Plan 9 from Bell Labs’s /usr/web/sources/contrib/arisawa/su/readme

Copyright © 2021 Plan 9 Foundation.
Distributed under the MIT License.
Download the Plan 9 distribution. 


*	su for Plan 9 4th ed.
*	ver.1.5
*	update: 2005/01/28
*	auther: Kenar (Kenji Arisawa)
*	E-mail: arisawa@aichi-u.ac.jp

Here is Plan 9 su command.
Plan 9 already has a command "auth/login".
However the command is assumed to be run only on the authentication server.
On the other hand my su command can be run on any Plan 9 environment, i.e.,
terminal, cpu server, as well as authentication server.

Su is similar to Unix su command but it will gives you more
comfortable life, because Plan 9 su has an interface to factotum.

usage: su [-Dfnuw]  [-p password]  [user [cmd arg ...]]
options:
-D: debug
-f: force authentication if  hostowner is reliable. (look /lib/ndb/auth)
-n: you stay in your namespace
-u: you keep uid
-w: nowait
-p passwd: password for user. allowed only for hostowner.
-p. : password will be prompted
password is visible in the screen of terminal
sorry for my laxness ...

In most cases su is simply executed like:
	su alice
in all environment such as on terminal, on cpu servers and auth server.
password will be prompted automatically if required.

hostdomain is required for su.
if you are hostowner, you can set hostdomain by
	term% echo -n aichi-u.ac.jp >/dev/hostdomain
if /dev/hostdomain is not set, hostdomain value will be also prompted:
	term% su alice
	hostdomain: aichi-u.ac.jp
	password: xxxxx
These value is pushed into factotum.

We have two type of ownership:
1. owner of a process
ps | grep ps
2. owner of a file
touch foo; ls -l foo

- Host owner of terminal with 9pcf or 9pcdisk kernel can be any user without  password.
- Host owner of auth server with 9pcauth kernel can be any user without  password.
- Host owner of a cpu server with 9pccpu kernel can be any user without  password.
- Host owner of a terminal with 9pc kernel can be any user without password.
           However namespace is not be established.
- Any user can be su'ed with password both as process owner and file owner.

If something weird, check the followings:
- registered in /adm/user ?   push them to user table
- isn't in noworld ?  look /adm/user,  push them to user table
- rejected ?  look /lib/ndb/auth
- real user ?  look /usr/$user
- has he profile ? look /usr/$user/profile
- is password given ? look /mnt/keys/$user of auth server.

Ref:
- cap(3)
- sechash(2)
- auth(2)
- mount(2)
- amount(2)
- factotum(4)
- /sys/src/cmd/auth
- /sys/src/cmd/auth/cron.c
- /sys/src/cmd/cpu.c
- /sys/src/cmd/mount.c
- /sys/src/libauth
- /sys/src/libauth/auth_chuid.c
- /sys/src/libauth/login.c
- /sys/src/libauth/auth_userpasswd.c

Bell Labs OSI certified Powered by Plan 9

(Return to Plan 9 Home Page)

Copyright © 2021 Plan 9 Foundation. All Rights Reserved.
Comments to webmaster@9p.io.