Date: Mon, 16 Dec 2002 17:42:28 +0000 (GMT) From: Gavin Atkinson <gavin@ury.york.ac.uk> To: David Malone <dwmalone@maths.tcd.ie> Cc: Craig Boston <craig@xfoil.gank.org>, "" <current@FreeBSD.ORG> Subject: Re: su(1) problem on -current Message-ID: <20021216173131.O31211-100000@ury.york.ac.uk> In-Reply-To: <20021215202040.GB10636@walton.maths.tcd.ie> References: <1039973731.751.11.camel@darth-laptop> <20021215195157.H58191-100000@ury.york.ac.uk> <20021215202040.GB10636@walton.maths.tcd.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 15 Dec 2002, David Malone wrote: > On Sun, Dec 15, 2002 at 08:00:55PM +0000, Gavin Atkinson wrote: > > Confirmed. in su.c it seems that pam_authenticate is returning > > PAM_AUTH_ERR, when it presumably should not be doing so. > > Try getting rid of the auth_as_self in /etc/pam.d/su for the > pam_wheel module. This fixes it. Although I don't understand why this wasn't needed until recently. Is there any reason to have the default pam su config contain auth_as_self? It just seems to introduce yet another (and quite annoying) incompatibility between 4.x and 5.x without achieving anything obvious. Maybe we could get auth_as_self removed from pam_wheel in /etc/pam.d/su? Gavin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021216173131.O31211-100000>