Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Swanson, Bryan (bswansunf.edu)
Date: Fri Jan 04 2002 - 12:19:43 CST
we use unpackaged Linux-PAM-0.75 and haven't seen that particular
problem...here's what our /etc/pam.d/su looks like:
#[For version 1.0 syntax, the above header is optional]
# The PAM configuration file for the `su' service
auth requisite pam_wheel.so debug
auth sufficient pam_rootok.so
auth [success=done auth_err=ignore] pam_unix.so
auth sufficient pam_krb5.so no_ccache
auth optional pam_warn.so
auth required pam_deny.so
account required pam_unix.so
session required pam_unix.so
note the use of pam_rootok to prevent root from having to supply
a user's password ... also non-wheel members can't su to uid 0
> -----Original Message-----
> From: Andreas Hasenack [mailto:andreasconectiva.com.br]
> Sent: Friday, January 04, 2002 12:46 PM
> To: pam-listredhat.com
> Subject: Follow-up Re: su: user->root ok, user1->user2 ok, root->user
> Em Fri, Jan 04, 2002 at 02:02:39PM -0200, Andreas Hasenack escreveu:
> > Hi, I'm having a trouble with su and pam-0.75 (with absolutely
> > no patches, just the original tarball).
> > As a regular user, I can su to root as usual, just giving
> > root's password. I can also su from a regular user to another
> > one without problems.
> > BUT, as root, I cannot su at all, getting this prmission
> denied error:
> Well, I took a look at redhat's pam package and found 50
> (fifty) patches to
> the original Linux-PAM-0.75.tar.gz, around 360Kb of patches.
> I applied all of them and it started working. So, is this a
> bug in linux-pam?
> Is there a 0.76 release around the corner? Hmm, I tried the
> CVS version and
> it also didn't work, so the right patch (one or more among
> those 50) isn't
> in CVS.
> Is someone else using "pristine" linux-pam out there? Are you
> having this
> su problem too?
> Pam-list mailing list
Pam-list mailing list