NAME

msu - Passwordless mini (or mono) su access

SYNOPSIS

msu [account]

DESCRIPTION

msu grants passwordless access to accounts specified in msu.conf. It can be used as a login shell to provide multiple users with access to a single account, each with their own 'login' and 'password', or as convenient access to a shared account. It sets the uid and gid to that of the destination account but does not revoke any existing group membership.

If given an account msu will check the msu.conf file to ensure that the current user has access to the specified account.

If invoked without arguments msu will su to the first destination account in msu.conf to which the current user has access.

msu will syslog all attempts, successful or not.

FILE FORMAT

Each line in msu.conf is of the form:
destination_account:path_to_shell:account1,account2,account3

FILES

${PREFIX}/etc/msu.conf

ENVIRONMENT

msu sets the following environment variables.

HOME
The home directory of the destination user - taken from the password entry.

OLD_USER
Any previous value of the USER variable.

SHELL
The pathname to the shell, as specified in msu.conf.

USER
The accountname of the destination user.
msu also removes LD_PRELOAD and similar variables from the environment.

EXAMPLES

Sample msu.conf file:
web:/bin/tcsh:fu,bar,bundy
pgsql:/bin/tcsh:fu,man,chu

AUTHORS

David Brownlee .

CAVEATS

msu does not sanitise the rest of the environment.