docs: improve grammar and consistency of comments in login.c

[thirdparty/util-linux.git] / login-utils / su.1

.TH SU "1" "June 2012" "util-linux" "User Commands"
.SH NAME
su \- run a command with substitute user and group ID
.SH SYNOPSIS
.B su
[options...] [\-] [user [args...]]
.SH DESCRIPTION
.B su
allows to run commands with substitute user and group ID.
.PP
When called without arguments
.B su
defaults to running an interactive shell as
.IR root .
.PP
For backward compatibility
.B su
defaults to not change the current directory and to only set the
environment variables
.B HOME
and
.B SHELL
(plus
.B USER
and
.B LOGNAME
if the target
.I user
is not root).  It is recommended to always use the
.B \-\-login
option (instead it's shortcut
.BR \- )
to avoid side effects caused by mixing environments.
.PP
This version of
.B su
uses PAM for authentication, account and session management.  Some
configuration options found in other
.B su
implementations such as e.g. support of a wheel group have to be
configured via PAM.
.SH OPTIONS
.TP
\fB\-c\fR \fIcommand\fR, \fB\-\-command\fR=\fIcommand\fR
Pass
.I command
to the shell with the
.B \-c
option.
.TP
\fB\-\-session\-command\fR=\fIcommand\fR
Same as
.B \-c
but do not create a new session (discouraged).
.TP
\fB\-f\fR, \fB\-\-fast\fR
Pass
.B \-f
to the shell which may or may not be useful depending on the
shell.
.TP
\fB\-g\fR, \fB\-\-group\fR=\fIgroup\fR\fR
specify the primary group, this option is allowed for root user only
.TP
\fB\-G\fR, \fB\-\-supp-group\fR=\fIgroup\fR\fR
specify a supplemental group, this option is allowed for root user only
.TP
\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR
Starts the shell as login shell with an environment similar to a real
login:
.RS 10
.TP
o
clears all environment variables except for
.B TERM
.TP
o
initializes the environment variables
.BR HOME ,
.BR SHELL ,
.BR USER ,
.BR LOGNAME ,
.B PATH
.TP
o
changes to the target user's home directory
.TP
o
sets argv[0] of the shell to
.RB ' \- '
in order to make the shell a login shell
.RE
.TP
\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve-environment\fR
Preserves the whole environment, ie does not set
.BR HOME ,
.BR SHELL ,
.B USER
nor
.BR LOGNAME .
The option is ignored if the option \fB\-\-login\fR is specified.
.TP
\fB\-s\fR \fISHELL\fR, \fB\-\-shell\fR=\fISHELL\fR
Runs the specified shell instead of the default.  The shell to run is
selected according to the following rules in order:
.RS 10
.TP
o
the shell specified with
.B \-\-shell
.TP
o
The shell specified in the environment variable
.B SHELL
if the
.B \-\-preserve-environment
option is used.
.TP
o
the shell listed in the passwd entry of the target user
.TP
o
/bin/sh
.RE
.IP
If the target user has a restricted shell (i.e. not listed in
/etc/shells) the
.B \-\-shell
option and the
.B SHELL
environment variables are ignored unless the calling user is root.
.TP
\fB\-\-help\fR
Display help text and exit.
.TP
\fB\-\-version\fR
Display version information and exit.
.SH CONFIG FILES
.B su
reads the
.I /etc/default/su
and
.I /etc/login.defs
configuration files.  The following configuration items are relevant
for
.BR su (1):
.PP
.B FAIL_DELAY
(number)
.RS 4
Delay in seconds in case of authentication failure.  Number must be
a non-negative integer.
.RE
.PP
.B ENV_PATH
(string)
.RS 4
Defines the PATH environment variable for a regular user.  The
default value is
.IR /usr/local/bin:\:/bin:\:/usr/bin .
.RE
.PP
.B ENV_ROOTPATH
(string)
.br
.B ENV_SUPATH
(string)
.RS 4
Defines the PATH environment variable for root. The default value is
.IR /usr/local/sbin:\:/usr/local/bin:\:/sbin:\:/bin:\:/usr/sbin:\:/usr/bin .
.RE
.PP
.B ALWAYS_SET_PATH
(boolean)
.RS 4
If set to
.I yes
and \-\-login and \-\-preserve\-environment were not specified
.B su
initializes
.BR PATH .
.RE
.SH EXIT STATUS
.B su
normally returns the exit status of the command it executed.  If the
command was killed by a signal,
.B su
returns the number of the signal plus 128.
.PP
Exit status generated by
.B su
itself:
.RS 10
.TP
1
Generic error before executing the requested command
.TP
126
The requested command could not be executed
.TP
127
The requested command could was not found
.RE
.SH FILES
.PD 0
.TP 17
/etc/pam.d/su
default PAM configuration file
.TP
/etc/pam.d/su-l
PAM configuration file if \-\-login is specified
.TP
/etc/default/su
command specific logindef config file
.TP
/etc/login.defs
global logindef config file
.PD 1
.SH "SEE ALSO"
.BR runuser (8),
.BR pam (8),
.BR shells (5),
.BR login.defs (5)
.SH AUTHOR
Derived from coreutils' su which was based on an implementation from
David MacKenzie.
.SH AVAILABILITY
The su command is part of the util-linux package and is
available from
.UR ftp://\:ftp.kernel.org\:/pub\:/linux\:/utils\:/util-linux/
Linux Kernel Archive
.UE .