pam_wheel.so not logging

From: Thiago Conde Figueiro (thiago@ciphertech.com.br)
Date: 12/04/01


Date: Tue, 4 Dec 2001 11:56:17 -0200
From: Thiago Conde Figueiro <thiago@ciphertech.com.br>
To: focus-linux@securityfocus.com


        Today I came across this issue on one of our RedHat 7.2 servers and I don't really know if this is the expected behavior. I enabled pam_wheel.so on /etc/pam.d/su as follows:

auth required /lib/security/pam_wheel.so use_uid

        so that any user trying to su must be in the wheel group. If the user supplies the wrong password for root an entry is generated on syslog:

Dec 4 11:39:22 localhost su(pam_unix)[3339]: authentication failure; logname=user uid=502 euid=0 tty= ruser= rhost= user=root

        If the user knows the password for root but is not on the wheel group, he's denied authentication, as expected. However, no entry on the log is generated. It would be nice to know if a user who knows the password for root was denied authentication because he/she is not in the wheel group.

        Any thoughts?

Regards,

-- 
Thiago Conde Figueiró

Disclaimer: all opinions on this message are my own and do not necessarily represent those of my employer.



Relevant Pages

  • Re: Install Windows Patch via GPO
    ... Best regards ... Meinolf Weber ... Disclaimer: This posting is provided "AS IS" with no warranties, ...
    (microsoft.public.windows.group_policy)
  • Re: Install Windows Patch via GPO
    ... Best regards ... Disclaimer: This posting is provided "AS IS" with no warranties, ...
    (microsoft.public.windows.group_policy)
  • Re: Group Policy
    ... Best regards ... Meinolf Weber ... Disclaimer: This posting is provided "AS IS" with no warranties, ... gpupdate /force on the client machine to update the settings. ...
    (microsoft.public.windows.server.setup)
  • Re: Failing DC
    ... Best regards ... Meinolf Weber ... Disclaimer: This posting is provided "AS IS" with no warranties, ...
    (microsoft.public.windows.server.active_directory)
  • Re: Failing DC
    ... Best regards ... Meinolf Weber ... Disclaimer: This posting is provided "AS IS" with no warranties, ...
    (microsoft.public.windows.server.active_directory)