[arch-general] Tired of being asked for a password for "su"? Arch has the solution
David C. Rankin
drankinatty at suddenlinkmail.com
Mon Mar 1 13:58:08 EST 2010
Guys,
Working through the setup of my new server, I rad across a wonderful hidden
time-saver in /etc/pam.d/su. If you have configured sudo in the normal way by
providing sudo access to members of the 'wheel' group, you can avoid having to
type the root password to 'su' by uncommenting the following line in /etc/pam.d/su:
auth sufficient pam_wheel.so trust use_uid
As the comment says, the entry causes pam to implicitly trust members of the
wheel group. Eliminating the need to type a 14 char pw 10 times a day is a
time-saver.
My only concern is how secure it is to allow pam to do this? I'd welcome any
thoughts by those that understand whether this causes a concern.
Thanks and thanks to whoever put this little gem in /etc/pam.d/su
--
David C. Rankin, J.D.,P.E.
Rankin Law Firm, PLLC
510 Ochiltree Street
Nacogdoches, Texas 75961
Telephone: (936) 715-9333
Facsimile: (936) 715-9339
www.rankinlawfirm.com
More information about the arch-general
mailing list