Since I was not the member, I will sent it again > Dear Sir/Madam. > > I am using RedHat 7.3 Linux with pam-0.75-32 . I cretaed > /etc/security/suok files as > [root@test-pc root]# cat /etc/security/suok > bidb > root > > also bidb and root are the member of wheel group. And I prepared > /etc/pam.d/su file as > [root@test-pc root]# cat /etc/pam.d/su > #%PAM-1.0 > auth sufficient /lib/security/pam_rootok.so > auth required /lib/security/pam_listfile.so onerr=fail item=user sense=allow file=/etc/security/suok > # Uncomment the following line to implicitly trust users in the "wheel" > group. > #auth sufficient /lib/security/pam_wheel.so trust use_uid > # Uncomment the following line to require a user to be in the "wheel" > group. > auth required /lib/security/pam_wheel.so group=wheel > auth required /lib/security/pam_stack.so service=system-auth > account required /lib/security/pam_stack.so service=system-auth > password required /lib/security/pam_stack.so service=system-auth > session required /lib/security/pam_stack.so service=system-auth > #session optional /lib/security/pam_xauth.so > > First of all pam_listfile.so doesn't work. When I comment pam_wheel.so all > users which are not in the suok file runs su normally. > > Second problem, pam_wheel.so runs on consoles properly but under X any > user who is not the member of wheel also runs su. > > If I make any mistake, please inform me. > > Best Regards, > > Selcuk Han AYDIN > Middle East Technical University > Computer Center > Sistem Administrator > >
