I login a account, for example my_name_1, now I want to change to
other account, named my_name_2. For example,
$ whoami
tom <--- legal user
$ su john <-- illegal operation, should be refused.
In this case, how to refuse the request by PAM ?
<snip>
If I understand your question correctly, you are trying to prohibit access
to the john user via su. If this is the case, and you want to prevent all
users from being able to su to john, then you can use a pam_listfile
restriction in /etc/pam.d/su which controls access to who can be su'd to
and not who can su to another user.
Hope this helps,
Barry
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
