On Thu, 30 Dec 1999, Wilde, Jeff wrote:
> I am trying to get su to only work with people that are in the wheel group.
> I have added the following to su:
>
> auth sufficient /lib/security/pam_rootok.so debug
> auth required /lib/security/pam_wheel.so debug
> auth required /lib/security/pam_pwdb.so shadow nullok
> account required /lib/security/pam_pwdb.so
> password required /lib/security/pam_cracklib.so
> password required /lib/security/pam_pwdb.so shadow use_authtok nullok
> session required /lib/security/pam_pwdb.so
> session optional /lib/security/pam_xauth.so
>
>
> When I authenticate I get the following error:
>
> Dec 30 10:02:13 lucy PAM-Wheel[16104]: Access denied for 'ops' to 'root'
>
> here is my wheel group:
> [root@lucy pam.d]# grep wheel /etc/group
> wheel:x:10:root,ops
>
>
> any ideas what I am missing here?
yes. The pam module check GID 0, and NOT, I repeat NOT, the real wheel
group...
The module has in my opinion a misleading name...
If want that, use something as
auth required /lib/security/pam_wheel.so group=wheel
>
> Thanx in advance.
> -=-=-=-=-=-=--=-=-=-=-=---=-=-=-=-=-=-=-=--=-=-=|_
> = Jeff Wilde mailto:[EMAIL PROTECTED] |_
> - West Group Technical Services |
> = (651)-687-8650 =
> =-=-=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=-=--=--=-
Igmar
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
