Re: user login question (summary)

From: Gora Dasgupta <>
Date: Fri May 05 2006 - 00:24:06 EDT
Hi Jim,

Thankx a lot for your reply.. I got a very good explanation from Brad 
Morrison, given below..

Yes. Root can still su, because su is different from sudo:
su is part of Solaris (and any UNIX system)
sudo is an open-source program that is usually used to let users run su, but 
it can also be used to let users run any set of programs...Your reading of 
the published sudo rule is correct: Only joe can invoke the su command by 
using sudo. Anyone can run su at any time, but unless he or she knows the 
password for the other account, it won't work. Sudo lets you run su (or any 
other program) and asks for your password...Sudo has nothing to do with 

That is what I looking for...

Gora Dasgupta

>From: "Jim Langston" <>
>To: "Gora Dasgupta" <>
>Subject: Re: user login question (summary)
>Date: Thu, 04 May 2006 06:21:53 -0400
>My set up only allows user joe to su into the user psoft.
>I also have an entry in my sudoers file for root:
>root   ALL = (ALL) ALL
>so yes root can still su to any user.  Hope this helps.
> >>> "Gora Dasgupta" <> 5/4/2006 2:50 AM >>>
>Hi Langston,
>I already go through your question and summary on sunmanagers site. I
>understand your question but not very clear with your summary. In my
>understanding your question is how a perticuler user like joe only
>his effective user id (using su command). In your system already sudo
>And you create one Cmnd_List named PSOFT who execute the su command
>the appropiate entry in sudoers file. you put joe in the PSOST group.
>As per your mail you put the entry in sudoers file below..
>Cmnd_Alias        PSOFT=/usr/bin/su
>joe        ALL=PSOFT
>That means only joe user can invoke the su command.
>Now can root user able to execute the su command? We are not editing
>thing in /etc/default/login file and there is not below entry in
>root           ALL = (ALL) ALL
>Hope you will help me in my learning experience.
>Gora Dasgupta
