PAM_ROOTOK(8) BSD System Manager's Manual PAM_ROOTOK(8)NAME
pam_rootok -- RootOK PAM module
SYNOPSIS
[service-name] module-type control-flag pam_rootok [options]
DESCRIPTION
The RootOK authentication service module for PAM, pam_rootok provides functionality for only one PAM category: authentication. In terms of
the module-type parameter, this is the ``auth'' feature. It also provides a null function for session management.
RootOK Authentication Module
The RootOK authentication component (pam_sm_authenticate()), always returns success for the superuser; i.e., if getuid(2) returns 0.
The following options may be passed to the authentication module:
debug syslog(3) debugging information at LOG_DEBUG level.
no_warn suppress warning messages to the user. These messages include reasons why the user's authentication attempt was declined.
SEE ALSO getuid(2), pam.conf(5), pam(8)BSD July 8, 2001 BSD
Check Out this Related Man Page
PAM_ROOTOK(8) Linux-PAM Manual PAM_ROOTOK(8)NAME
pam_rootok - Gain only root access
SYNOPSIS
pam_rootok.so [debug]
DESCRIPTION
pam_rootok is a PAM module that authenticates the user if their UID is 0. Applications that are created setuid-root generally retain the
UID of the user but run with the authority of an enhanced effective-UID. It is the real UID that is checked.
OPTIONS
debug
Print debug information.
MODULE TYPES PROVIDED
The auth, acct and password module types are provided.
RETURN VALUES
PAM_SUCCESS
The UID is 0.
PAM_AUTH_ERR
The UID is not 0.
EXAMPLES
In the case of the su(1) application the historical usage is to permit the superuser to adopt the identity of a lesser user without the use
of a password. To obtain this behavior with PAM the following pair of lines are needed for the corresponding entry in the /etc/pam.d/su
configuration file:
# su authentication. Root is granted access by default.
auth sufficient pam_rootok.so
auth required pam_unix.so
SEE ALSO su(1), pam.conf(5), pam.d(5), pam(7)AUTHOR
pam_rootok was written by Andrew G. Morgan, <morgan@kernel.org>.
Linux-PAM Manual 06/04/2011 PAM_ROOTOK(8)
Hello, I can ssh as root directly, but when login as normal user, I cant su to root:
user@server:~% su
Password:
and in the /var/log/messages:
session opened for user root by user(uid=501)
session closed for user root
Im sure the root password is correct, any pointer? (14 Replies)
Hi,
I am not able to login on my linux server through my some user :-
when i login through root and try to login it gives the following error :-
#su - oracle
su: incorrect password
i have check the entry of oracle user is there in /etc/passwd file also... (11 Replies)
Hi,
I find there is some customized linux with application.
When I use login account root and type the password.
It is not allow to login.
But if I login with specified user and password.
Then I use command "su - " and type root passwd.
It allow you to switch to "root" account .
Or if i... (14 Replies)
Hello.
I have a RHEL 7.2 where a regular user can't make a "su -" to reach root account:
server532:t711740:/$ id
uid=75456(t711740) gid=10000(personales) groups=10000(personales),10(wheel)
tehrh532:t711740:/$ su -
Password:
su: Permission denied
But can make "sudo su -"... (2 Replies)