Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Access control lists or PAM
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Sib
n00b
n00b


Joined: 18 Apr 2002
Posts: 2

PostPosted: Thu Apr 18, 2002 11:52 am    Post subject: Access control lists or PAM Reply with quote

I just installed Gentoo and am just waiting for my emerge kde to finish when I noticed something weird while trying to 'su -':

Code:

user@machine user $ su -
Password:
su: Permission denied
Sorry.
user@machine user $ ls -als `which su`
  24 -rwsr-xr-x    1 root     root        22988 Apr 17 17:49 /bin/su
user@machine user $ id
uid=1000(martijn) gid=100(users) groups=100(users)


Now, when I put myself in group 'wheel', I can safely su and i'll be accepted..

But the question remains.. Is this behaviour part of PAM or part of POSIX ACL (kernel option)?

Does anyone know?

TIA
Sib
p.s. On a same note, what if I would like to use setfacl and getfacl tools from http://acl.bestbits.at/ included in fileutils-patch.. How would one perform such an action with Gentoo? (Gentoo newbie <-)
Back to top
View user's profile Send private message
ProGuy
n00b
n00b


Joined: 14 Apr 2002
Posts: 17
Location: Denmark

PostPosted: Sun Apr 21, 2002 11:48 pm    Post subject: Reply with quote

It's your PAM configuration that requires you to be in the wheel group, to be
able to use SU.
The configuration is in /etc/pam.d, and /etc/pam.d/su controls SU authentications & friends.

I'm not quite sure about the ACL thingie. I know that Gentoo supports XFS (which has ACLs, but they are different from bestbits). AFAIK they are working on making their ACLs compatible, but for the time being I am not even sure that you can have both enabled (at least not in kernel space). However, I have to admit that I haven't tried it yet because of lack of time.

I hope this helps you a bit :)
_________________
//ProGuy
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum