On Fri, Jul 31, 2009 at 10:22 AM, Theo de Raadt<[email protected]> wrote: >> I recently installed 4.5 from the CD, and while adding user "amar", I >> set the primary group to wheel. But now when I try to do a "su -", I >> am kicked out for not being in group wheel. Though FAQ 10.1 says that >> one has to be manually added to group wheel if su - is needed, does it >> mean that folks having primary group as wheel are denied? Did I miss >> something very obvious? >> >> Here is the transcript: >> ========================================== >> $ id >> uid=1001(amar) gid=0(wheel) groups=0(wheel) >> $ su - >> Password: >> you are not in group wheel > > I don't know why it is so difficult to read the manual pages > > % man su > > > If group 0 (normally ``wheel'') has users listed then only those users > can su to ``root''. It is not sufficient to change a user's /etc/passwd > entry to add them to the ``wheel'' group; they must explicitly be listed > in /etc/group. If no one is in the ``wheel'' group, it is ignored, and > anyone who knows the root password is permitted to su to ``root''. [...]
Ouch! Caught in the wrong foot -- I read everything but the man page. :-[ So I did miss something very *obvious*. -Amarendra
