su / shadow & /etc/suauth

Julien Lecomte julien at famille-lecomte.net
Tue Jan 2 02:02:52 PST 2007


Hello,

I can't get 'su' and '/etc/suauth' to work correctly on my 6.2 LFS 
system. My system is up and running correctly apart from this minor problem.

When I 'su', it doesn't seem that '/etc/suauth' is used. For example, my 
/etc/suauth (root:root, 600) only contains
root:ALL EXCEPT GROUP wheel:DENY
And i have a couple of users, not being wheel and only an 'admin' user 
being wheel.
As a user, I can su to root (or any other account), which actually 
should be denied. BTW, if I su and enter a wrong password, there is no 
delay before being returned to the shell prompt, that is, FAIL_DELAY 
from /etc/login.defs doesn't seem to be used.

Otherwise, my /etc/login.access exists as root:root-600, but is all 
commented out, and relevant parts of /etc/login.defs (also 
root:root-600) are:
SU_NAME         su
DEFAULT_HOME    no
# SU_WHEEL_ONLY no

My shadow was installed as the 6.2 recommends building it, without 
cracklib support.

Thanks for any help,
Julien





More information about the lfs-support mailing list