Sux

Serve per cambiare identita' con la possibilita' di usare X (cioe' lo schermo grafico) se non viene indicata alcuna si sottointende quella di root, il funzionamento e' identico a quello di su :

 $ sux

Molte ditribuzioni non lo includono ecco il programma:

 #!/bin/sh
 # Written by Francois Gouget, fgouget@free.fr
 # With many thanks to Daniel Martin and Falk Hueffner for their help
 # Sux is released under the terms of the following license (X11 license)
 # Copyright (c) 2001 Francois Gouget
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
 # in the Software without restriction, including without limitation the rights
 # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 # copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
 #
 # The above copyright notice and this permission notice shall be included in
 # all copies or substantial portions of the Software.
 #
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
 # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, 
 # WHETHERIN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR 
 # IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 
 # How to transfer cookies for root. See the sux_cookie_transfer variable
 # for options. Note that use-xauthority may not work if home directories
 # are on NFS. In such a case, change the default to copy-cookies.
 sux_root_cookie_transfer="c"
 usage()
 {
  echo "usage: `basename $0` [-m|-p|--preserve-environment]" >&2
  echo "           [--display display]" >&2
  echo "           [--no-cookies|--copy-cookies|--use-xauthority]" >&2
  echo "           [--untrusted] [--timeout x]" >&2
  echo "           [-] [username [command]]" >&2
  exit 2
 }
 ##
 # Process the sux options
 sux_su_opts=""
 sux_preserve=""
 sux_got_minus=0
 # "" -> default, n -> no-cookies, c -> copy-cookies, x -> use-xauthority
 sux_cookie_transfer=""
 sux_username=""
 sux_untrusted=""
 sux_timeout=""
 while [ $# -gt 0 ]
 do
   if [ "$sux_got_minus" = "1" ]
   then
     # Username follows "-"
     sux_username="$1"
     sux_su_opts="$sux_su_opts $1"
     shift
     # The remainder is the command to be executed
     break
   elif [ "$1" = "-" ]
   then
     # Last option before the username
     sux_su_opts="$sux_su_opts $1"
     sux_got_minus=1
     shift
   elif [ "$1" = "-m" -o "$1" = "-p" -o "$1" = "--preserve-environment" ]
   then
     sux_preserve="1"
     sux_su_opts="$sux_su_opts $1"
     shift
   elif [ "$1" = "--display" ]
   then
     if [ $# -lt 2 ]
     then
       echo "--display takes a display name as an argument" >&2
       usage # exits
     fi
     export DISPLAY="$2"
     shift 2
   elif [ "$1" = "--no-cookies" ]
   then
     if [ -n "$sux_cookie_transfer" -a "$sux_cookie_transfer" != "n" ]
     then
       echo "--no-cookies is incompatible with --copy-cookies and --use-xauthority" >&2
       usage # exits
     fi
     sux_cookie_transfer="n"
     shift
   elif [ "$1" = "--copy-cookies" ]
   then
     if [ -n "$sux_cookie_transfer" -a "$sux_cookie_transfer" != "c" ]
     then
       echo "--copy-cookies is incompatible with --no-cookies and --use-xauthority" >&2
       usage # exits
     fi
     sux_cookie_transfer="c"
     shift
   elif [ "$1" = "--use-xauthority" ]
   then
     if [ -n "$sux_cookie_transfer" -a "$sux_cookie_transfer" != "x" ]
     then
       echo "--use-xauthority is incompatible with --no-cookies and --copy-cookies" >&2
       usage # exits
     fi
     sux_cookie_transfer="x"
     shift
    elif [ "$1" = "--untrusted" ]
   then
     sux_untrusted="untrusted"
    shift
   elif [ "$1" = "--timeout" ]
    then
     if [ $# -lt 2 ]
    then
       echo "--timeout takes a timeout in seconds" >&2
        usage # exits
     fi
     sux_timeout="timeout $2"
     shift 2
    elif [ "$1" = "-?" ]
  then 
    usage # exits
   else
     # First non-option is the username 
    sux_username="$1" 
    sux_su_opts="$sux_su_opts $1"
    shift
    # The remainder is the command to be executed
    break
  fi
 done
 ##
 # Get rid of the simple case
 if [ -z "$DISPLAY" ]
 then
   # If DISPLAY is not set we can take a shortcut...
   if [ -n "$sux_untrusted" -o -n "$sux_timeout" ]
   then
     echo "--untrusted and --timeout are only supported if DISPLAY is set" >&2
     usage #exits
   fi
  exec su $sux_su_opts "$@"
 fi
 ##
 # Do some option checking
 if [ -z "$sux_username" ]
 then
   sux_username="root"
 fi
 if [ -z "$sux_cookie_transfer" ]
 then
   if [ "$sux_username" = "root" ]
   then
     sux_cookie_transfer="$sux_root_cookie_transfer"
   else
     sux_cookie_transfer="c"
   fi
 fi
 if [ "$sux_cookie_transfer" = "x" -a "$sux_username" != "root" ]
 then
    echo "Only root can use --use-xauthority" >&2
   usage # exits
 fi
