RE: pam_wheel

ok, i thought that the "wheel" group and the "root" group were same.  It
works now.  Thanks.

--
James Bagley                    |           CDI Innovantage
james_bagley@xxxxxxxxxxxxxxx    | Technical Computing UNIX Admin Support
   DON'T PANIC                  |       Agilent Technologies IT
Phone: (541) 738-3340           |          Corvallis, Oregon
--

On Thu, 28 Mar 2002, Swanson, Bryan wrote:

> pam_wheel defaults to checking for "wheel" group membership
> not "root" group...you can also specify a different group name, i
> believe the module argument is "group=" ...
>
> -b
>
> > -----Original Message-----
> > From: James Bagley Jr [mailto:jabagley@xxxxxxxxxxxxxxx]
> > Sent: Thursday, March 28, 2002 2:01 PM
> > To: pam-list@xxxxxxxxxx
> > Subject: pam_wheel
> >
> >
> > Hey all,
> >
> > I have users that need root access to their workstations.
> > Reading the pam
> > documentation for the pam_wheel module it sounds like I can
> > allow them to
> > 'su -' without entering a password.  This is ideal because I
> > don't want to
> > give them that root password, i'd rather keep that to myself.
> >  Problem is,
> > it doesn't work.  I'm using red hat 7.2.  Here is the contents of
> > /etc/pam.d/su:
> >
> > #%PAM-1.0
> > auth       sufficient   /lib/security/pam_rootok.so
> > # Uncomment the following line to implicitly trust users in
> > the "wheel" group.
> > auth       sufficient   /lib/security/pam_wheel.so trust use_uid
> > # Uncomment the following line to require a user to be in the
> > "wheel" group.
> > #auth       required     /lib/security/pam_wheel.so use_uid
> > auth       required     /lib/security/pam_stack.so service=system-auth
> > account    required     /lib/security/pam_stack.so service=system-auth
> > password   required     /lib/security/pam_stack.so service=system-auth
> > session    required     /lib/security/pam_stack.so service=system-auth
> > session    optional     /lib/security/pam_xauth.so
> >
> > Here is output from the id command as a user:
> >
> > uid=976(jabagley) gid=100(users) groups=100(users),0(root),98(ident)
> >
> > when 'su -' is entered, i am prompted for a password.  Did I
> > missunderstand the pam documentation?  what is wrong?
> >
> > thanks,
> >
> > --
> > James Bagley                        |           CDI Innovantage
> > james_bagley@xxxxxxxxxxxxxxx        | Technical Computing UNIX Admin Support
> >    DON'T PANIC                      |       Agilent Technologies IT
> > Phone: (541) 738-3340               |          Corvallis, Oregon
> > --
> >
> >
> >
> > _______________________________________________
> > Pam-list mailing list
> > Pam-list@xxxxxxxxxx
> > https://listman.redhat.com/mailman/listinfo/pam-list
> >
>
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list@xxxxxxxxxx
> https://listman.redhat.com/mailman/listinfo/pam-list
>