Guys, Working through the setup of my new server, I rad across a wonderful hidden time-saver in /etc/pam.d/su. If you have configured sudo in the normal way by providing sudo access to members of the 'wheel' group, you can avoid having to type the root password to 'su' by uncommenting the following line in /etc/pam.d/su: auth sufficient pam_wheel.so trust use_uid As the comment says, the entry causes pam to implicitly trust members of the wheel group. Eliminating the need to type a 14 char pw 10 times a day is a time-saver. My only concern is how secure it is to allow pam to do this? I'd welcome any thoughts by those that understand whether this causes a concern. Thanks and thanks to whoever put this little gem in /etc/pam.d/su -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com
