Wheel group?
Rick Johnson
rjohnson at medata.com
Thu Aug 19 19:44:37 UTC 2004
Craig White wrote:
<snip>
> ----
> To my knowledge, the wheel group is commonly used as a super-user group
> on BSD and is pretty much not involved in Linux stuff except that you
> may want to use NIS type of UID/GID designations. Linux uses other
> groups such as adm/disk for these types of elevated privileges.
I generally use it to grant su privileges as well as sudo privileges.
Only members of the wheel group can use su, and only members of wheel
can use sudo.
Inside /etc/pam.d/su:
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required /lib/security/$ISA/pam_wheel.so use_uid
If you uncomment - only wheel members can "su".
Alternately the line above that group can implicitly trust users who are
members of that group - great for internal systems with controlled
access - but a nightmare on any other machine - especially if the
account member has a simple/weak password.
Inside /etc/sudoers:
# Uncomment to allow people in group wheel to run all commands
#%wheel ALL=(ALL) ALL
If you uncomment - people within wheel can run sudo (using a password)
to execute commands as root. There's another set below which could do
the same w/o requiring a password - again see comments above.
Other than that, I don't see much other use for it - but I'm sure some
files in the file system are group owned by wheel which may grant
members additional rights w/o being root.
HTH,
-Rick
--
Rick Johnson, RHCE #807302311706007 - rjohnson at medata.com
Linux/Network Administrator - Medata, Inc.
PGP Public Key: https://mail.medata.com/pgp/rjohnson.asc
More information about the fedora-list
mailing list