Re: restricted

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



My first thought was that you could limit users by restricting the group and everyone execute permission.  To test my theory I did a search using "find / -iname su".

My searched turned up the file /etc/pam.d/su.  I have not tested anything, but there are comments in this config file that should put you on the right track.

My copy of the /etc/pam.d/su is pasted here...

[root@mail1 pam.d]# cat su
#%PAM-1.0
auth       sufficient   /lib/security/pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth       sufficient   /lib/security/pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth       required     /lib/security/pam_wheel.so use_uid
auth       required     /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_xauth.so
[root@mail1 pam.d]# pwd
/etc/pam.d
[root@mail1 pam.d]# 




Joseph A. Terrell
Senior Internet Analyst
Internet Services
HighTower, Inc., 7301 N. Lincoln, Suite 100, Lincolnwood, IL 60712
(v) 847.674.0081 (f) 847.674.0544
****HighTower's Retainer Control - www.hightowerinc.com/retainercontrol 
****HighTower's Best Solutions - www.hightowerinc.com/best

>>> Florin.Florian@net.utcluj.ro 10/24/01 10:17AM >>>
Hi,

How can I restrict for some of the users to take "su -" in the telnet
console?

Thank's for your help ....



_______________________________________________

Pam-list@redhat.com 
https://listman.redhat.com/mailman/listinfo/pam-list





[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux