diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-10-18 02:39:21 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-10-18 02:39:21 +0000 |
| commit | 7185b416e63bb44056224c5342d0cfd9317ce336 (patch) | |
| tree | f1099d58bbb8250d9e1944a842acf51303bd1001 /etc | |
| parent | 8601e0f6808226151130944863c90aa191ccc482 (diff) | |
| download | FreeBSD-src-7185b416e63bb44056224c5342d0cfd9317ce336.zip FreeBSD-src-7185b416e63bb44056224c5342d0cfd9317ce336.tar.gz | |
Exempt the "wheel group requirement" by default when su'ing to root if
the wheel group has no explicit members listed in /etc/group. This adds
the "exempt_if_empty" flag to pam_wheel in the default configuration;
in some environments, it may be appropriate to remove this flag, however,
this default is the same as pre-pam_wheel.
Reviewed by: markm
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/pam.d/su | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/pam.d/su b/etc/pam.d/su index 1d24474..8d686ff 100644 --- a/etc/pam.d/su +++ b/etc/pam.d/su @@ -7,7 +7,7 @@ # auth auth sufficient pam_rootok.so no_warn auth sufficient pam_self.so no_warn -auth requisite pam_wheel.so no_warn auth_as_self noroot_ok +auth requisite pam_wheel.so no_warn auth_as_self noroot_ok exempt_if_empty #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn try_first_pass auth_as_self auth sufficient pam_opie.so no_warn no_fake_prompts |
