SYNOPSIScalife [file ... ] [login ]
... [file ... ] [login ] for some sites (check with your administrator).
DESCRIPTIONCalife requests user's own password for becoming login (or root if no login is provided), and switches to that user and group ID after verifying proper rights to do so. A shell is then executed. If calife is executed by root, no password is requested and a shell with the appropriate user ID is executed.
The invoked shell is the user's own except when a shell is specified in the configuration file calife.auth
If ``-'' is specified on the command line, user's profile files are read as if it was a login shell.
This is not the traditional behavior of su
Only users specified in calife.auth can use calife to become another one with this method.
You can specify in the calife.auth file the list of logins allowed for users when using calife See calife.auth5 for more details.
calife.auth is installed as /etc/calife.auth
- List of users authorized to use calife and the users they can become.
- This script is executed just after getting out of calife
ENVIRONMENTThe original environment is kept. This is not a security problem as you have to be yourself at login (i.e. it does not have the same security implications as in su(1)).
Environment variables used by calife
- Default home directory of real user ID.
- Default search path of real user ID unless modified as specified above.
- Provides terminal type which may be retained for the substituted user ID.
- The user ID is always the effective ID (the target user ID) after an su unless the user ID is 0 (root).
The MD5-based crypt(3) function is slower and probably stronger than the DES-based one but it is usable only among FreeBSD 2.0+ systems.
HISTORYA calife command appeared in DG/UX, written for Antenne 2 in 1991. It has evolved considerably since this period with more OS support, user lists handling and improved logging.
PAM support was introduced in 2005 to port it to MacOS X variants (Panther and up).
AUTHOROllivier Robert <[email protected]>