pam_wheel.so not loggingFrom: Thiago Conde Figueiro (email@example.com)
- Previous message: Seth Arnold: "Re: unexpected UNDELIVERED MAIL"
- Next in thread: Skip Carter: "Re: pam_wheel.so not logging"
- Reply: Skip Carter: "Re: pam_wheel.so not logging"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 4 Dec 2001 11:56:17 -0200 From: Thiago Conde Figueiro <firstname.lastname@example.org> To: email@example.com
Today I came across this issue on one of our RedHat 7.2 servers and I don't really know if this is the expected behavior. I enabled pam_wheel.so on /etc/pam.d/su as follows:
auth required /lib/security/pam_wheel.so use_uid
so that any user trying to su must be in the wheel group. If the user supplies the wrong password for root an entry is generated on syslog:
Dec 4 11:39:22 localhost su(pam_unix): authentication failure; logname=user uid=502 euid=0 tty= ruser= rhost= user=root
If the user knows the password for root but is not on the wheel group, he's denied authentication, as expected. However, no entry on the log is generated. It would be nice to know if a user who knows the password for root was denied authentication because he/she is not in the wheel group.
-- Thiago Conde Figueiró
Disclaimer: all opinions on this message are my own and do not necessarily represent those of my employer.