03-28-2014
Remove users from the 'admin' or 'wheel' groups if you don't want them to su.
10 More Discussions You Might Find Interesting
1. IP Networking
Hello Guys,
We are using Sco Unix 5.0
While we was changing root password from scoadmin, It did not change the password and hang in between.
Now, I am unable to login as root user
pls. do suggest me how can i skip root password and how can i goto root to change the password again.
Or if... (4 Replies)
Discussion started by: subho77
4 Replies
2. Answers to Frequently Asked Questions
We have quite a few threads about this subject. I have collected some of them and arranged them by the OS which is primarily discussed in the thread. That is because the exact procedure depends on the OS involved. What's more, since you often need to interact with the boot process, the... (0 Replies)
Discussion started by: Perderabo
0 Replies
3. AIX
How do I make it so user "root" can not log directly into an AIX server? I want a user to be able to SU to it but not log into it to keep a log (2 Replies)
Discussion started by: breigner
2 Replies
4. UNIX for Dummies Questions & Answers
All,
I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
Discussion started by: bubba112557
2 Replies
5. Solaris
Hello all,
I've a problem with root login password in Solaris.
After I installed a patch the root password became empty, so to login as root I don't have to type any password, just username: root.
I've tried the passwd command but it still doesn't work...
Does anyone knows how can I solve this?... (1 Reply)
Discussion started by: pmpx
1 Replies
6. Solaris
I want to enable root login just from one terminal machine, can i do that via /etc/default/login in console=/dev/console line ?
and if so what i have to type exactly, another question is it normal to edit the files inside defaults directly ? or i can copy it to /etc/ and edit it there and its... (3 Replies)
Discussion started by: XP_2600
3 Replies
7. AIX
Hi, yesterday, I changed root's shell in /etc/passwd, cause a mistake then I can not log in root account (can't find correct shell). I attempted to log in single-mode, however, it prompted for single-mode's password then I type root's password but still can not log in.
I'm using AIX 5L version 5.2... (2 Replies)
Discussion started by: neikel
2 Replies
8. HP-UX
With my SSH, my HP-UX cannot login to root. It will come out a message su: unknown id: root. But I can login by user oracle. I also cannot login to console either by using root or oracle anymore. What shall I do. (5 Replies)
Discussion started by: surizan
5 Replies
9. AIX
I can use sudo su to root from my user id through ssh. Also can change root password. However, I cannnot login by root from ssh.
Does any body know why? (10 Replies)
Discussion started by: rainbow_bean
10 Replies
10. Solaris
Hi All
After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies
LEARN ABOUT MOJAVE
pam_group
pam_group(8) BSD System Manager's Manual pam_group(8)
NAME
pam_group -- Group PAM module
SYNOPSIS
[service-name] function-class control-flag pam_group [options]
DESCRIPTION
The Group PAM module supports the account management function class. In terms of the function-class parameter, this is the ``account''
class.
The Group account management module permits or denies users based on their membership to a particular group (or groups) specified with the
group option. If no groups are specified the default group (``wheel'') will be used.
The following options may be passed to this account management module:
deny Reverse the meaning of the test, i.e., reject the applicant if and only if he or she is a member of the specified group. This
can be useful to exclude certain groups of users from certain services.
fail_safe If the specified group does not exist, or has no members, act as if it does exist and the applicant is a member.
group=groupname
Specify the name of the group to check. This can be a comma-separated list (i.e. ``group=admin,wheel'').
root_only Skip this module entirely if the target account is not the superuser account.
ruser Check the membership of the applicant (PAM_RUSER), rather than the target account (PAM_USER)
SEE ALSO
pam_get_item(3), pam.conf(5), pam(8), DirectoryService(8)
AUTHORS
The pam_group module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division
of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program.
BSD
February 7, 2009 BSD