Previous Table of Contents Next

Module 127


The external su command lets you become another user without logging off the system. The password of the new user name must be supplied unless you are super-user. Super-user can su to any user name without knowing the user's password. You can use su to log in as a new user with a new user ID and environment or to just take on a new user ID.


Following is the general format of the su command.

      su [ -] [ user_name [ -c cmdstring | -r cmdstring ]

BSD (Berkeley)
su [ -f] [ -] [ user_name ]


The following list describes the options that may be used to control how su functions.

- Informs su to use the new user_name's environment as if you had logged in as that user. The default is to pass your current environment with the possible exception of $PATH. The - specifies that arg0 should have a hyphen placed in front of it. This tells the login shell that you are initially logging in to the system. The login shell will check arg0 for a hyphen and, if found, execute /etc/profile and the new user_name's .profile.

C Shell
The C shell reads the .login and .cshrc shell when the shell is a login session.

-c Su passes the string that follows the -c as a command line to the new user_name's shell. Refer to cmdstring in the argument section.
-r Same as -c except a restricted shell is executed.

BSD (Berkeley)
-f Causes the csh to skip the execution of the .cshrc file. This allows for a faster login but does not set up all environment variables residing in the .cshrc file.
- Forces a simulated full login.


The following list describes the arguments that may be passed to the su command.

user_name A valid user name (login name).
cmdstring A shell command that will be passed to the new environment and executed by the new user_name shell.

BSD (Berkeley)
If no user_name is specified, "root" is assumed. A number sign is substituted in place of the normal super-user prompt.


su executes a new shell or program defined in the shell field (field 7) of the /etc/passwd file of the specified user. The real and effective user ID and group ID will be set according to the new user. To exit the new environment press Ctrl-D or type exit. You will return to your previous shell.

Each attempt to su to a different user_name is logged in the su log file, /usr/adm/sulog.

BSD (Berkeley)
Without any options su starts a new shell as specified in the shell field of the /etc/passwd file without changing your current directory. Your environment does not change except for HOME and SHELL, which are reset to the values found in the /etc/passwd file.


Refer to env, login, passwd, and ksh described in modules 41, 77, 99, and 72, respectively.


The following files are read or updated by the su command.

/etc/motd Message of the day file, displayed during login.
/etc/passwd System password file.
/etc/profile System profile, read by login shell to set up environment.
$HOME/.profile New user's profile, read by login shell to set up environment.
/var/adm/sulog Log file for each attempt to su to a different user name.
$HOME/.cshrc Read at beginning of execution by each shell.
$HOME/.login Read by your login shell to set up environment.


The su command is used to change to a new environment without losing your current shell environment. By using su you can become a different user while leaving your current environment alone. When you finish in the new environment you simply return to your previous shell environment.

Sometimes confusion arises about when to use su and when to use login. The login command execs a new shell, completely replacing the current environment and shell. The su command spawns a new shell, overlaying the current environment. If you use su, you can return to the previous environment. If you use login, you cannot return to the previous environment because it no longer exists.

Single shell commands can be passed to a different user's environment and executed with that user's user ID, group ID, and environment.


In this activity you use the su command to log in as yourself. Using the env command you will see how the environments are affected.

1.  Type export TEST_VAR="Some value" and press Return.

C Shell
Type setenv TEST_VAR_"Some value" and press Return.

2.  Type env | col and press Return. Make a mental note of your environment to compare to the next few illustrations. If convenient, print a copy by typing env | col | lp and pressing Return. Notice the value of TEST_VAR.

C Shell
Type prinenv | col and press Return.

3.  Type su mylogin and press Return. Type your password and press Return. Notice the display on your screen; it resembles your initial login sequence.
      cj> su mylogin
4.  Type env | col and press Return. Notice your environment is exactly the same as before. Particularly, the TEST_VAR value is unchanged.

C Shell
Type printenv | col and press Return.

5.  Type exit or press Ctrl-D to exit su and return to your login shell.
6.  Type su - mylogin -c env and press Return. Notice the output of the env command is displayed on your screen but you did not remain logged in as yourself. Because you used a - (hyphen) the environment was changed as if you had just logged in; no variables were passed to the su shell.

C Shell
Type su - mylogin -c printenv and press Return.

7.  Turn to Module 45 to continue the learning sequence.

Previous Table of Contents Next