su

su command is used to change to another user. It is most commonly employed to change the ownership from an ordinary user to the root.

su [options] [commands] [-] [username]

#su root
If the correct password is provided, ownership of the session is changed to root.

whoami command displays the current user.

The default behavior of su is to maintain the current directory and the environmental variables of the original user, which means the variables like PATH and others will still be the original user's value. For ordinary users PATH is usually something like /usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin:/home/username/bin:/sbin:/usr/sbin:/bin:/usr/bin For root it generally resembles

To overcome this use,
su -

The hyphen has two effects: (1) it switches the current directory to the home directory of the new user (e.g., to /root in the case of the root user) and (2) it changes the environmental variables to those of the new user. 

The common option used with su is the -c option. Which tells su to execute the command that directly follows it on the same line and exit and return back to the original user. 

eg) su -c "ls -l /home" - aaron

This will attempt to switch to user 'aaron' and execute the command and return back exiting user aaron's session.

Monitoring usage of su:

Normally su attempts are logged in /var/adm/sulog file. This has to be set up when system is commissioned. The setup is done by editing the fie /etc/default/login.

#SULOG=/var/adm/sulog  => This line should be un-commented.
 

eg)# tail /var/adm/sulog
SU 10/07 10:35 + pts/3 winsel-root
SU 10/07 15:05 - console root-daemon
SU 10/07 15:54 + console root-daemon
SU 10/07 16:28 - pts/3 winsel-root
SU 10/08 08:23 + console root-daemon