we are currently running SLES 11, with LTSP and about 30 users. I am the admin and have the root password, what I would like to do is log in as a user "Mike" with out Mikes password and essentially be Mike, is this possible, I do have the root password.

I know I can SU to mike, but I still need his password.. I do not want to change his password.

the reason I want to do this is for privilege testing and application testing.

Sudo?

Sudo, wont give me what I want, I don't want to be root, I want to be Mike.

our users have their own password, and I do not know what they ware, and I don't want to know what they are, but I need to be them, to test.

You are saying that you are logged in as 'root' and when you type 'su - mike' it asks you for a password?

That is not my experience as 'root'

2 members found this post helpful.

no, I am not root. but I have the root password

your example does work. question, in doing an "su" do I have user prevs or root prevs?

also (and I should have mentioned this in the beginning, but I would like to be able to log in as the user in the gnome GUI

I don't understand why you "have" to login as these other users. You are, or can be root, for one, and you also can use sudo.

If there's something you need these users to do, then enable them by providing them with a script. If they come to you to do something recurring and you have to use their privileges to do that, then it would seem you could enable them with a process or script.

I suppose a little more insight as to why this is an adamant configuration need on your part.

Talk to somebody who knows what they are doing and ask them to set it up for you.
Please, for everyone's good, step away from the computer now!

Apologies for potentially breaking forum rules but I do not think that letting somebody ignorantly assume the power of other users is in the best interest of anyone else.

it is just for testing prevledges, I want to be sure Mike can access what he needs to and not what he shouldn't.

also, I have a case where Larry had a problem with his email, so in order to launch thunderbird for his email, I had to do it from his account. however in that case I was able to use SU

and perhaps I am thinking too much in to this...

it would lust be nice for testing to be able to be the user, without having them have to change their password, or ask what it is.

deleted

su stands for switch user. It can be any user if changing from root to user. I don't think you need a pw to switch from root to a regular user. And when you have a shell run as a user, it doesn't have root privileges. It has that user's privileges.

If you want a certain users gnome session, I don't think that is possible in the strict sense. You might be able to examine some things, but without the pw it seems hopeless, because gdm3 greeter has no way to log in as a user with the root pw.

Unless perhaps you wee to for instance launch gnome as root, switch to the user in a terminal, and launch say thunderbird from the user shell. If you're persistent enough there is always some way. or perhaps might bypass the login screen.

I've never tried this but sudo su -user may work. Not sure.

It would be simple to go to Mike and tell him that you are the admin and you need his password. No one ever stops me from asking.

Personally I would set up a dummy user with exactly the same permissions as the user you want to test the privileges for.

That dummy user can then be modified accordingly to mimic different setups while maintaining a clear boundary between administrator and user.

1 members found this post helpful.

That isn't really good practice, now, is it?
OK, perhaps I'm making this a bigger thing than it is but is it really a good thing to ever have a semi-skilled "administrator" log in as other users on any system?

This will work with no special setup:The first "su" will ask for the root password, then the second, which is running with root privileges, will launch a shell as user "mike" with no password required.