table of contents
CALIFE(1) | General Commands Manual | CALIFE(1) |
NAME¶
calife
—
becomes root (or another user) legally.
SYNOPSIS¶
calife |
[ - ]
[login ]
or |
... |
[ - ]
[login ] for some
sites (check with your administrator). |
DESCRIPTION¶
Calife
requests
user's own password for becoming
login (or
root, if no login is provided), and switches
to that user and group ID after verifying proper rights to do so. A shell is
then executed. If calife
is executed by
root, no password is requested and a shell with the appropriate user ID is
executed.
The invoked shell is the user's own except when a shell is specified in the
configuration file calife.auth
.
If ``-''
is specified on the command line,
user's profile files are read as if it was a login shell.
This is not
the traditional behavior of
su
.
Only users specified in calife.auth
can use
calife
to become another one with this
method.
You can specify in the calife.auth
file the
list of logins allowed for users when using
calife
. See
calife.auth(5) for more details.
calife.auth
is installed as
/etc/calife.auth.
FILES¶
- /etc/calife.auth
- List of users authorized to use
calife
and the users they can become. - /etc/calife.out
- This script is executed just after getting out of
calife
.
SEE ALSO¶
su(1), calife.auth(5), group(5), environ(7)ENVIRONMENT¶
The original environment is kept. This isnot
a security problem as you have to be yourself at login (i.e. it does not have
the same security implications as in su(1) ).
Environment variables used by calife
:
HOME
- Default home directory of real user ID.
PATH
- Default search path of real user ID unless modified as specified above.
TERM
- Provides terminal type which may be retained for the substituted user ID.
USER
- The user ID is always the effective ID (the target user ID) after an
su
unless the user ID is 0 (root).
BUGS¶
The MD5-based crypt(3) function is slower and probably stronger than the DES-based one but it is usable only among FreeBSD 2.0+ systems.HISTORY¶
Acalife
command appeared in DG/UX, written
for Antenne 2 in 1991. It has evolved considerably since this period with more
OS support, user lists handling and improved logging.
PAM support was introduced in 2005 to port it to MacOS X variants (Panther and
up).
AUTHOR¶
Ollivier Robert <roberto@keltia.freenix.fr>September 25, 1994 | Debian |