logo       
Bookmark and Share

pam_wheel: msg#00007

linux.pam

Subject: pam_wheel

Hey all,

I have users that need root access to their workstations. Reading the pam
documentation for the pam_wheel module it sounds like I can allow them to
'su -' without entering a password. This is ideal because I don't want to
give them that root password, i'd rather keep that to myself. Problem is,
it doesn't work. I'm using red hat 7.2. Here is the contents of
/etc/pam.d/su:

#%PAM-1.0
auth sufficient /lib/security/pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
auth sufficient /lib/security/pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required /lib/security/pam_wheel.so use_uid
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_xauth.so

Here is output from the id command as a user:

uid=976(jabagley) gid=100(users) groups=100(users),0(root),98(ident)

when 'su -' is entered, i am prompted for a password. Did I
missunderstand the pam documentation? what is wrong?

thanks,

--
James Bagley | CDI Innovantage
james_bagley@xxxxxxxxxxxxxxx | Technical Computing UNIX Admin Support
DON'T PANIC | Agilent Technologies IT
Phone: (541) 738-3340 | Corvallis, Oregon
--


<Prev in Thread] Current Thread [Next in Thread>
Google Custom Search

News | Mail Home | sitemap | FAQ | advertise