Sometimes, one user must assume the identity of another. For example, you might sit down at a friend’s terminal and want access to one of your protected files. Rather than forcing you to log your friend out and log yourself in, Unix gives you a way to change your user ID temporarily: the su command, which is short for “substitute user.” The su command requires that you provide the password of the user to whom you are changing.
For example, to change yourself from tim to john, you might type:
/bin/su johnpassword: fuzbaby %
You can now access john’s files. (And you will be unable to access tim’s files, unless those files are specifically available to the user john.)
The most common use of the su command is to invoke superuser access. For example, if you are the system administrator and Rachel needs her password reset, you could reset the password by becoming the superuser and then using the passwd command:
/bin/suPassword: rates34 # passwd rachel Changing local password for rachel. New password:mymy5544 Retype new password:mymy5544 passwd: updating the database... passwd: done # exit %
This will be discussed at length in Section 5.3.2.
Processes on Unix systems always have at least two identities. Normally, these two identities are the same. The first identity is the real UID. The real UID is your “real identity” and matches up (usually) with the username you ...