.\" @(#) root.1 .\" .DA "Jan 24, 1990" .TH ROOT 1 "1.0" .SH NAME root \- temporarily become super user .SH SYNOPSIS .B root [ .B -nlhS ] [ .B -u user ] [ .B -s shell ] [ name=value ] ... [command args ] .br .B root [ .B -nlhS ] [ .B -u user ] [ .B -s shell ] .B -c command-string .br .SH DESCRIPTION When called with no arguments .I root switches to super user id (executable must be setuid to root) and then spawns a new user shell. The shell name is obtained from the user's SHELL environment variable. If SHELL is not set, the user's password entry in .I "/etc/passwd will be parsed for the login shell. Note that unless either option .B -S or .B -s is given the invoking user's shell will be taken instead of the configured super user's shell. With option .B -S SHELL will be ignored and only the target user's password entry will be consulted. The option .B -s allows the direct specification of a shell not mentioned in any configuration file. .PP If a .B command is given, root does not spawn a shell but invokes the specified command immediately with super user permissions. No shell will be started so that .I root returns after the command has finished. .PP In either case, option .B -h will cause .I root to switch to the user's home directory first. .PP If option .B -c is given, the command will be executed through the user's shell which is determined as described above. The option .B -c will be passed to the shell by convention. This will work with .I "/bin/sh and .I "/bin/csh and most other shells as well. Using the .B -c option, a complete pipeline can be executed with super user permission. Note that .I string must be quoted when invoked from the shell, because the executing shell expects the commands to be contained in one single argument. .PP On startup .I root looks for a file named .B .rootenv in the users home directory. This file contains environment strings to be set, before the new shell or command is spawned. .B .rootenv is normally used to set environment variables like PATH, LOGNAME, MAIL or HOME. When option .B -n is given, the .B .rootenv file will be ignored. .SS "Switching To Other User IDs" .PP When option .B -u is given, the corresponding user and group id will be used instead of superuser id's. When option .B -u is used, a file named .B .userenv will be processed instead of .B .rootenv where "user" will be replaced by the given user name. However, .I root must be installed with setuid root in order to switch to the new user and group id. .PP When .I root is called by a name beginning with a .B + character a name following it, that name will be the default. (For example, .B +uucp will automatically switch to the uucp login id's. .PP Any string preceding command containing a "=" will also be added to the environment. These strings will perhaps replace strings previously set by the .B .rootenv file. When an environment string starts with a ~ character, the named string will be deleted from the current environment. .PP Note that option .B -h will work with different user ID's also. .SS "Making root public available" Please note that having .I root installed may be a serious security hole in your system. Anybody who is permitted to execute .I root may switch to super user permissions immediately. In opposition to programs like su(1), .I root does no password checking. .PP On startup, .I root tries to read a configuration file named .BR /etc/root.conf . This file contains information about which user is permitted to switch to which user id. Don't forget that when a user may switch to super user (root) permission he may read and write any file in your system. .PP Every line in .R /etc/root.conf contains a user name identifying the invoking user and a comma- separated list of one or more user names specifying the target user ids. These two areas must be separated by white space. A target user named "*" means every user. There may be more than one line for every user although this is not recommended. .PP Suppose the following entries in .BR /etc/root.conf : .PP john *,default:root .br brian uucp,news .PP This means that user john may switch to every user id, while user brian's access is limited to the uucp and news login. This allows UUCP and Usenet Administration for user brian without giving him access to all files in the system. If .I root is invoked by the name "+", no target user name has been specified and so .I root looks for an appropriate "default:"-entry. For user john, this is "root" but it could be any other user name too. .PP Note that when a user may switch to user "root", he may obtain every other user id too using su(1M) or similar tools. For that reason, .I root does no configuration file checking, when the invoking user is the super user. .SH AUTHOR Tim Pritlove .SH FILES /etc/root.conf .br $HOME/.rootenv .br $HOME/.userenv .SH NOTES This command must be used with care because it may become a real security hole in your system if the program will be executable by a set of users. .PP root should be installed in a safe place, where only one or a few user may access it or otherwise in a public directory with executable permissions allowed only for a trusted group. .PP Because environment string processing is done before resolving the user's shell, a different shell may be used by giving a new SHELL environment string. .SH EXAMPLES To edit the .I "/etc/passwd file with super user permissions, simply type .PP + vi /etc/passwd .PP The command line .PP + SHELL=/bin/sh sh_script .PP makes sure, that .I "/bin/sh will be used to process the .I sh_script shell script. .PP By putting the lines .PP PATH=/bin:/usr/bin:/etc .br LOGNAME=root .br MAIL=/usr/spool/mail .br HOME=/ .PP into the .B ".rootenv" configuration file you are making sure, that you are working as the super user as if you had logged in directly as root. This method is therefore identical to invoking the command .I "su\ -" but you don't have to reenter the password every time. .PP The command line .PP +uucp crontab -l .PP will list uucp's current crontab file. Similar actions may be taken by linking .I root to appropriate user names (e.g. +uucp or +lp). .SH ENVIRONMENT .IP POSIXLY_CORRECT To parse the command line options, this program uses the .BR getopt(3) routines, which are not POSIX conform on GNU systems, as long as this variable is not set. If it is set, parsing stops as soon as a parameter is found that is not an option or an option argument for this program. All remaining parameters are also interpreted as non-option parameters, regardless whether they start with a .RB ` - '. To avoid typying a lot of ` -- ', it is highly recommended, to set this variable. .SH SEE ALSO passwd(1), passwd(5), su(1), getopt(1), getopt(3) .SH BUGS .I root does not handle entries in .I /etc/passwd containing an asterisk (*) in the shell field. These entries will be handled properly only by .I login(1m) at login time. They are used in order to change the root directory to the value given in the directory field and to retry the login process assuming there exists an appropriate file system structure in this new root directory. .PP .I root will produce an error "No such file or address" or something similar.