Calife requests user’s own password for becoming login (or root, if no login is provided), and switches to that user and group ID after verifying proper rights to do so. A shell is then executed. If calife is executed by root, no password is requested and a shell with the appropriate user ID is executed.
The invoked shell is the user’s own except when a shell is specified in the configuration file calife.auth. If ‘‘-’’ is specified on the command line, user’s profile files are read as if it was a login shell. This is not the traditional behavior of su. Only users specified in calife.auth can use calife to become another one with this method. You can specify in the calife.auth file the list of logins allowed for users when using calife.
[ Man page ]
A sample calif.auth file would look like this:
For a howto on calife.auth formatting go here: http://www.digipedia.pl/man/calife.auth.5.html
Calife in action: