1) the user su is targeting
2) the user executing the su command (or any groups he might be a member of)
Filen är i följande format, med de rader som inleds med # behandlas som kommentarsrader och ignoreras;
till-id:från-id:ÅTGÄRD
Where to-id is either the word ALL, a list of usernames delimited by "," or the words ALL EXCEPT followed by a list of usernames delimited by ",".
from-id is formatted the same as to-id except the extra word GROUP is recognized. ALL EXCEPT GROUP is perfectly valid too. Following GROUP appears one or more group names, delimited by ",". It is not sufficient to have primary group id of the relevant group, an entry in /etc/group(5) is necessary.
Åtgärden kan endast vara en av följande för närvarande stödda flaggor.
DENY
NOPASS
OWNPASS
Note there are three separate fields delimited by a colon. No whitespace must surround this colon. Also note that the file is examined sequentially line by line, and the first applicable rule is used without examining the file further. This makes it possible for a system administrator to exercise as fine control as he or she wishes.
# exempelfil för /etc/suauth
#
# Ett par priviligerade användarnamn som
# kan su till root med sina egna lösenord.
#
root:bosse,birddog:OWNPASS
#
# Alla andra kan inte su till root om de inte finns
# gruppen wheel. Det är så BSD gör saker.
#
root:ALL EXCEPT GROUP wheel:DENY
#
# Kanske terry och birddog är konton som
# ägs av samma person.
# Tillgång kan ges mellan dem utan
# lösenord.
#
terry:birddog:NOPASS
birddog:terry:NOPASS
#
/etc/suauth
There could be plenty lurking. The file parser is particularly unforgiving about syntax errors, expecting no spurious whitespace (apart from beginning and end of lines), and a specific token delimiting different things.
An error parsing the file is reported using syslogd(8) as level ERR on facility AUTH.
su(1).