sesu
In the [sesu] section, the tokens control logging on as a user other than yourself, without having to enter the password of the other user.
capamsc141
In the [sesu] section, the tokens control logging on as a user other than yourself, without having to enter the password of the other user.
- AlwaysTargetShellDetermines whether to use the target shell (SysV style) or the invoker shell (BSD style). If yes,PAM Server Controluses the target user shell.Valid values are yes and no.Default:no
- FilterEnvSpecifies a list of environment variables that sesu does not pass to the shell when the target user is root. Separate variable names with spaces or tabs.No default.
- old_sesuDetermines whether the old or new sesu utility is used.Valid values include the following:yes-Use the old sesu utility as it was in previous versions.no-The new sesu utility calls the native su program (as defined in the SystemSu token) to ensure consistency between su and sesu. If the SystemSu token is not valid, sesu reverts to the old mechanism.If this token is set to no, the tokens Path, AlwaysTargetShell, sys_env_file, and FilterEnv are ignored.Default:yes
- PathSpecifies the value that sesu uses to set the PATH environment variable. If the token is not set, sesu does not set the PATH variable.No default.
- request_target_passwordSpecifies whether to request the password of the target user when theold_sesutoken is set to no and the user is executing sesu for a non-root user.Default:yes
- UseStrongAuthenticationSpecifies whether sesu requests the users to strongly authenticate themselves by providing a One Time Password.Note:Define the authentication server in the strong_auth_server token of the strong_auth section.Valid values:yes, noDefault:no
- sys_env_fileSpecifies an ASCII file containing environment variable values for the sesu session. This token is relevant only when starting sesu with the - parameter (sesu -). The format for each line of the file isvariable=value.Default:None (except for IBM AIX where it is/etc/environment)
- SystemSuSpecifies the location of the /bin/su program. Update this token if you use a program in a location other than the default location. When sesu cannot find the authorization daemon, it executes the program specified in this token.On AIX, replace the system su binary with a symbolic link to the sesu wrapper instead of the sesu binary.Default:/bin/su
- UseInvokerPasswordDetermines whether sesu requires the invokers to specify their own passwords. If the token value is no, sesu does not require any password.Default:no