Switching users with the su command
su command examples
Running the "su" command allows a user to temporarily become another user. When invoked "su" will run a command or shell as the user ID, Group ID and supplemental groups of that user.
Basic Syntax of su: su [OPTION] ... [USER [ARG]...]
If no user is passed to the "su" command, then the root user is assumed. The shell that is opened is of the type specified within the "/etc/passwd" file. (Mostly will be /bin/bash). When you execute the "su" command you will be asked to supply the password for the user you are trying to become. However, if you are running with root privileges (super user), then you will not be asked for a password. If you wish to pick up the same environment as the user you are passing, then you must use the "su -l" option. This sets the environment to a login environment.
Example of su with and without the "-l" parameter
Notice the difference in the PATH variable when we specify the "-l" or "-" option.
# id uid=0(root) gid=0(root) groups=0(root),105(sfcb) # echo $PATH /sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin # su john $ id uid=1008(john) gid=100(users) groups=100(users),16(dialout),33(video),17000(dba) $ echo $PATH /root/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin $ exit exit # su -l john $ echo $PATH /home/john/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games:/usr/lib/mit/bin:/usr/lib/mit/sbin
Running a command as another user and environment
If you pass the "-c" , then you can pass a command line to run as the specified user. If you are not root the "root" user, you will be asked to confirm your password for the specified account.
# su - john -c "TestProgram"
The above would run the command or program "TestProgram" as the user "john". In the above example, you would not be prompted for a password as this command was issued by the "root" user.
su available options
-, -l, --login make the shell a login shell -c, --command=COMMAND pass a single COMMAND to the shell with -c --session-command=COMMAND pass a single COMMAND to the shell with -c and do not create a new session -f, --fast pass -f to the shell (for csh or tcsh) -m, --preserve-environment do not reset environment variables -p same as -m -s, --shell=SHELL run SHELL if /etc/shells allows it --help display this help and exit --version output version information and exit