3 .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
4 .\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
6 .\" Manual: User Commands
7 .\" Source: User Commands
10 .TH "SU" "1" "16/02/2011" "User Commands" "User Commands"
11 .\" -----------------------------------------------------------------
12 .\" * Define some portability stuff
13 .\" -----------------------------------------------------------------
14 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
15 .\" http://bugs.debian.org/507673
16 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
17 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
20 .\" -----------------------------------------------------------------
21 .\" * set default formatting
22 .\" -----------------------------------------------------------------
23 .\" disable hyphenation
25 .\" disable justification (adjust text to left margin only)
27 .\" -----------------------------------------------------------------
28 .\" * MAIN CONTENT STARTS HERE *
29 .\" -----------------------------------------------------------------
31 su \- change user ID or become superuser
34 \fBsu\fR [\fIopzioni\fR] [\fIusername\fR]
39 command is used to become another user during a login session\&. Invoked without a
42 defaults to becoming the superuser\&. The optional argument
44 may be used to provide an environment similar to what the user would expect had the user logged in directly\&.
46 Dopo il nome utente, \(`e possibile specificare argomenti aggiuntivi da passare alla shell di login dell\*(Aqutente\&. In particolare, molti interpreti di comando adottano la convenzione per cui l\*(Aqopzione
48 seguita da un argomento fa s\(`i che quest\*(Aqultimo sia considerato un comando\&.Il comando viene eseguito dalla shell specificata in
50 per l\*(Aqutente di destinazione\&.
56 options from the arguments supplied to the shell\&.
58 All\*(Aqutente viene quindi chiesta la password, se necessario\&. Una password errata viene segnalata da un messaggio d\*(Aqerrore\&. Viene effettuato il log di tutti i tentativi, siano essi riusciti o meno, al fine di rilevare ogni abuso del sistema\&.
60 The current environment is passed to the new shell\&. The value of
65 /sbin:/bin:/usr/sbin:/usr/bin
66 for the superuser\&. This may be changed with the
73 A subsystem login is indicated by the presence of a "*" as the first character of the login shell\&. The given home directory will be used as the root of a new file system which the user is actually logged into\&.
78 accetta le seguenti opzioni:
80 \fB\-c\fR, \fB\-\-command\fR \fICOMMAND\fR
82 Specify a command that will be invoked by the shell using its
86 \fB\-\fR, \fB\-l\fR, \fB\-\-login\fR
88 Provide an environment similar to what the user would expect had the user logged in directly\&.
92 is used, it must be specified as the last
94 option\&. The other forms (\fB\-l\fR
96 \fB\-\-login\fR) do not have this restriction\&.
99 \fB\-s\fR, \fB\-\-shell\fR \fISHELL\fR
101 The shell that will be invoked\&.
103 The invoked shell is chosen from (highest priority first):
106 The shell specified with \-\-shell\&.
111 \fB\-\-preserve\-environment\fR
112 is used, the shell specified by the
114 environment variable\&.
118 The shell indicated in the
120 entry for the target user\&.
125 if a shell could not be found by any above method\&.
128 If the target user has a restricted shell (i\&.e\&. the shell field of this user\*(Aqs entry in
131 /etc/shell), then the
135 environment variable won\*(Aqt be taken into account, unless
140 \fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR
142 Preserve the current environment, except for:
146 reset according to the
158 \(Fo<space><tab><newline>\(Fc, if it was set\&.
161 If the target user has a restricted shell, this option has no effect (unless
163 is called by root)\&.
165 Note that the default behavior for the environment is the following:
175 environment variables are reset\&.
181 is not used, the environment is copied, except for the variables above\&.
192 environment variables are copied if they were set\&.
202 environment variables are set according to the
215 is used, other environment variables might be set by the
225 ha molte opzioni di compilazione; solo una parte di esse potrebbe essere in uso su un determinato sistema\&.
228 The following configuration variables in
230 change the behavior of this tool:
232 \fBCONSOLE\fR (string)
234 If defined, either full pathname of a file containing device names (one per line) or a ":" delimited list of device names\&. Root logins will be allowed only upon these devices\&.
