su man page on HP-UX

Man page or keyword search:  
man Server   10987 pages
apropos Keyword Search (all sections)
Output format
HP-UX logo
[printable version]

su(1)									 su(1)

       su - switch user

       [username [arguments]]


       The  (set  user or superuser) command allows one user to become another
       user without logging out.

       username is the name of a user defined in  the  file  (see  passwd(4)).
       The default name is (that is, superuser).

       To  use	the  appropriate  password must be supplied unless the current
       user is superuser and is not using the option.  If a valid password  is
       entered, executes a new shell with the real and effective user ID, real
       and effective group ID, and group access list set to that of the speci‐
       fied  user.   The  new shell is the one specified in the shell field of
       the new user's entry in the password file,

       The arguments are passed along to the new shell for execution,  permit‐
       ting the user to run shell procedures with the new user's privileges.

       When  exiting from the new shell, the previous username and environment
       are restored.

       All attempts to become another user are logged in  including  failures.
       Successful  attempts  are  flagged  with	 failures,  with They are also
       logged with (see syslog(3C)).

       recognizes the following options:

	      If the	option is specified, the new shell starts up as if the
			new  user  had	initiated a new login session.	If the
			option is omitted, the new shell starts as if  a  sub‐
			shell was invoked.  See more details below.

	      If DCE (Distributed Computing Environment) is being used as
			the authentication mechanism, the option must be spec‐
			ified.	With  this  option,  even  superuser  will  be
			prompted  for the user's password. The reason for this
			is because  DCE	 credentials  for  a  user  cannot  be
			obtained without that user's password.

			This option cannot be used with shell arguments.

       If  the option is specified, the new shell starts up as if the new user
       had initiated a new login session.  Exceptions are as follows:

	 ·  The variable is reset to the new user's home directory.

	 ·  If the new user name is the path and prompt variables are reset:

	    For other user names:

	 ·  The variable is retained.

	 ·  The rest of the environment is deleted  and	 reset	to  the	 login
	    state.   However,  the  login  files are normally executed anyway,
	    usually restoring the expected value of and other variables.

       If the option is omitted, the new shell starts as  if  a	 subshell  was
       invoked.	 Exceptions are as follows:

	 ·  If the new user name is the path and prompt variables are reset:

	 ·  The previously defined and environment variables are removed.

	 ·  The rest of the environment is retained.

	 If  the  shell specified in is sets the value of parameter in the new
	 shell (referenced as to If the option of the  command	is  specified,
	 sets parameter to

	 If  the  shell specified in is not sets the value of parameter in the
	 new shell to shellname.  If the option of the command	is  specified,
	 sets  parameter  to  For  example,  if the Korn shell is invoked, the
	 value of shellname will be either or

	 By comparison, the command always sets parameter to

   HP-UX Smart Card Login
       If the user account is configured to use a Smart Card, the  user	 pass‐
       word  is stored in the card.  This password has characteristics identi‐
       cal to a normal password stored on the system.

       In order to using a Smart Card account, the Smart Card from the	desti‐
       nation  user  account must be inserted into the Smart Card reader.  The
       user is prompted for a PIN instead of a password during authentication.

       The password is retrieved automatically from  the  Smart	 Card  when  a
       valid PIN is entered.  Therefore, it is not necessary to know the pass‐
       word, only the PIN.

       The card is locked if an incorrect PIN  is  entered  three  consecutive
       times.  It may be unlocked only by the card issuer.

       Except  for user users cannot use to change to an account that has been
       locked because of expired passwords or other access restrictions.

       Refer to the file in the security(4) manual page for detailed  informa‐
       tion  on	 configurable attributes that affect the behavior of this com‐
       mand.  Currently, the supported attributes for the command are:

   Environment Variables
       User's home directory

       The language in which messages are displayed.
		      If is not specified or is	 null,	it  defaults  to  (see
		      lang(5)).	 If any internationalization variable contains
		      an invalid setting, all  internationalization  variables
		      default to (see environ(5)).

       User's login name

       Command name search path

       Default prompt

       Name of the user's shell

   International Code Set Support
       Characters in the 7-bit US-ASCII code sets are supported in login names
       (see ascii(5)).

       Become user while retaining the previously exported environment:

       Become user but change the environment to what would be expected if had
       originally logged in:

       Execute the command, using the temporary environment and permissions of
       user In this example, user bin's shell is invoked with the arguments

       Become user in the DCE environment:

       After a valid password is supplied, uses information from and to deter‐
       mine  the  user's  group ID and group access list.  If is linked to and
       group membership for the user trying to log in is managed by  the  Net‐
       work  Information  Service (NIS), and no NIS server is able to respond,
       waits until a server does respond.

   Pluggable Authentication Modules (PAM)
       PAM is an Open Group standard for user authentication, password modifi‐
       cation,	and  account validation.  In particular, is invoked to perform
       all functions related to This includes password retrieval, account val‐
       idation, and error message displays.

       User's profile
       System's default group access list file
       System's password file
       System's profile
       Log of all attempts
       Security defaults configuration file

       env(1),	 login(1),   sh(1),   initgroups(3C),	syslog(3C),  group(4),
       passwd(4), profile(4), security(4), environ(5).

   Pluggable Authentication Modules (PAM)
       pam_acct_mgmt(3), pam_authenticate(3).

   HP-UX Smart Card Login


List of man pages available for HP-UX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net