Administering user accounts

Accessing other accounts with su(1M)

The su(1M) utility (for ``superuser'') can be used to switch over to another account temporarily. It is primarily used to access the root account, when it is executed without an argument. Otherwise, it is used in this form:

su username

su prompts for the account password, and if it is correct, a Bourne shell is started under the other account. Transitions with su do not affect the login user ID (LUID), so login and audit records remain accurate.

If a dash (-) is present on the command (su -), the environment for that user is executed (including login shell and home directory), making it essentially the same as logging in as that user. To exit the shell, enter exit or press <Ctrl>D and you return to your own account.

NOTE: You can configure su not to prompt for a password by setting PROMPT=NO in /etc/default/su. The invoking user, however, must still have appropriate privilege to execute su successfully. If this parameter does not exist or is set to anything other than NO, su prompts for a password when invoked and validates the password (if one is defined for the invoking user).

See also:

Next topic: Logging su(1M) usage
Previous topic: Allowing users to execute superuser commands

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004