1 |
Am Freitag, den 14.10.2005, 15:45 +0200 schrieb Dirk Heinrichs: |
2 |
> 1) /etc/pam.d/su entsprechend ändern (die Einträge sind schon da, |
3 |
> müssen nur |
4 |
> auskommentiert werde |
5 |
Meine /etc/pam.d/su sieht wie folgt aus: |
6 |
=== |
7 |
#%PAM-1.0 |
8 |
|
9 |
auth sufficient pam_rootok.so |
10 |
|
11 |
# If you want to restrict users begin allowed to su even more, |
12 |
# create /etc/security/suauth.allow (or to that matter) that is only |
13 |
# writable by root, and add users that are allowed to su to that |
14 |
# file, one per line. |
15 |
#auth required pam_listfile.so item=ruser sense=allow |
16 |
onerr=fail file=/etc/security/suauth.allow |
17 |
|
18 |
# Uncomment this to allow users in the wheel group to su without |
19 |
# entering a passwd. |
20 |
#auth sufficient pam_wheel.so use_uid trust |
21 |
|
22 |
# Alternatively to above, you can implement a list of users that do |
23 |
# not need to supply a passwd with a list. |
24 |
#auth sufficient pam_listfile.so item=ruser sense=allow |
25 |
onerr=fail file=/etc/security/suauth.nopass |
26 |
|
27 |
# Comment this to allow any user, even those not in the 'wheel' |
28 |
# group to su |
29 |
auth required pam_wheel.so use_uid |
30 |
|
31 |
auth include system-auth |
32 |
|
33 |
account include system-auth |
34 |
|
35 |
password include system-auth |
36 |
|
37 |
session include system-auth |
38 |
session required pam_env.so |
39 |
session optional pam_xauth.so |
40 |
=== |
41 |
|
42 |
Ich habe jetzt ein bischen herumgespielt, aber ich kann als root nicht |
43 |
in den entsprechenden Benutzer wechseln. |