GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
RUNAS(1) FreeBSD General Commands Manual RUNAS(1)

RUNAS - Run commands as another user

runas username [su flags] command [arguments]
asroot [su flags] command [arguments]

runas is a simple wrapper around su to add convenience for running commands as another user.

asroot command is equivalent to runas root command.

The primary goal is to make su convenient enough to serve as a substitute for sudo. Several serious security bugs have been discovered in sudo including one that persisted for about a decade before being publicized. In addition, configuring multiple sudo users increases the odds for hackers cracking a password that gives them root access.

The su command is commonly used to run a shell session as another user. However, if we only intend to run a single command as that user, it is better for security if we do not start a shell, which we might forget to close. This is the primary argument for using sudo instead of su. We actually can use su to run a single command, but it is a bit cumbersome as it requires additional flags as well as quotes around commands with any arguments, e.g.

su -l root -c 'command -flag arg1 arg2'

The runas command simply eliminates the annoying cruft:

runas root command -flag arg1 arg2

The runas command differs from sudo in the following ways:

o It requires the target user's password rather than the password of the invoking user. This means that there is only one password to allow root access and helps prevent that password from being forgotten. Users of sudo often forget or never know the root password, which can become a problem if it is misplaced and needed for some reason (such as a sudo user's account becoming inaccessible).

o It does not require any system configuration. To run a command as another user, one must simply know the password (unless invoking runas as root, of course).

o It does not cache passwords: Every invocation requires the target user's password.

su, sudo

Please report bugs to the author and send patches in unified diff format. (man diff for more information)

J. Bacon
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.