RUNUSER(1)                       User Commands                      RUNUSER(1)



NAME
       runuser - run a command with substitute user and group ID

SYNOPSIS
       runuser [options] -u user command [argument...]

       runuser [options] [-] [ user [argument...]  ]

DESCRIPTION
       runuser  allows  to run commands with substitute user and group ID.  If
       the option -u is not given, falls back to su compatible semantics and a
       shell  is executed.  The difference between the commands runuser and su
       is that runuser does not ask for a password (because it may be executed
       by  the root user only) and it uses a different PAM configuration.  The
       command runuser does not have to be installed with suid permissions.

       When called without arguments, runuser defaults to running an  interac-
       tive shell as root.

       For  backward  compatibility runuser defaults to not change the current
       directory and to only set the  environment  variables  HOME  and  SHELL
       (plus  USER  and LOGNAME if the target user is not root).  This version
       of runuser uses PAM for session management.

OPTIONS
       -c command, --command=command
              Pass command to the shell with the -c option.

       --session-command=command
              Same as -c , but do not create a new session (discouraged).

       -f, --fast
              Pass -f to the shell, which may or may not be  useful  depending
              on the shell.

       -g, --group=group
              specify  the  primary  group, this option is allowed to the root
              user only

       -G, --supp-group=group
              specify a supplemental group, this option is allowed to the root
              user only

       -, -l, --login
              Starts the shell as a login shell with an environment similar to
              a real login:

                 o      clears all the environment variables except for TERM

                 o      initializes the  environment  variables  HOME,  SHELL,
                        USER, LOGNAME, PATH

                 o      changes to the target user's home directory

                 o      sets  argv[0] of the shell to '-' in order to make the
                        shell a login shell

       -m, -p, --preserve-environment
              Preserves the entire environment, i.e. does not set HOME, SHELL,
              USER  nor  LOGNAME.  The option is ignored if the option --login
              is specified.

       -s SHELL, --shell=SHELL
              Runs the specified shell instead of the default.  The  shell  to
              run is selected according to the following rules in order:

                 o      the shell specified with --shell

                 o      The  shell specified in the environment variable SHELL
                        if the --preserve-environment option is used.

                 o      the shell listed in the passwd  entry  of  the  target
                        user

                 o      /bin/sh

              If  the  target  user has a restricted shell (i.e. not listed in
              /etc/shells) the --shell option and the SHELL environment  vari-
              ables are ignored unless the calling user is root.

       --help Display help text and exit.

       --version
              Display version information and exit.

CONFIG FILES
       runuser  reads  the /etc/default/runuser and /etc/login.defs configura-
       tion  files.   The  following  configuration  items  are  relevant  for
       runuser:

       ENV_PATH (string)
           Defines  the  PATH  environment  variable  for a regular user.  The
           default value is /usr/local/bin:/bin:/usr/bin.

       ENV_ROOTPATH (string)
       ENV_SUPATH (string)
           Defines the PATH environment variable for root. The  default  value
           is /usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin.

       ALWAYS_SET_PATH (boolean)
           If set to yes and --login and --preserve-environment were not spec-
           ified runuser initializes PATH.

EXIT STATUS
       runuser normally returns the exit status of the  command  it  executed.
       If  the  command  was killed by a signal, runuser returns the number of
       the signal plus 128.

       Exit status generated by runuser itself:

                 1      Generic error before executing the requested command

                 126    The requested command could not be executed

                 127    The requested command was not found

FILES
       /etc/pam.d/runuser
                        default PAM configuration file
       /etc/pam.d/runuser-l
                        PAM configuration file if --login is specified
       /etc/default/runuser
                        runuser specific logindef config file
       /etc/login.defs  global logindef config file

SEE ALSO
       pam(8), shells(5), login.defs(5), su(1)

AUTHOR
       Derived from coreutils' su which was based on an implemenation by David
       MacKenzie and the Fedora runuser command by Dan Walsh.

AVAILABILITY
       The  runuser command is part of the util-linux package and is available
       from Linux Kernel  Archive  <ftp://ftp.kernel.org/pub/linux/utils/util-
       linux/>.



util-linux                        August 2012                       RUNUSER(1)
