Clearly, you want behaviour OTHER than what normally happens when users call su -. I would recommend writing a small alias or script to let people issue INSTEAD of su - when you want this functionality. You may want to examine the funtionality of env, a command which allows you to create a clean execution environment and populate it ground up with exactly the variables you want and nothing else. Then you can have whatever sort of artificial root environment to designate the special status of having logged in as a luser and magically 'su'ed to root.
Of course, this DOES mean that you'll have to send a memo around explaining the new command everybody is supposed to use. And that, in turn, means that people will complain and do it wrong a whole bunch. Of course, people who are given to whining and getting things wrong are not high on my list of users to add to the wheel group... Erik Johnson On Tue, Mar 3, 2009 at 8:38 AM, Marco Bosisio <marco_bosi...@it.ibm.com> wrote: > Hi John, > the 'profile.local' launch 'script _xxx' and it checks "$TERM" > : only if set to ' XTERM' it continue. > (I prefer that "profile.local" remains simple and only contain > the call to 'script_xxx' with complex code) > > 1) This is the secondary console where root is always active of a > Linux/zVM : > > UID PID PPID C STIME TTY TIME CMD > root 1342 1 1342 1342 0 Jan28 ttyS0 00:00:00 /bin/sh > --login > > And 'dumb' is the content of "$TERM" of SuSE SLES8 - SLES9 - > SLES10, REDHAT AS 4 : > > echo $TERM > dumb > lx1iard0:/ # > > In this case the 'script_xxx' cannot be executed. > > > 2) When an user is logged via SSH/Putty 'xterm' is the content of > "$TERM" : > > lx1iard0:~ # echo $TERM > xterm > > In this case the 'profile.local' launch the 'script_xxx' and it can > continue. > > > 3) When I use ' su - ' I would like that the 'profile.local' > launch 'script_xxx' but it ( 'script_xxx') has to check something > (???) and I can chose if terminate or take another way. > > Ciaoo.... > > Cordiali saluti / Best regards > > Marco Bosisio IBM Italia S.p.A > > > > > > John Summerfield <deb...@herakles.homelinux.org> > Sent by: Linux on 390 Port <LINUX-390@VM.MARIST.EDU> > 03/03/2009 13.09 > Please respond to > Linux on 390 Port <LINUX-390@VM.MARIST.EDU> > > > To > LINUX-390@VM.MARIST.EDU > cc > > Subject > Re: Which user env. variable tell me that it is in "su - " mode ? > > > > > > > Marco Bosisio wrote: >> Hi, >> do you know wich user environment variable I have to test (executing >> a bash script) to know when I am in "su -" (switch user mode) ? >> >> >> Reading variables provided by "env" command then testing $TERM I >> am able to know if not a Linux terminal : > > That probably isn't as useful as you think, TERM can have almost any > value. > See man(1) tty > > > for what I think you want. > > Also, to test whether you're root, man(1) id. > To test whether you can write a particular file, > test --help > eg > test -w /bin/bash > > It's preferable to test for the relevant capability, you may have some > security software (eg selinux) that prevents even root from doing some > things. > > > > > -- > > Cheers > John > > -- spambait > 1aaaa...@coco.merseine.nu z1aaaa...@coco.merseine.nu > -- Advice > http://webfoot.com/advice/email.top.php > http://www.catb.org/~esr/faqs/smart-questions.html > http://support.microsoft.com/kb/555375 > > You cannot reply off-list:-) > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or > visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > > > IBM Italia S.p.A. > Sede Legale: Circonvallazione Idroscalo - 20090 Segrate (MI) > Cap. Soc. euro 400.001.359 > C. F. e Reg. Imprese MI 01442240030 - Partita IVA 10914660153 > Società soggetta all?attività di direzione e coordinamento di > International Business Machines Corporation > > (Salvo che sia diversamente indicato sopra / Unless stated otherwise > above) > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390