How can I tell if someone has used the "su" command to become root? What I want is to see if anyone on the system is the root user, but when I type "w" command, it is not specific.
1:10pm up 22 min, 2 users, load average: 0.44, 0.62, 0.57
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
someguy pts/0 adsl-1-2-3- 12:52pm 1:13 0.07s 0.02s bash
root pts/1 somehost.com 12:53pm 0.00s 0.19s 0.08s w
But what if the "someguy" user has used "su" to become root? It will still say "someguy" and I won't know if they are root or a regular user. Can anyone show me how to tell if he has used "su" to become root?
Thanks in advance.