Man Linux: Main Page and Category List

NAME

     calife - becomes root (or another user) legally.

SYNOPSIS

     calife [-] [login]

            or

     ... [-] [login] for some sites (check with your administrator).

DESCRIPTION

     Calife requests users own password for becoming login (or root, if no
     login is provided), and switches to that user and group ID after
     verifying proper rights to do so.  A shell is then executed.  If calife
     is executed by root, no password is requested and a shell with the
     appropriate user ID is executed.

     The invoked shell is the user’s own except when a shell is specified in
     the configuration file calife.auth.

     If ‘‘-’’ is specified on the command line, user’s profile files are read
     as if it was a login shell.

     This is not the traditional behavior of su.

     Only users specified in calife.auth can use calife to become another one
     with this method.

     You can specify in the calife.auth file the list of logins allowed for
     users when using calife.  See calife.auth(5) for more details.

     calife.auth is installed as /etc/calife.auth.

FILES

     /etc/calife.auth  List of users authorized to use calife and the users
                       they can become.
     /etc/calife.out   This script is executed just after getting out of
                       calife.

SEE ALSO

     su(1), calife.auth(5), group(5), environ(7)

ENVIRONMENT

     The original environment is kept. This is not a security problem as you
     have to be yourself at login (i.e. it does not have the same security
     implications as in su(1) ).

     Environment variables used by calife:

     HOME  Default home directory of real user ID.

     PATH  Default search path of real user ID unless modified as specified
           above.

     TERM  Provides terminal type which may be retained for the substituted
           user ID.

     USER  The user ID is always the effective ID (the target user ID) after
           an su unless the user ID is 0 (root).

BUGS

     The MD5-based crypt(3) function is slower and probably stronger than the
     DES-based one but it is usable only among FreeBSD 2.0+ systems.

HISTORY

     A calife command appeared in DG/UX, written for Antenne 2 in 1991. It has
     evolved considerably since this period with more OS support, user lists
     handling and improved logging.

     PAM support was introduced in 2005 to port it to MacOS X variants
     (Panther and up).

AUTHOR

     Ollivier Robert <roberto@keltia.freenix.fr>