本文介绍如何通过编辑/etc/pam.d/su文件来配置su命令的使用权限,具体步骤包括启用wheel组成员使用su命令的能力,并确保只有wheel组的成员能够切换到root用户。
编辑/etc/pam.d/su 文件
#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
[color=red][b]auth required pam_wheel.so use_uid[/b][/color]
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so
[color=red][b]echo "SU_WHEEL_ONLY yes" >> /etc/login.defs [/b][/color]
#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
[color=red][b]auth required pam_wheel.so use_uid[/b][/color]
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so
[color=red][b]echo "SU_WHEEL_ONLY yes" >> /etc/login.defs [/b][/color]
扫一扫
2838
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
