01-16-2013
That's not possible, except if the user is a member of the wheel group and PAM is configured to allow it.
Configuring sudo is probably the better way to go. Giving carte blanche access to root using su in this way is generally not a good idea.
This User Gave Thanks to Scott For This Post:
10 More Discussions You Might Find Interesting
1. AIX
I have 02 servers:
- Linux RHEL AS 3 (server1)
- AIX 5.2 (server2)
Running the command rsh server2 passwd derje from the server1 to change derje user password on server2, give me this error:
3004-709 Error while changing the password for "derje"
Can somebody help me ? (0 Replies)
Discussion started by: mayge
0 Replies
2. HP-UX
I have two unix system A and B with same configuration.
I can use remsh from A system login to B system as root, but when I want to change the root password of B system, it ask me the old password, but i forgot it.
However, is it possible to change the B system root password? :(
Thanks a lot (3 Replies)
Discussion started by: zetadhell
3 Replies
3. Linux
Hi all,
I'm having an issue resetting an Linux user password. As root, I type 'passwd <username>, enter the new password, but the user is still Access Denied. Can someone assist me in figuring this one out?
The box is running "Linux trm62 2.4.21-15.ELsmp #1 SMP Thu Apr 22 00:18:24 EDT 2004... (6 Replies)
Discussion started by: bbbngowc
6 Replies
4. Solaris
i created 1 user . Now its passwd time period get expired.
Now how can I set password for that user. Also how can I set a condition such a way that after every 3 months user must change his passwd. (5 Replies)
Discussion started by: ajitkraj
5 Replies
5. Solaris
I'm fairly inexperienced with LDAP and DSEE so to build my skills I installed directory server in the global zone of my Sol 10/u7 machine and created a zone to use as a client. For some reason when I try to change a users password as root (in the client zone) with passwd -r ldap I am prompted for... (1 Reply)
Discussion started by: ilikecows
1 Replies
6. UNIX for Dummies Questions & Answers
I have a Solaris 10 machine that I didn't know the root password to so I went into single user mode and removed the password from the shadow file and rebooted and I am able to login with no password now.
But my problem is that when I try to change the root password from no password to something... (0 Replies)
Discussion started by: darkone_d1_2000
0 Replies
7. Shell Programming and Scripting
Hi All,
I have one requirment..
I need to change my id to some sudo account in a server.. Actually our username/passwd will be stored in one gip file like below...
$cat .a.gz #It's hidden file
username
passwd
$
So I tried the below script to pass the password when i sudo to... (7 Replies)
Discussion started by: raghu.iv85
7 Replies
8. Shell Programming and Scripting
Hello
I am doing some test.
In a script I have to call a change password routine ( ldap ) which ask confirmation. This can be done from terminal.
Is there a way to do something like this :
#!/bin/bash
#
blabla
blabla
blabla
blabla
# changing_password_routine user_name... (2 Replies)
Discussion started by: jcdole
2 Replies
9. AIX
I want to change the root password on an AIX box. What is the best method to do this so i do not get myself locked out. When I do i search the results come up for resetting the password if you are locked out.
Thanks (5 Replies)
Discussion started by: fierfek
5 Replies
10. Solaris
We run Solaris 11. We have a root login constraint that we can login to the root only after doing a su from a generic account called "cloneroot". We somehow misplaced the password for the cloneroot account recently. So, we can't login to root. We have other accounts (eg. oracle) where we can login... (1 Reply)
Discussion started by: jtamminen
1 Replies
LEARN ABOUT DEBIAN
pam_wheel
PAM_WHEEL(8) Linux-PAM Manual PAM_WHEEL(8)
NAME
pam_wheel - Only permit root access to members of group wheel
SYNOPSIS
pam_wheel.so [debug] [deny] [group=name] [root_only] [trust]
DESCRIPTION
The pam_wheel PAM module is used to enforce the so-called wheel group. By default it permits root access to the system if the applicant
user is a member of the wheel group. If no group with this name exist, the module is using the group with the group-ID 0.
OPTIONS
debug
Print debug information.
deny
Reverse the sense of the auth operation: if the user is trying to get UID 0 access and is a member of the wheel group (or the group of
the group option), deny access. Conversely, if the user is not in the group, return PAM_IGNORE (unless trust was also specified, in
which case we return PAM_SUCCESS).
group=name
Instead of checking the wheel or GID 0 groups, use the name group to perform the authentication.
root_only
The check for wheel membership is done only.
trust
The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play
stacking the modules the wheel members may be able to su to root without being prompted for a passwd).
MODULE TYPES PROVIDED
The auth and account module types are provided.
RETURN VALUES
PAM_AUTH_ERR
Authentication failure.
PAM_BUF_ERR
Memory buffer error.
PAM_IGNORE
The return value should be ignored by PAM dispatch.
PAM_PERM_DENY
Permission denied.
PAM_SERVICE_ERR
Cannot determine the user name.
PAM_SUCCESS
Success.
PAM_USER_UNKNOWN
User not known.
EXAMPLES
The root account gains access by default (rootok), only wheel members can become root (wheel) but Unix authenticate non-root applicants.
su auth sufficient pam_rootok.so
su auth required pam_wheel.so
su auth required pam_unix.so
SEE ALSO
pam.conf(5), pam.d(5), pam(7)
AUTHOR
pam_wheel was written by Cristian Gafton <gafton@redhat.com>.
Linux-PAM Manual 05/31/2011 PAM_WHEEL(8)