[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam and su




> > Can someone set the record straight?  I'm wondering how to control users
> > ability to use su by configuring pam, but the info pages make no reference
> > to pam, in 4.2.
> > 
> > I see /etc/pam.d/su, but am a PAM novice (is there an FAQ, or user's
> > guide, besides the development stuff from kernel.org?) and can't figure
> > out how to change it..
> > 
> 
>    You should be able to figure out the most of it by looking in
> /usr/doc/pam-* directory on your redhat system. There is an example of a
> pam config file, to do this. Check out the wheel module.

Ok, will do.  I understand what the wheel group is for, but there is
always the way of chgrp on su.  Why is the pam method advisable?

It sounds like pam would be a more robust solution for this, due to having
to modify root-owned and root-group files, rather than simply the su
binary, and perhaps the ability to use an su binary from another system...

Are these the reasons?

[I'd like to have a conversation about a few things I don't like about RH
5.0 -- is the rehat-devel-list the appropriate place?  I realize there is
suggest@redhat, but I'd like to have a conversation, not just post
ideas..]

Thanks,
Dave




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []