[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [rhelv5-list] membership in NIS 10(wheel) group doesn't allow "su -" if pam_wheel.so is enabled in /etc/pam.d/su



t35t0r wrote:
Hi,

On RHEL4 and 5 if "id username" shows that the user is in group
10(wheel) which RHEL grabbed from NIS groups since /etc/nsswitch.conf
has "group files nis", the user cannot "su -" into the root account
after entering the root password. The only thing that works is if the
user is in the wheel group under /etc/group on the local machine. We
also tried "group nis files" without success. We have the following
line uncommented in /etc/pam.d/su:

auth       required     /lib/security/$ISA/pam_wheel.so use_uid

also tried explicitly appending group=wheel without success. Any ideas?

Thanks

_______________________________________________
rhelv5-list mailing list
rhelv5-list redhat com
https://www.redhat.com/mailman/listinfo/rhelv5-list


I don't believe NIS exports user ids and group ids less than 500 unless you change the values MINUID and MINGID in /var/yp/Makefile

Tony Schreiner
Boston College


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]