On Tue, 2006-07-18 at 13:44 +0100, James Wilkinson wrote: > Aaron Konstam wrote: > > You are saying it but what you are saying is hard to believe. You are > > trying to su in inti level 1. Only root can be in init level 1. When you > > boot to init level 1 you don't even enter a passwd. > > Out of interest, what do you think should stop su working in init level > 1? I mean on a "physical", which-bit-of-code-should-cause-an-error-and- > why level? > Run level one does not have the concept of other users. It is called single user mode for a very good reason. > Init levels don't make much difference from a kernel perspective -- they > just change the selection of user-space software that runs, and what > gets configured and how. So you're back into a very simple Unix-like OS, > with no daemons running, and (as you say) you're automatically given a > shell running as root. But glibc and the kernel are still there. > > What su does (effectively -- there's a bit of hand-waving here) is to > ask the kernel to start a new shell running under a different userID. > Shells work in init level 1, obviously, and the kernel is still there. > Do they? I believe the only shell that runs is the one that is started when entering run level 1, and that is not a login shell. I have never tried, but AIUI you cannot launch another shell when in run level 1. > There isn't support for multiple logins by default, true -- but the > concept of different users with different rights is still present in the > kernel, and you can still make use of it. > I don't think you are correct in this concept. Single user mode (run level 1) does not allow use of the password file, nor pam, nor login, nor anything else that would allow you to switch to another user. It is called single user for a very good reason... The only user available is a root shell, no login, and no utilities that mangage the multi-user environment. > Thanks, > > James.