NAME

su − substitute user id temporarily

SYNOPSIS

su [ −f ] [ − ] [ userid ]

DESCRIPTION

Su demands the password of the specified userid, and if it is given, changes to that userid and invokes the shell sh(1) without changing the current directory. The user environment is unchanged except for HOME and SHELL, which are taken from the password file for the user being substituted (see environ(7)). The new user ID stays in force until the shell exits.

If the −f flag is included, a fast login is performed, skipping the new userid’s .login or .cshrc files. 

If the − flag is included, a full login is performed, causing the current environment to be flushed, and replaced with whatever login(1) would provide on a standard login.

If no userid is specified, “root” is assumed.  A user must belong to group “root” to switch to userid “root”.  If group “root” does not exist, “root” priveleges may be obtained by any user who knows the “root” password.  To remind the super-user of his responsibilities, the shell substitutes ‘#’ for its usual prompt. 

In the file /usr/adm/sus, su logs both successful and unsuccesful attempts to switch user ID to “root”. 

FILES

/etc/passwdpassword file
/usr/adm/suslists potential security breaches
/etc/groupusers in group root may su to “root”

SEE ALSO

login(1), sh(1)

BUGS

Local administrative rules cause restrictions to be placed on who can su to “root”, even with the root password.  These rules vary from site to site. 

3BSD