01-16-2013
That's not possible, except if the user is a member of the wheel group and PAM is configured to allow it.
Configuring sudo is probably the better way to go. Giving carte blanche access to root using su in this way is generally not a good idea.
This User Gave Thanks to Scott For This Post:
10 More Discussions You Might Find Interesting
1. AIX
I have 02 servers:
- Linux RHEL AS 3 (server1)
- AIX 5.2 (server2)
Running the command rsh server2 passwd derje from the server1 to change derje user password on server2, give me this error:
3004-709 Error while changing the password for "derje"
Can somebody help me ? (0 Replies)
Discussion started by: mayge
0 Replies
2. HP-UX
I have two unix system A and B with same configuration.
I can use remsh from A system login to B system as root, but when I want to change the root password of B system, it ask me the old password, but i forgot it.
However, is it possible to change the B system root password? :(
Thanks a lot (3 Replies)
Discussion started by: zetadhell
3 Replies
3. Linux
Hi all,
I'm having an issue resetting an Linux user password. As root, I type 'passwd <username>, enter the new password, but the user is still Access Denied. Can someone assist me in figuring this one out?
The box is running "Linux trm62 2.4.21-15.ELsmp #1 SMP Thu Apr 22 00:18:24 EDT 2004... (6 Replies)
Discussion started by: bbbngowc
6 Replies
4. Solaris
i created 1 user . Now its passwd time period get expired.
Now how can I set password for that user. Also how can I set a condition such a way that after every 3 months user must change his passwd. (5 Replies)
Discussion started by: ajitkraj
5 Replies
5. Solaris
I'm fairly inexperienced with LDAP and DSEE so to build my skills I installed directory server in the global zone of my Sol 10/u7 machine and created a zone to use as a client. For some reason when I try to change a users password as root (in the client zone) with passwd -r ldap I am prompted for... (1 Reply)
Discussion started by: ilikecows
1 Replies
6. UNIX for Dummies Questions & Answers
I have a Solaris 10 machine that I didn't know the root password to so I went into single user mode and removed the password from the shadow file and rebooted and I am able to login with no password now.
But my problem is that when I try to change the root password from no password to something... (0 Replies)
Discussion started by: darkone_d1_2000
0 Replies
7. Shell Programming and Scripting
Hi All,
I have one requirment..
I need to change my id to some sudo account in a server.. Actually our username/passwd will be stored in one gip file like below...
$cat .a.gz #It's hidden file
username
passwd
$
So I tried the below script to pass the password when i sudo to... (7 Replies)
Discussion started by: raghu.iv85
7 Replies
8. Shell Programming and Scripting
Hello
I am doing some test.
In a script I have to call a change password routine ( ldap ) which ask confirmation. This can be done from terminal.
Is there a way to do something like this :
#!/bin/bash
#
blabla
blabla
blabla
blabla
# changing_password_routine user_name... (2 Replies)
Discussion started by: jcdole
2 Replies
9. AIX
I want to change the root password on an AIX box. What is the best method to do this so i do not get myself locked out. When I do i search the results come up for resetting the password if you are locked out.
Thanks (5 Replies)
Discussion started by: fierfek
5 Replies
10. Solaris
We run Solaris 11. We have a root login constraint that we can login to the root only after doing a su from a generic account called "cloneroot". We somehow misplaced the password for the cloneroot account recently. So, we can't login to root. We have other accounts (eg. oracle) where we can login... (1 Reply)
Discussion started by: jtamminen
1 Replies
LEARN ABOUT OSX
pam_group
pam_group(8) BSD System Manager's Manual pam_group(8)
NAME
pam_group -- Group PAM module
SYNOPSIS
[service-name] function-class control-flag pam_group [options]
DESCRIPTION
The Group PAM module supports the account management function class. In terms of the function-class parameter, this is the ``account''
class.
The Group account management module permits or denies users based on their membership to a particular group (or groups) specified with the
group option. If no groups are specified the default group (``wheel'') will be used.
The following options may be passed to this account management module:
deny Reverse the meaning of the test, i.e., reject the applicant if and only if he or she is a member of the specified group. This
can be useful to exclude certain groups of users from certain services.
fail_safe If the specified group does not exist, or has no members, act as if it does exist and the applicant is a member.
group=groupname
Specify the name of the group to check. This can be a comma-separated list (i.e. ``group=admin,wheel'').
root_only Skip this module entirely if the target account is not the superuser account.
ruser Check the membership of the applicant (PAM_RUSER), rather than the target account (PAM_USER)
SEE ALSO
pam_get_item(3), pam.conf(5), pam(8), DirectoryService(8)
AUTHORS
The pam_group module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division
of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program.
BSD
February 7, 2009 BSD