Sometimes, one user must assume the identity of another. For example, you might sit down at a friend’s terminal and want access to one of your protected files. Rather than forcing you to log your friend out and log yourself in, Unix gives you a way to change your user ID temporarily: the su command, which is short for “substitute user.” The su command requires that you provide the password of the user to whom you are changing.

For example, to change yourself from tim to john, you might type:

% whoami
tim 
% /bin/su john
password: fuzbaby

% whoami
john 
%

You can now access john’s files. (And you will be unable to access tim’s files, unless those files are specifically available to the user john.)

The most common use of the su command is to invoke superuser access. For example, if you are the system administrator and Rachel needs her password reset, you could reset the password by becoming the superuser and then using the passwd command:

$ /bin/su
Password: rates34
# passwd rachel
Changing local password for rachel.
New password:mymy5544
Retype new password:mymy5544
passwd: updating the database...
passwd: done
# exit
%

This will be discussed at length in Section 5.3.2.