su: blacklist users
David Bandel
david.bandel
Thu May 25 10:19:47 PDT 2006
On 5/25/06, Man-wai CHANG <mwchang at i-cable.com> wrote:
>
> Is there a way to deny specified users from calling su?
Well, the way Solaris handled this is to only permit users that belong
to group wheel from being able to call this. More like a white list
concept.
You could always do that. Just modify /etc/pam.d/su and add users
permitted to su to group wheel.
Just add this to your /etc/pam.d/su file:
auth required pam_wheel.so
note that you have to ensure your distro includes
/lib/security/pam_wheel.so for this to work.
[snip]
David A. Bandel
--
Focus on the dream, not the competition.
- Nemesis Air Racing Team motto
More information about the Linux-users
mailing list