SU is broken when the -s argument is used after the username. 1. It get totally ignored if the -s comes after the -c. 2. -c is totally ignored if -s comes before the -c. The second item is far worse than the first, because it means that su $USERNAME -s $SHELL -c $COMMAND will NOT run $COMMAND, but will instead run the shell. root@grubbs-int:/ # id uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video) root@grubbs-int:/ # su -c id postgres uid=70(postgres) gid=70(postgres) groups=70(postgres) root@grubbs-int:/ # su -s /bin/false -c id postgres root@grubbs-int:/ # su -s /bin/sh -c id postgres uid=70(postgres) gid=70(postgres) groups=70(postgres) root@grubbs-int:/ # su postgres -c id uid=70(postgres) gid=70(postgres) groups=70(postgres) root@grubbs-int:/ # su postgres -c id -s /bin/sh uid=70(postgres) gid=70(postgres) groups=70(postgres) === now the problems, first of all, -s being ignored: root@grubbs-int:/ # su postgres -c id -s /bin/false 1uid=70(postgres) gid=70(postgres) groups=70(postgres) === and worse, -c being ignored! # su postgres -s /bin/false -c id postgres@grubbs-int / $ Portage 2.1.4_rc4 (default-linux/amd64/2007.0, gcc-4.2.2, glibc-2.7-r0, 2.6.24-rc2-pmp-g28e80f62 x86_64) ================================================================= System uname: 2.6.24-rc2-pmp-g28e80f62 x86_64 Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz Timestamp of tree: Unknown ccache version 2.4 [enabled] app-shells/bash: 3.2_p17-r1 dev-lang/python: 2.5.1-r4 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 2.0.0_rc6 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.24 virtual/os-headers: 2.6.23-r2 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=nocona -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /var/bind" CONFIG_PROTECT_MASK="/etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=nocona -O2 -pipe" DISTDIR="/home/gentoo/distfiles" FEATURES="assume-digests autoaddcvs buildpkg ccache collision-protect cvs distlocks lmirror metadata-transfer mirror parallel-fetch sandbox sfperms splitdebug strict unmerge-orphans userfetch userpriv" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LANG="en_US.UTF-8" LINGUAS="en en_CA en_US en_GB en_ZA" MAKEOPTS="-j4" PKGDIR="/home/gentoo/packages/grubb-int/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/dev/shm" PORTDIR="/usr/gentoo-cvs/gentoo-x86" PORTDIR_OVERLAY="/usr/local/portage" SYNC="" USE="3dnow aalib acl acpi adns aio alsa amd amd64 apache2 apm audit berkdb bitmap-fonts cairo cdr cgi clearpasswd cli cracklib crypt cups curl divx4linux dri dvd dvdr encode f77 fam foomaticdb fortran frxp gcj gd gdbm geoip gif glitz gpgme hpn iconv idn imap innodb ipalias ipv6 isdnlog jikes jpeg junit latex libwww logrotate mad maildir mcal md5sum midi mikmod mmx mp3 mpeg mpm-prefork mudflap multicall mysql ncurses nptl nptlonly objc offensive ogg openmp pam pcap pcre pdf pdflib perl pic plotutils png pnp ppds pppd python qmail readline reflection samba scanner session slp smime snmp socks5 spell spl sse sse2 ssl svg tetex tiff truetype truetype-fonts type1 type1-fonts udev ungif unicode usb userlocales v4l v4l2 vhosts vim-syntax vorbis xml xml2 xorg xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" FOO2ZJS_DEVICES="hp1020" INPUT_DEVICES="evdev keyboard mouse void" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_CA en_US en_GB en_ZA" USERLAND="GNU" VIDEO_CARDS="dummy fbdev nv v4l vga vesa i810" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
it's always been this way and it's done on purpose the man page of su states quite clearly: Additional arguments may be provided after the username, in which case they are supplied to the user's login shell.
Ah, then tracing that, doing: "sh $USER -c foo", runs "bash -c foo", which is valid, however "bash -s foo" is not valid. I'll file other bugs for ebuilds that are mis-using su then.
