PAM and wheel issues
Lunt, Nick
Nick.Lunt at wesleyan.co.uk
Wed Jun 21 15:00:11 UTC 2006
After posting my question on the HP ITRC here http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1036430 it appears that pam-0.79-8 works by adding the root_only option to /etc/pam.d/su .
But adding this option to the latest version of redhats pam rpm (currently pam-0.77-66.14) I get these errors in /var/log/messages:
Jun 21 15:55:43 fudge PAM-Wheel[30822]: pam_parse: unknown option; root_only
So I guess were screwed until redhat get their pam rpm's sorted.
Cheers,
Nick .
> -----Original Message-----
> From: ergatz [mailto:ergatz at comcast.net]
> Sent: 19 June 2006 22:58
> To: General Red Hat Linux discussion list
> Subject: Re: PAM and wheel issues
>
>
> I came across the same problem TODAY. I thought I had done
> something wrong
> with the Linux load.
> It is so good to hear someone else has the same problem. I
> am eagerly
> awaiting the solution.
>
> dorothy
>
>
> ----- Original Message -----
> From: "Lunt, Nick" <Nick.Lunt at wesleyan.co.uk>
> To: "Redhat (E-mail)" <redhat-list at redhat.com>
> Sent: Monday, June 19, 2006 6:12 AM
> Subject: PAM and wheel issues
>
>
> > Folks,
> >
> > I've set /etc/pam.d/su to only allow su to root when users
> are in the
> > wheel group, with this line
> >
> > "auth required /lib/security/$ISA/pam_wheel.so use_uid"
> >
> >>From README.pam_wheel
> >
> > "only permit root authentication to members of wheel group"
> >
> > However this is preventing users NOT in the wheel group
> from switching
> > user to anyone, not just to root.
> >
> > I've tried this on 2 boxes with different versions of PAM:
> pam-0.77-65.1
> > and pam-0.77-66.13.
> >
> > Anyone come across this before or have an explanation for
> this behaviour ?
> >
> > Cheers,
> > Nick .
> >
> >
> >
> >
> >
> >
> > Wesleyan Administration Services Ltd registered number 5188850 and
> > Wesleyan Unit Trust Managers Ltd registered number 2114859
> ("WUTM Ltd")
> > are wholly owned subsidiary companies of Wesleyan Assurance
> Society, whose
> > registered number is ZC145. WUTM Ltd is a member of IMA.
> For ISA/PEP/Unit
> > Trusts Administration Centre: PO Box 9033, Chelmsford, SM99
> 2WQ Telephone:
> > 0870 601 6129 Wesleyan Assurance Society and WUTM Ltd are
> authorised and
> > regulated by the Financial Services Authority. Head Office, Colmore
> > Circus, Birmingham B4 6AR. Telephone: 0121 200 3003 Fax
> 0121 200 2971.
> > Website: www.wesleyan.co.uk Telephone calls may be recorded
> for monitoring
> > and training purposes.
> >
> > CONFIDENTIALITY NOTICE
> >
> > This communication and the information it contains is
> intended for the
> > person or organisation to whom it is addressed. Its contents are
> > confidential and may be protected in law. Unauthorised use,
> copying or
> > disclosure of any of it may be unlawful. If you are not the
> intended
> > recipient, please contact us immediately.
> >
> > The contents of any attachments in this e-mail may contain software
> > viruses, which could damage your own computer system. While every
> > reasonable precaution to minimise this risk has been taken,
> we cannot
> > accept liability for any damage that you sustain as a
> result of software
> > viruses. You should carry out your own virus checking
> procedure before
> > opening any attachment.
> >
> >
> > --
> > redhat-list mailing list
> > unsubscribe
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
> Thames Policy
>
More information about the redhat-list
mailing list