Switching to a user having /sbin/nologin as a login shell

Generally for ftp/sftp accounts created on UNIX servers the users' login shell is set to /sbin/nologin to make sure that the users can't login to the system and get a shell session. It's a conventional security feature implemented at the system level.
There might be instances where in we require to login to the server as the said user probably to perform some troubleshooting or diagnostics. We usually do this by temporarily changing the login shell to something else.
Today I'll demonstrate a work around for that.

I have a user called ftpuser and it's shell is set to /sbin/nologin.

[root@pbox ~]# perl -nle 'print if (/ftpuser/)' /etc/passwd
ftpuser:x:1001:1001::/home/ftpuser:/sbin/nologin
[root@pbox ~]#

If i try to switch to this user, I find that I'm unable to do so 

[root@pbox ~]# sudo su - ftpuser

Last login: Sun Sep  3 10:30:16 IST 2017 on pts/2

This account is currently not available.

[root@pbox ~]#

The workaround is to use the -p option with the su command while logging in.

[root@pbox ~]# sudo su -p ftpuser

bash: /root/.bashrc: Permission denied

bash-4.2$ id

uid=1001(ftpuser) gid=1001(ftpuser) groups=1001(ftpuser) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

bash-4.2$ pwd

/root

bash-4.2$ cd /home/ftpuser/

bash-4.2$ mkdir in out

bash-4.2$ ls -l

total 0

drwxr-xr-x. 2 ftpuser ftpuser 6 Sep  3 10:39 in

drwxr-xr-x. 2 ftpuser ftpuser 6 Sep  3 10:39 out

bash-4.2$

Notice that after switching to ftpuser I'm still in /root which was my home directory when logged in as the root user.

This is because the -p flag actually preserves the environment of the previously logged in user.

Here's what the manpage for su said about -p :

 -m, -p, --preserve-environment

              Preserves  the  whole  environment,  ie  does not set HOME, SHELL, USER nor LOGNAME.  The option is ignored if the

              option --login is specified.

I hope you find this trick useful and thank you for reading.