HPE Community
Operating System - HP-UX
1836775 Members
2256 Online
110109 Solutions
New Discussion

Forcing the use of the "-" option with su

 
SOLVED
Go to solution
Jody Bennett
Advisor

‎04-15-2004 06:12 AM

‎04-15-2004 06:12 AM

Forcing the use of the "-" option with su

Is there an easy way to force all users to use the "-" option when they use the su command?
"Sometimes you have to jump more than one fence to get out of the pasture."
0 Kudos
Reply
5 REPLIES 5
Jeff Schussele
Honored Contributor

‎04-15-2004 06:16 AM

‎04-15-2004 06:16 AM

Re: Forcing the use of the "-" option with su

Hi Jody,

Sure - I can think of two ways:

1) Set up su - as an alias for su in the /etc/profile file or all user's .profile files.

2)Wrap su with a simple script that forces su -


Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎04-15-2004 06:17 AM

‎04-15-2004 06:17 AM

Re: Forcing the use of the "-" option with su

There are 2 ways I can think of to do this:

1) Do a system-wide alias and alias su to 'su -'.

2) move su to su.orig and write a wrapper script called su. In that script you can check and if the first parameter is not a '-' then you can either display an error message, or go ahead and force the use of 'su -' from within the script.
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎04-15-2004 06:20 AM

‎04-15-2004 06:20 AM

Re: Forcing the use of the "-" option with su

OK, that is scary! Jeff and I with the same exact ideas, in the same order, and damn near the same wording.

NO, I did not read Jeff's response before posting mine.
0 Kudos
Reply
Marvin Strong
Honored Contributor

‎04-15-2004 06:24 AM

‎04-15-2004 06:24 AM

Solution

Re: Forcing the use of the "-" option with su

two quick ways I can think of.

1) create an su wrapper script, for su. and ensure that PATH variable is setup correctly, to use your wrapper instead of su. I would not recommend replacing su with a script that calls your renamed su command as patches may replace su in the future.

2) create an alias in /etc/profile for su
to do what you want.


Reply
Jeff Schussele
Honored Contributor

‎04-15-2004 06:47 AM

‎04-15-2004 06:47 AM

Re: Forcing the use of the "-" option with su

Well you know what they sat Patrick - There's only so many ways to hammer a nail ;~))

And on reflection I think the wrapper is going to be the better solution because if you use the alias & somebody *does* use the dash you'll end up with 2 dashes & an error message.

So I would write the wrapper such that it determines the argument count & if it's 2 then examine $1 & if it's a dash let it through untouched. If the count is 1 and it's a user name then add the dash & issue that command. If it's 1 and it's a dash then that's probably an su up to root & you'd let that go through as well. All in all still not very complex.

My 2 cents,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.