linux block su

to allow only certain users to use 'su'

uncomment this line in /etc/pam.d/su
auth required pam_wheel.so use_uid

add any user you want to allow to run 'su' to the wheel group
in /etc/group:
wheel:x:10:user1,user2