pavement

Su

From FreeBSDwiki
(Difference between revisions)
Jump to: navigation, search
 
Line 1: Line 1:
[[su]] is acronymic for [[super-user]], and is the system command used under FreeBSD and other unix-like operating systems to change your [[user context]] without having to log out and log back in as a different user.
+
[[su]] is acronymic for '''switch user''' -- if no username is supplied to /sbin/su the [[super-user]] account is assumed, and is the system command used under FreeBSD and other unix-like operating systems to change your [[user context]] without having to log out and log back in as a different user.
  
 
If you just type in [[su]] at the shell prompt and do not supply an argument, [[su]] assumes that you are asking to change context to [[root]].  Attempting to assume [[root]] context is something of a special case under FreeBSD - unlike many other unix-like operating systems, just having the root password is not enough!  FreeBSD's default behavior is to only allow users who are members of the special group [[wheel]] the privilege of [[su]]-ing to [[root]].  If you ''are'' a member of [[wheel]], you will be presented with a password challenge; if not, you will simply be told "sorry."
 
If you just type in [[su]] at the shell prompt and do not supply an argument, [[su]] assumes that you are asking to change context to [[root]].  Attempting to assume [[root]] context is something of a special case under FreeBSD - unlike many other unix-like operating systems, just having the root password is not enough!  FreeBSD's default behavior is to only allow users who are members of the special group [[wheel]] the privilege of [[su]]-ing to [[root]].  If you ''are'' a member of [[wheel]], you will be presented with a password challenge; if not, you will simply be told "sorry."
Line 5: Line 5:
 
However, [[su]] is useful for more than just assuming [[root]] context.  You can assume ''any'' user context with the [[su]] application, making it an excellent troubleshooting tool to instantly check on any permissions or other security-related issues as well as issues related to the user-specific shell environment.  Simply supply [[su]] the name of the user whose context you want to assume as an argument; if you are already [[root]] it will quietly do so without asking for a password.  If you are ''not'' root and you ask to [[su]] to a non-[[root]] user, it will allow you attempt to, but will require you to supply that user's password before actually changing context.
 
However, [[su]] is useful for more than just assuming [[root]] context.  You can assume ''any'' user context with the [[su]] application, making it an excellent troubleshooting tool to instantly check on any permissions or other security-related issues as well as issues related to the user-specific shell environment.  Simply supply [[su]] the name of the user whose context you want to assume as an argument; if you are already [[root]] it will quietly do so without asking for a password.  If you are ''not'' root and you ask to [[su]] to a non-[[root]] user, it will allow you attempt to, but will require you to supply that user's password before actually changing context.
  
One thing to remember about using [[su]] to change [[user context]] is that it actually opens a new [[shell]] without ever closing your old one - so when you're tired of being whoseever identity you have taken with [[su]], simply [[exit]] to get back to your old shell.
+
One thing to remember about using [[su]] to change [[user context]] is that it actually opens a [[shell]] without ever closing your old one - so when you're tired of being whoseever identity you have taken with [[su]], simply [[exit]] to get back to your old shell. If the "-" switch is passed to [[su]] then a new shell is opened, using any [[shell]] configuration file ([[.profile]], [[.cshrc]], etc) in the root account's home directory. If no "-" switch is passed to [[su]], it will use the shell configuration file of the user you [[su]]'d from (assuming sanity: if the originating user is using .bashrc and the root user is using .tcshrc, the .bashrc file won't be used.)
  
 
It is somewhat sloppy, but convenient on reasonably resourceful machines, to occasionally just [[su]] to your own user context rather than logging off and back on again in order to make a user environment change immediately active; for instance after altering or placing new files in your [[directory path]].
 
It is somewhat sloppy, but convenient on reasonably resourceful machines, to occasionally just [[su]] to your own user context rather than logging off and back on again in order to make a user environment change immediately active; for instance after altering or placing new files in your [[directory path]].
  
 
[[Category:System Commands]]
 
[[Category:System Commands]]

Revision as of 01:35, 25 August 2004

su is acronymic for switch user -- if no username is supplied to /sbin/su the super-user account is assumed, and is the system command used under FreeBSD and other unix-like operating systems to change your user context without having to log out and log back in as a different user.

If you just type in su at the shell prompt and do not supply an argument, su assumes that you are asking to change context to root. Attempting to assume root context is something of a special case under FreeBSD - unlike many other unix-like operating systems, just having the root password is not enough! FreeBSD's default behavior is to only allow users who are members of the special group wheel the privilege of su-ing to root. If you are a member of wheel, you will be presented with a password challenge; if not, you will simply be told "sorry."

However, su is useful for more than just assuming root context. You can assume any user context with the su application, making it an excellent troubleshooting tool to instantly check on any permissions or other security-related issues as well as issues related to the user-specific shell environment. Simply supply su the name of the user whose context you want to assume as an argument; if you are already root it will quietly do so without asking for a password. If you are not root and you ask to su to a non-root user, it will allow you attempt to, but will require you to supply that user's password before actually changing context.

One thing to remember about using su to change user context is that it actually opens a shell without ever closing your old one - so when you're tired of being whoseever identity you have taken with su, simply exit to get back to your old shell. If the "-" switch is passed to su then a new shell is opened, using any shell configuration file (.profile, .cshrc, etc) in the root account's home directory. If no "-" switch is passed to su, it will use the shell configuration file of the user you su'd from (assuming sanity: if the originating user is using .bashrc and the root user is using .tcshrc, the .bashrc file won't be used.)

It is somewhat sloppy, but convenient on reasonably resourceful machines, to occasionally just su to your own user context rather than logging off and back on again in order to make a user environment change immediately active; for instance after altering or placing new files in your directory path.

Personal tools