i have 1 specific user (uid 400 *grin*) that i want to deny ALL login attempts to. so only direct console login would be allowed. i got it all working, the only thing i cant seem to get done is the su part. how do i tell pam, that ANY su attempt to the uid 400 is to be forbidden ? no matter is the su-ing user is in group wheel, or root himself, su to uid 400 needs to be denied. ideally i would want that user only to be able to log in on ttyS0, but for now i'll settle on solving the su prob :-) any suggestions ? cnf -- Please avoid sending me Word or PowerPoint attachments. See http://www.fsf.org/philosophy/no-word-attachments.html _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
