[rescue] mesg: cannot change mode

Bill Bradford rescue at sunhelp.org
Tue Nov 27 12:13:59 CST 2001 

On Tue, Nov 27, 2001 at 12:23:25PM -0500, Loomis, Rip wrote:
> 3.  When logged in as root, you should almost *never* do a
>     "su - username"--because that will give you rootly powers
>     but a configuration decided upon by an untrusted user.
>     Since all the trusted users (admins) should be logging in
>     as themselves and then using sudo, the only time anyone
>     might su to a non-root account would be to check things
>     out or fix something in that account...and it's a bad idea
>     to assume that the non-root account is trustworthy.

Uh, "su - username" is the same as logging in as "username".

Maintenance Commands                                       su(1M)

NAME
     su - become super user or another user

SYNOPSIS
     su [ - ]  [  username   [  arg ...  ]  ]

DESCRIPTION
     The su command allows one to  become  another  user  without
     logging  off  or  to assume a role. The default user name is
     root (super user).

     To use su, the appropriate password must be supplied (unless
     the invoker is already root). If the password is correct, su
     creates a new shell process that has the real and  effective
     user  ID,  group  IDs,  and  supplementary group list set to
     those of the specified username. The new shell will  be  the
     shell  specified  in  the shell field of username's password
     file entry (see  passwd(4)).   If  no  shell  is  specified,
     /usr/bin/sh is used (see sh(1)). To return to normal user ID
     privileges, type an EOF character (<CTRL-D>) to exit the new
     shell.

<snip>

EXAMPLES

     Example 1: Becoming User bin While Retaining Your Previously
     Exported Environment

     To become user bin while retaining your previously  exported
     environment, execute:

     example% su bin

     Example 2: Becoming User bin and  Changing  to  bin's  Login
     Environment

     To become user bin but change the environment to what  would
     be expected if bin had originally logged in, execute:

     example% su - bin

     Example 3: Executing command with user bin's Environment and
     Permissions

     To execute command with the temporary environment  and  per-
     missions of user bin, type:

     example% su - bin -c "command args"


etc.  If I am root, and "su - mrbill", I *become* mrbill, at least
until I exit that shell.  

Bill

-- 
Bill Bradford
mrbill at mrbill.net
Austin, TX

More information about the rescue mailing list