su(1)

NAME

     su -- substitute user identity

SYNOPSIS

     su [-K | --no-kerberos] [-f] [-l | --full] [-m] [-i instance |
        --instance=instance] [-c command | --command=command] [login [shell
        arguments]]

DESCRIPTION

     su will use Kerberos authentication provided that an instance for the
     user wanting to change effective UID is present in a file named .k5login
     in the target user id's home directory

     A special case exists where `root's' ~/.k5login needs to contain an entry
     for: `user/<instance>@REALM' for su to succed (where <instance> is `root'
     unless changed with -i).

     In the absence of either an entry for current user in said file or other
     problems like missing `host/hostname@REALM' keys in the system's keytab,
     or user typing the wrong password, su will fall back to traditional
     /etc/passwd authentication.

     When using /etc/passwd authentication, su allows `root' access only to
     members of the group `wheel', or to any user (with knowledge of the
     `root' password) if that group does not exist, or has no members.

     The options are as follows:

     -K, --no-kerberos don't use Kerberos.

     -f don't read .cshrc.

     -l, --full simulate full login.

     -m leave environment unmodified.

     -i instance, --instance=instance root instance to use.

     -c command, --command=command command to execute.

HEIMDAL                        January 12, 2006                        HEIMDAL