PAM and wheel issues

Lunt, Nick Nick.Lunt at wesleyan.co.uk
Wed Jun 21 15:00:11 UTC 2006 

After posting my question on the HP ITRC here http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1036430 it appears that pam-0.79-8 works by adding the root_only option to /etc/pam.d/su .

But adding this option to the latest version of redhats pam rpm (currently pam-0.77-66.14) I get these errors in /var/log/messages:

Jun 21 15:55:43 fudge PAM-Wheel[30822]: pam_parse: unknown option; root_only

So I guess were screwed until redhat get their pam rpm's sorted.

Cheers,
Nick .

> -----Original Message-----
> From: ergatz [mailto:ergatz at comcast.net]
> Sent: 19 June 2006 22:58
> To: General Red Hat Linux discussion list
> Subject: Re: PAM and wheel issues
> 
> 
> I came across the same problem TODAY.  I thought I had done 
> something wrong 
> with the Linux load.
> It is so good to hear someone else has the same problem.  I 
> am eagerly 
> awaiting the solution.
> 
> dorothy
> 
> 
> ----- Original Message ----- 
> From: "Lunt, Nick" <Nick.Lunt at wesleyan.co.uk>
> To: "Redhat (E-mail)" <redhat-list at redhat.com>
> Sent: Monday, June 19, 2006 6:12 AM
> Subject: PAM and wheel issues
> 
> 
> > Folks,
> >
> > I've set /etc/pam.d/su to only allow su to root when users 
> are in the 
> > wheel group, with this line
> >
> > "auth       required     /lib/security/$ISA/pam_wheel.so use_uid"
> >
> >>From README.pam_wheel
> >
> > "only permit root authentication to members of wheel group"
> >
> > However this is preventing users NOT in the wheel group 
> from switching 
> > user to anyone, not just to root.
> >
> > I've tried this on 2 boxes with different versions of PAM: 
> pam-0.77-65.1 
> > and pam-0.77-66.13.
> >
> > Anyone come across this before or have an explanation for 
> this behaviour ?
> >
> > Cheers,
> > Nick .
> >
> >
> >
> >
> >
> >
> > Wesleyan Administration Services Ltd registered number 5188850 and 
> > Wesleyan Unit Trust Managers Ltd registered number 2114859 
> ("WUTM Ltd") 
> > are wholly owned subsidiary companies of Wesleyan Assurance 
> Society, whose 
> > registered number is ZC145. WUTM Ltd is a member of IMA. 
> For ISA/PEP/Unit 
> > Trusts Administration Centre: PO Box 9033, Chelmsford, SM99 
> 2WQ Telephone: 
> > 0870 601 6129 Wesleyan Assurance Society and WUTM Ltd are 
> authorised and 
> > regulated by the Financial Services Authority. Head Office, Colmore 
> > Circus, Birmingham B4 6AR. Telephone: 0121 200 3003 Fax 
> 0121 200 2971. 
> > Website: www.wesleyan.co.uk Telephone calls may be recorded 
> for monitoring 
> > and training purposes.
> >
> > CONFIDENTIALITY NOTICE
> >
> > This communication and the information it contains is 
> intended for the 
> > person or organisation to whom it is addressed. Its contents are 
> > confidential and may be protected in law. Unauthorised use, 
> copying or 
> > disclosure of any of it may be unlawful. If you are not the 
> intended 
> > recipient, please contact us immediately.
> >
> > The contents of any attachments in this e-mail may contain software 
> > viruses, which could damage your own computer system. While every 
> > reasonable precaution to minimise this risk has been taken, 
> we cannot 
> > accept liability for any damage that you sustain as a 
> result of software 
> > viruses. You should carry out your own virus checking 
> procedure before 
> > opening any attachment.
> >
> >
> > -- 
> > redhat-list mailing list
> > unsubscribe 
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> > 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
> Thames Policy
>

More information about the redhat-list mailing list