 ##
 # Create new cookies / retrieve the existing ones if necessary
 if [ -n "$sux_untrusted" -o -n "$sux_timeout" ]
 then
   if [ "$sux_cookie_transfer" != "c" ]
   then
     echo "--no-cookies/--use-xauthority are incompatible with --untrusted/--timeout" >&2
     usage #exits
   fi 
  # Yeah, tempfile is a debian-specific command.  Workarounds exist for
  # other machines.  If you do use a workaround, be certain that said
  # workaround actually creates the new file, (via touch or similar) or
  # xauth (below) will produce a pointless warning message.
  sux_tmpfile=`tempfile -p sux`
  /usr/X11R6/bin/xauth -q -f $sux_tmpfile generate $DISPLAY . $sux_untrusted $sux_timeout
  sux_xauth_data=`xauth -f $sux_tmpfile nlist $DISPLAY`
  rm -f $sux_tmpfile
 fi
 ## 
 # Build the command to restore the cookies in the su
 if [ "$sux_cookie_transfer" = "c" ]
 then
   # --copy-cookies case. We copy the cookie(s) using the xauth command. 
   # If display is of the form "host:x.y" we may also need to get the 
   # cookies for "host/unix:x.y".
   sux_unix_display=`echo $DISPLAY | sed -e 's#^\([a-zA-Z_.][a-zA-Z_.]*\):#\1/unix:#'`
   if [ "$DISPLAY" = "$sux_unix_display" ]
   then
      sux_unix_display=""
   fi
  # Get the cookies if we don't have them already
  if [ -z "$sux_xauth_data" ]
  then
    # Get the cookies. Note that we may need to 
    sux_xauth_data=` /usr/X11R6/bin/xauth -q nlist $DISPLAY`
    if [ -n "$sux_unix_display" ]
    then
      sux_xauth_data="$sux_xauth_data ` /usr/X11R6/bin/xauth -q nlist $sux_unix_display`"
    fi
  fi
  # We highjack the TERM environment variable to transfer the cookies to the 
  # other user. We do this so that they never appear on any command line, and 
  # because TERM appears to be the only environment variable that is not 
  # reset by su. Then, as long as 'echo' is a shell builtin, these cookies 
  # will never appear as command line arguments which means noone will be 
  # able to intercept them (assuming they were safe in the first place).
  sux_term="TERM='$TERM'"
  # now we can store the script that will restore the cookies on the other 
  # side of the su, in TERM!
  # Remove the old cookies. They may cause trouble if we transfer only one 
  # cookie, e.g. an MIT cookie, and there's still a stale XDM cookie hanging 
  # around.
  export TERM=" /usr/X11R6/bin/xauth -q remove $DISPLAY 2>/dev/null;"
  if [ -n "$sux_unix_display" ]
  then
    TERM="$TERM  /usr/X11R6/bin/xauth -q remove $sux_unix_display;"
  fi
  # Note that there may be more than one cookie to transfer, hence 
  # this loop
  sux_i=0
  for sux_str in $sux_xauth_data
  do
    if [ $sux_i -eq 0 ]
    then
      TERM="$TERM echo $sux_str"
    else
      TERM="$TERM $sux_str"
    fi
    sux_i=`expr $sux_i + 1`
    if [ $sux_i -eq 9 ]
    then
      TERM="$TERM |  /usr/X11R6/bin/xauth nmerge - ;"
      sux_i=0
    fi
  done
  sux_xauth_cmd="eval \$TERM;"
  sux_xauthority=""
 elif [ "$sux_cookie_transfer" = "x" ]
 then
  # --use-xauthority case. For root we can simplify things and simply 
  # access the original user's .Xauthority file.
  sux_term=""
  sux_xauth_cmd=""
  if [ -n "$XAUTHORITY" ]
  then
    sux_xauthority="XAUTHORITY='$XAUTHORITY'"
  else
    sux_xauthority="XAUTHORITY='$HOME/.Xauthority'"
  fi
 else
  # --no-cookies case. We just transfer $DISPLAY and assume the 
  # target user already has the necessary cookies
  sux_term=""
  sux_xauth_cmd=""
  sux_xauthority=""
 fi
 ##
 # Marshall the specified command in an effort to support parameters that 
 # contain spaces. This should be enough to get commands like 
 # 'xterm -title "My XTerm"' to work.
 sux_cmd=""
 if [ $# -gt 0 ]
 then
   while [ $# -gt 0 ]
   do
    sux_cmd="$sux_cmd \"$1\""
    shift
  done
 elif [ "`basename $0`" = "suxterm" ]
 then
   # Start an xterm, useful for temporary cookies
  sux_cmd=`which x-terminal-emulator`
  if [ -z "$sux_cmd" ]
  then
    sux_cmd="xterm"
  fi
 else
  # If no command is specified, start a shell
  if [ $# -eq 0 ]
  then
    if [ "$sux_got_minus" = "1" ]
    then
      sux_cmd="sh -c \"exec -l \$SHELL\""
    else
      sux_cmd="\$SHELL"
    fi
  fi
 fi
 ##
 # We would not want the other user to try and use our XAUTHORITY file. He 
 # wouldn't have the proper access rights anyway...
 unset XAUTHORITY
 ##
 # --preserve-environment special case
 if [ -n "$sux_preserve" -a -n "$sux_xauth_cmd" ]
 then
   sux_home=`egrep "^$sux_username:" /etc/passwd | cut -d: -f6`
   if [ -z "$sux_home" ]
   then
    echo "WARNING: --preserve-environment has been set, but no good value was found for XAUTHORITY, expect trouble" >&2
  else
    export XAUTHORITY="$sux_home/.Xauthority"
  fi
 fi
 ##
 # Execute su
 exec su $sux_su_opts -c "$sux_xauth_cmd       exec env $sux_xauthority $sux_term DISPLAY='$DISPLAY' $sux_cmd;"