1 |
On March 18, 2012 at 6:22 AM pk <peterk2@××××××××.se> wrote: |
2 |
|
3 |
> On 2012-03-18 04:11, Bruce Hill, Jr. wrote: |
4 |
> |
5 |
> > Am I eternally confused? |
6 |
> |
7 |
> I have no idea... besides, eternity is a long time... ;-) |
8 |
> |
9 |
> > su - change user ID or become superuser |
10 |
> > |
11 |
> > It's not _only_ to become root (maybe theoretically if you only have |
12 |
one |
13 |
> > normal user). On a true multiuser system you can su (switch user) to |
14 |
any |
15 |
> > user. |
16 |
> |
17 |
> Yes, correct. Sorry if this was implied; I only talked about Dales |
18 |
> specific problem... |
19 |
> |
20 |
> > Since _every_ computer I own or have _ever_ built has -pam globally, |
21 |
pam is |
22 |
> > not a requirement to use su ... is it? |
23 |
> |
24 |
> Nope. Again, I was only trying to help Dale... If su is owned by |
25 |
> 'root.root' (user.group) I assumed that it's execution was controlled by |
26 |
> something else since it otherwise should be owned by 'root.wheel' |
27 |
> (unless you're part of the 'root' group, which I don't think is |
28 |
> recommended). If you're not running pam then I assume your 'su' is owned |
29 |
> by 'root.wheel'? |
30 |
> Best regards |
31 |
> |
32 |
> Peter K |
33 |
> |
34 |
|
35 |
|
36 |
The ownership is not changed, with user(s) where it's necessary (never on |
37 |
servers) in the wheel group. |
38 |
|
39 |
mingdao@t420 ~ $ ls -l /bin/su |
40 |
-rws--x--x 1 root root 53440 Oct 7 07:00 /bin/su |
41 |
mingdao@t420 ~ $ ls -l /usr/bin/sudo |
42 |
---s--x--x 2 root root 71144 Feb 22 06:34 /usr/bin/sudo |
43 |
|
44 |
# less /etc/sudoers |
45 |
<snip> |
46 |
## Same thing without a password |
47 |
%wheel ALL=(ALL) NOPASSWD: ALL |
48 |
<snip> |
49 |
|
50 |
mingdao@t420 ~ $ id uid=1000(mingdao) gid=1000(mingdao) |
51 |
groups=1000(mingdao),7(lp),10(wheel),16(cron),18(audio),19(cdrom),27(video),80(cdrw),85(usb),100(users),250(portage) |
52 |
|
53 |
The 'stuff' happens when you issue "visudo" and edit the above file. I've |
54 |
never studied this on Gentoo, but also have: |
55 |
-rwxr-xr-x 1 root root 180696 Feb 22 06:34 /usr/lib64/sudo/sudoers.so |
56 |
|
57 |
Meh ... too much to learn for an old dog like me. |
58 |
-- |
59 |
Happy Penguin Computers >`) |
60 |
126 Fenco Drive ( \ |
61 |
Tupelo, MS 38801 ^^ |
62 |
662-269-2706; 662-491-8613 |
63 |
support at happypenguincomputers dot com |
64 |
http://www.happypenguincomputers.com |