su is used to become another user during a login session. Invoked without a username, su defaults to becoming the super user. The optional argument - may be used to provide an environment similar to what the user would expect had the user logged in directly.
The user will be prompted for a password, if appropriate. Invalid passwords will produce an error message. All attempts, both valid and invalid, are logged to detect abuses of the system.
An optional command can be executed. This is done by the shell specified in /etc/passwd for the target user unless the -s or -m options are used. Any arguments supplied after the username will be passed to the invoked shell (shell must support the -c command line option in order for a command to be passed to it).
The current environment is passed to the new shell. The value of $PATH is reset to /bin:/usr/bin for normal users, or /sbin:/bin:/usr/sbin:/usr/bin for the super user. This may be changed with the ENV_PATH and ENV_SUPATH definitions in /etc/login.defs. When using the -m or -p options, the users environment is not changed.
A subsystem login is indicated by the presense of a "*" as the first character of the login shell. The given home directory will be used as the root of a new filesystem which the user is actually logged into.
make this a login shell
pass command to the invoked shell using its -c option
do not reset environment variables, and keep the same shell if it is present in /etc/shells
use shell instead of the default in /etc/passwd. The shell specified must be present in /etc/shells.