SU(1)                     BSD General Commands Manual                    SU(1)

NNAAMMEE
     ssuu -- substitute user identity

SSYYNNOOPPSSIISS
     ssuu [--KK | ----nnoo--kkeerrbbeerrooss] [--ff] [--ll | ----ffuullll] [--mm] [--ii _i_n_s_t_a_n_c_e |
        ----iinnssttaannccee==_i_n_s_t_a_n_c_e] [--cc _c_o_m_m_a_n_d | ----ccoommmmaanndd==_c_o_m_m_a_n_d] [_l_o_g_i_n [_s_h_e_l_l
        _a_r_g_u_m_e_n_t_s]]

DDEESSCCRRIIPPTTIIOONN
     ssuu will use Kerberos authentication provided that an instance for the
     user wanting to change effective UID is present in a file named _._k_5_l_o_g_i_n
     in the target user id's home directory

     A special case exists where `root's' _~_/_._k_5_l_o_g_i_n needs to contain an entry
     for: `user/<instance>@REALM' for ssuu to succed (where <instance> is `root'
     unless changed with --ii).

     In the absence of either an entry for current user in said file or other
     problems like missing `host/hostname@REALM' keys in the system's keytab,
     or user typing the wrong password, ssuu will fall back to traditional
     _/_e_t_c_/_p_a_s_s_w_d authentication.

     When using _/_e_t_c_/_p_a_s_s_w_d authentication, ssuu allows `root' access only to
     members of the group `wheel', or to any user (with knowledge of the
     `root' password) if that group does not exist, or has no members.

     The options are as follows:

     --KK, ----nnoo--kkeerrbbeerrooss don't use Kerberos.

     --ff don't read .cshrc.

     --ll, ----ffuullll simulate full login.

     --mm leave environment unmodified.

     --ii _i_n_s_t_a_n_c_e, ----iinnssttaannccee==_i_n_s_t_a_n_c_e root instance to use.

     --cc _c_o_m_m_a_n_d, ----ccoommmmaanndd==_c_o_m_m_a_n_d command to execute.

HEIMDAL                        January 12, 2006                        HEIMDAL