diff options
author | Karel Zak | 2016-08-18 11:12:44 +0200 |
---|---|---|
committer | Karel Zak | 2016-08-18 11:12:44 +0200 |
commit | c424fd834b4845971e9ce5ef3d7325f6f4e6b163 (patch) | |
tree | 72efb5a07df2b5aecc886bc4d775d6fb6c69c967 /login-utils/su.1 | |
parent | tests: fix losetup tests for --nooverlap (diff) | |
download | kernel-qcow2-util-linux-c424fd834b4845971e9ce5ef3d7325f6f4e6b163.tar.gz kernel-qcow2-util-linux-c424fd834b4845971e9ce5ef3d7325f6f4e6b163.tar.xz kernel-qcow2-util-linux-c424fd834b4845971e9ce5ef3d7325f6f4e6b163.zip |
su, runuser, setpriv: create links between man pages
.. and add notes about differences between the utuils.
Reported-by: Lennart Poettering <lennart@poettering.net>
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'login-utils/su.1')
-rw-r--r-- | login-utils/su.1 | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/login-utils/su.1 b/login-utils/su.1 index 5e529ce3d..5d570fb21 100644 --- a/login-utils/su.1 +++ b/login-utils/su.1 @@ -39,6 +39,16 @@ configuration options found in other .B su implementations, such as support for a wheel group, have to be configured via PAM. +.PP +.B su +is mostly designed for unprivileged users, the recommended solution for +privileged users (e.g. scripts executed by root) is to use non-suid command +.BR runuser (1) +that does not require authentication and provide separate PAM configuration. If +the PAM session is not required at all then the recommend solution is to use +command +.BR setpriv (1). + .SH OPTIONS .TP .BR \-c , " \-\-command" = \fIcommand @@ -241,6 +251,7 @@ session required pam_lastlog.so nowtmp .RE .SH "SEE ALSO" .BR runuser (8), +.BR setpriv (1), .BR pam (8), .BR shells (5), .BR login.defs (5) |