[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: pam_wheel



ok, i thought that the "wheel" group and the "root" group were same.  It
works now.  Thanks.

--
James Bagley			|           CDI Innovantage
james_bagley@non.agilent.com	| Technical Computing UNIX Admin Support
   DON'T PANIC			|       Agilent Technologies IT
Phone: (541) 738-3340		|          Corvallis, Oregon
--

On Thu, 28 Mar 2002, Swanson, Bryan wrote:

> pam_wheel defaults to checking for "wheel" group membership
> not "root" group...you can also specify a different group name, i
> believe the module argument is "group=" ...
>
> -b
>
> > -----Original Message-----
> > From: James Bagley Jr [mailto:jabagley@cvs.agilent.com]
> > Sent: Thursday, March 28, 2002 2:01 PM
> > To: pam-list@redhat.com
> > Subject: pam_wheel
> >
> >
> > Hey all,
> >
> > I have users that need root access to their workstations.
> > Reading the pam
> > documentation for the pam_wheel module it sounds like I can
> > allow them to
> > 'su -' without entering a password.  This is ideal because I
> > don't want to
> > give them that root password, i'd rather keep that to myself.
> >  Problem is,
> > it doesn't work.  I'm using red hat 7.2.  Here is the contents of
> > /etc/pam.d/su:
> >
> > #%PAM-1.0
> > auth       sufficient   /lib/security/pam_rootok.so
> > # Uncomment the following line to implicitly trust users in
> > the "wheel" group.
> > auth       sufficient   /lib/security/pam_wheel.so trust use_uid
> > # Uncomment the following line to require a user to be in the
> > "wheel" group.
> > #auth       required     /lib/security/pam_wheel.so use_uid
> > auth       required     /lib/security/pam_stack.so service=system-auth
> > account    required     /lib/security/pam_stack.so service=system-auth
> > password   required     /lib/security/pam_stack.so service=system-auth
> > session    required     /lib/security/pam_stack.so service=system-auth
> > session    optional     /lib/security/pam_xauth.so
> >
> > Here is output from the id command as a user:
> >
> > uid=976(jabagley) gid=100(users) groups=100(users),0(root),98(ident)
> >
> > when 'su -' is entered, i am prompted for a password.  Did I
> > missunderstand the pam documentation?  what is wrong?
> >
> > thanks,
> >
> > --
> > James Bagley			|           CDI Innovantage
> > james_bagley@non.agilent.com	| Technical Computing UNIX Admin Support
> >    DON'T PANIC			|       Agilent Technologies IT
> > Phone: (541) 738-3340		|          Corvallis, Oregon
> > --
> >
> >
> >
> > _______________________________________________
> > Pam-list mailing list
> > Pam-list@redhat.com
> > https://listman.redhat.com/mailman/listinfo/pam-list
> >
>
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list@redhat.com
> https://listman.redhat.com/mailman/listinfo/pam-list
>





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []