| 1 |
Am Freitag, den 14.10.2005, 15:45 +0200 schrieb Dirk Heinrichs: |
| 2 |
> 1) /etc/pam.d/su entsprechend ändern (die Einträge sind schon da, |
| 3 |
> müssen nur |
| 4 |
> auskommentiert werde |
| 5 |
Meine /etc/pam.d/su sieht wie folgt aus: |
| 6 |
=== |
| 7 |
#%PAM-1.0 |
| 8 |
|
| 9 |
auth sufficient pam_rootok.so |
| 10 |
|
| 11 |
# If you want to restrict users begin allowed to su even more, |
| 12 |
# create /etc/security/suauth.allow (or to that matter) that is only |
| 13 |
# writable by root, and add users that are allowed to su to that |
| 14 |
# file, one per line. |
| 15 |
#auth required pam_listfile.so item=ruser sense=allow |
| 16 |
onerr=fail file=/etc/security/suauth.allow |
| 17 |
|
| 18 |
# Uncomment this to allow users in the wheel group to su without |
| 19 |
# entering a passwd. |
| 20 |
#auth sufficient pam_wheel.so use_uid trust |
| 21 |
|
| 22 |
# Alternatively to above, you can implement a list of users that do |
| 23 |
# not need to supply a passwd with a list. |
| 24 |
#auth sufficient pam_listfile.so item=ruser sense=allow |
| 25 |
onerr=fail file=/etc/security/suauth.nopass |
| 26 |
|
| 27 |
# Comment this to allow any user, even those not in the 'wheel' |
| 28 |
# group to su |
| 29 |
auth required pam_wheel.so use_uid |
| 30 |
|
| 31 |
auth include system-auth |
| 32 |
|
| 33 |
account include system-auth |
| 34 |
|
| 35 |
password include system-auth |
| 36 |
|
| 37 |
session include system-auth |
| 38 |
session required pam_env.so |
| 39 |
session optional pam_xauth.so |
| 40 |
=== |
| 41 |
|
| 42 |
Ich habe jetzt ein bischen herumgespielt, aber ich kann als root nicht |
| 43 |
in den entsprechenden Benutzer wechseln. |
Archives