above, but the target command is run with the resource
	    limits of the login class “staff”.	Note: in this example, the
	    first -c option applies to su while the second is an argument to
	    the shell being invoked.
     su -l foo
	    Simulate a login for user foo.
     su - foo
	    Same as above.
     su -   Simulate a login for root.

SEE ALSO
     csh(1), sh(1), group(5), login.conf(5), passwd(5), environ(7),
     pam_group(8)

HISTORY
     A su command appeared in Version 1 AT&T UNIX.

BSD				 July 1, 2008				   BSD
[top]

List of man pages available for FreeBSD

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
...................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net