SUS is a utility to allow a user of a UNIX type system to run a
command as another user, usually the super user. It is typically
used as a system administration tool to allow system administrators
to temporarily raise their privilage level for a single task
but also to give other users the ability to run various commands
as the super user where required. As such, SUS is similar in
many ways to the widely popular "sudo" utility. However, there are also
many differences.
Some of the more advanced features of SUS are:
- the configuration file is
preprocessed as it is read by a built in
CPP style proprocessor.
- an ability to define a class of system objects (users, groups,
files, hosts or proccesses) by their attributes.
- an ability to treat arguments passed to the target command
as references to objects and allow or reject commands based
on the membership of such objects to defined object classes.
- support for boolean combinations of attributes (and,or,not).
- the ability to run commands as users other than root.
- the ability to run commands in background as session leaders.
- the ability to let a user run a command as a target user if
the invoking user can authenticate as the target user.
- many other useful features, see the manual (pdf)
and example configuration file.
The current version of SUS is 3.5,
released on December 14, 2009.
SUS is distributed under an
GPL license.