Index Click this button to go to the index for this section.


su(1)

NAME

su - Substitutes user ID temporarily

SYNOPSIS

su [-f] |[-] [user]

OPTIONS

-f Prevents the user's shell initialization file from being executed by passing the -f option to the user's shell, thus making su start up faster. - Simulates a full login by executing the commands in either the .cshrc and .login files for csh or the .profile file for sh and ksh and by setting the current working directory to the user's home directory.

DESCRIPTION

The su command demands the password of the specified user, and if it is given, changes to that user and invokes the user's shell without changing the current directory. The user environment is unchanged except for HOME and SHELL, which are taken from the password file for the user being substituted (see environ). The new user ID stays in force until the shell exits. If no user is specified, root is assumed. Only users who belong to group number 0 (system) can issue su to become root, even with the root password. To remind superusers of their responsibilities, the shell substitutes a # (number sign) for its usual prompt. Security Restrictions The su command fails if any lock conditions exist on the target account. Specifically, if the destination account was retired, if the number of unsuccessful login attempts exceeds the maximum allowed, if the administrative lock was applied, or the password's lifetime was exceeded, the Information System Security Officer (ISSO) must unlock the destination account before any user can log in to it or use su to transition to it.

SECURITY NOTE

This security-sensitive command uses the SIA (Security Integration Architecture) routine as an interface to the security mechanisms. See the matrix.conf(4) reference page for more information.

SEE ALSO

Commands: csh(1), ksh(1), sh(1) Files: sialog(4)