How can we run a command as a normal user when the system is restarted:
su -l username -c 'command'
Put the above line into /etc/rc.local. Not sure if this has any undesired consequences (for example, on commands that get run after this command, or whether this command will lock up the system for whatever reason).
How can we su to a user who does not have a login shell?
Some users are configured in such a way that they do not normally have a login shell. These users are normally created to run a software as a non-root user (for security reason). From a command line, to perform task using this user account:
- Log into the system as root
- su -s /bin/sh
The -s option specifies the shell.
How can we run a command as another user?
su root -c "command" // run a command as root
How can we limit access to su?
BSD limit access to su to member of group 0 (the wheel group). Under SunOS, if the wheel group has null user list in the group file (/etc/group) then any user may su to root; otherwise only member of the wheel group can use it.
lsuser -a sugroup root // list groups that can su root chuser sugroups="system admin" root // limit groups that can su root