PAM Recipe to Authenticate on Either the User's Password or Root's Password

Sat May 13 18:22:57 UTC 2006

On 5/13/06, Les Mikesell <lesmikesell at gmail.com> wrote:
> Can't help, but if they know the target password they could
> use su instead of sudo where the main purpose is to let you
> do things without knowing that password. Maybe a bit of user
> education would solve the problem.

I want everyone to avoid 'su', and most users won't know any important
target passwords (like root). Also, which password is required is
inconsistent across linux programs and even across `sudo`
installations, so I want either to work.

Rather than debate the social issues, I want to know if anyone knows a
technical solution that allows this.

(This same pam recipe would be handy in a screensaver lock screen.)