236 If not defined, root will be allowed on any device\&.
238 The device should be specified without the /dev/ prefix\&.
241 \fBCONSOLE_GROUPS\fR (string)
243 List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&.
245 Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&.
248 \fBDEFAULT_HOME\fR (boolean)
250 Indicate if login is allowed if we can\*(Aqt cd to the home directory\&. Default in no\&.
253 \fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&.
256 \fBENV_HZ\fR (string)
258 If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by
259 \fIHZ=\fR\&. A common value on Linux is
263 \fBENVIRON_FILE\fR (string)
265 If this file exists and is readable, login environment will be read from it\&. Every line should be in the form name=value\&.
267 Lines starting with a # are treated as comment lines and ignored\&.
270 \fBENV_PATH\fR (string)
272 If set, it will be used to define the PATH environment variable when a regular user login\&. The value can be preceded by
273 \fIPATH=\fR, or a colon separated list of paths (for example
274 \fI/bin:/usr/bin\fR)\&. The default value is
275 \fIPATH=/bin:/usr/bin\fR\&.
278 \fBENV_SUPATH\fR (string)
280 If set, it will be used to define the PATH environment variable when the superuser login\&. The value can be preceded by
281 \fIPATH=\fR, or a colon separated list of paths (for example
282 \fI/sbin:/bin:/usr/sbin:/usr/bin\fR)\&. The default value is
283 \fIPATH=/bin:/usr/bin\fR\&.
286 \fBENV_TZ\fR (string)
288 If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by
291 \fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example
294 If a full path is specified but the file does not exist or cannot be read, the default is to use
298 \fBLOGIN_STRING\fR (string)
300 The string used for prompting a password\&. The default is to use "Password: ", or a translation of that string\&. If you set this variable, the prompt will no be translated\&.
302 If the string contains
303 \fI%s\fR, this will be replaced by the user\*(Aqs name\&.
306 \fBMAIL_CHECK_ENAB\fR (boolean)
308 Enable checking and display of mailbox status upon login\&.
310 You should disable it if the shell startup files already check for mail ("mailx \-e" or equivalent)\&.
313 \fBMAIL_DIR\fR (string)
315 The mail spool directory\&. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted\&. If not specified, a compile\-time default is used\&.
318 \fBMAIL_FILE\fR (string)
320 Defines the location of the users mail spool files relatively to their home directory\&.
327 variables are used by
331 to create, move, or delete the user\*(Aqs mail spool\&.
334 \fBMAIL_CHECK_ENAB\fR
336 \fIyes\fR, they are also used to define the
338 environment variable\&.
340 \fBQUOTAS_ENAB\fR (boolean)
342 Enable setting of ulimit, umask, and niceness from passwd gecos field\&.
345 \fBSULOG_FILE\fR (string)
347 If defined, all su activity is logged to this file\&.
350 \fBSU_NAME\fR (string)
352 If defined, the command name to display when running "su \-"\&. For example, if this is defined as "su" then a "ps" will display the command is "\-su"\&. If not defined, then "ps" would display the name of the shell actually being run, e\&.g\&. something like "\-sh"\&.
355 \fBSU_WHEEL_ONLY\fR (boolean)
358 \fIyes\fR, the user must be listed as a member of the first gid 0 group in
362 on most Linux systems) to be able to
364 to uid 0 accounts\&. If the group doesn\*(Aqt exist or is empty, no one will be able to
369 \fBSYSLOG_SU_ENAB\fR (boolean)
371 Enable "syslog" logging of
373 activity \- in addition to sulog file logging\&.
376 \fBUSERGROUPS_ENAB\fR (boolean)
378 Enable setting of the umask group bits to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007) for non\-root users, if the uid is the same as gid, and username is the same as the primary group name\&.
383 will remove the user\*(Aqs group if it contains no more members, and
385 will create by default a group with the name of the user\&.
391 informazioni sugli account utente\&.
396 Informazioni sicure sugli account di utenti\&.
401 Shadow password suite configuration\&.