On 1/2/07, Julien Lecomte <[EMAIL PROTECTED]> wrote: > > I can't get 'su' and '/etc/suauth' to work correctly on my 6.2 LFS > system. My system is up and running correctly apart from this minor problem. > > When I 'su', it doesn't seem that '/etc/suauth' is used. For example, my > /etc/suauth (root:root, 600) only contains > root:ALL EXCEPT GROUP wheel:DENY
I've never tried using suauth, but I just looked at the source, and it is only enabled if you're using PAM. BLFS has support for building shadow against PAM and/or cracklib. Read the warnings, though. You don't want to get into a situation where you can't log in to your system. http://www.linuxfromscratch.org/blfs/view/svn/postlfs/shadow.html > As a user, I can su to root (or any other account), which actually > should be denied. BTW, if I su and enter a wrong password, there is no > delay before being returned to the shell prompt, that is, FAIL_DELAY > from /etc/login.defs doesn't seem to be used. Could be wrong, but I also think that FAIL_DELAY is only honored if shadow is built against PAM. I know I have shadow linked against PAM and FAIL_DELAY is honored. Shadow is a bit of a mess in some spots to tell what functionality corresponds to what library. -- Dan -- http://linuxfromscratch.org/mailman/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/lfs/faq.html Unsubscribe: See the above information page
