Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 921

Summary: Making PAM let only members of wheel su root [pam_wheel.so]
Product: [Retired] Red Hat Linux Reporter: dwayne
Component: pamAssignee: Michael K. Johnson <johnsonm>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5.2CC: dwayne, pbrown
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 1999-03-26 21:52:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description dwayne 1999-01-22 17:21:59 UTC
This is just a note to anyone wanting to have only members
of the wheel group su root.  By default RedHat has the GID
of the wheel group set to be 10.  However, PAM assumes it's
0.  Even if you change the file /etc/group (and /etc/group-
for good measure) so that wheel has GID=0, it still doesn't
work (for me at least :)  However by placing group=wheel at
the end of the first auth line, all will be well!  So the
auth lines of /etc/pam.d/su should be something like:

auth  required  /lib/security/pam_wheel.so group=wheel
auth  required  /lib/security/pam_pwdb.so shadow nullok

Comment 1 Preston Brown 1999-03-26 19:57:59 UTC
Michael, has this been dealt with/fixed/worked around/whatever?

Comment 2 Michael K. Johnson 1999-03-26 21:52:59 UTC
This is not a bug and does not need to be dealt with/fixed/worked
around/whatever.