From owner-freebsd-doc@FreeBSD.ORG Wed Aug 18 14:20:25 2004 Return-Path: Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D5DC216A4D3 for ; Wed, 18 Aug 2004 14:20:20 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 177E243D39 for ; Wed, 18 Aug 2004 14:20:20 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.11/8.12.11) with ESMTP id i7IEKJMH020278 for ; Wed, 18 Aug 2004 14:20:19 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i7IEKJBb020273; Wed, 18 Aug 2004 14:20:19 GMT (envelope-from gnats) Resent-Date: Wed, 18 Aug 2004 14:20:19 GMT Resent-Message-Id: <200408181420.i7IEKJBb020273@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-doc@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Jilles Tjoelker Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C890F16A4CE for ; Wed, 18 Aug 2004 14:12:11 +0000 (GMT) Received: from mailhost.stack.nl (vaak.stack.nl [131.155.140.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2FE6943D41 for ; Wed, 18 Aug 2004 14:12:09 +0000 (GMT) (envelope-from jilles@stack.nl) Received: from turtle.stack.nl (turtle.stack.nl [IPv6:2001:610:1108:5010::132]) by mailhost.stack.nl (Postfix) with ESMTP id 3A80A1F1D7 for ; Wed, 18 Aug 2004 16:12:08 +0200 (CEST) Received: by turtle.stack.nl (Postfix, from userid 1677) id 1A48C1CCA3; Wed, 18 Aug 2004 16:12:08 +0200 (CEST) Message-Id: <20040818141208.1A48C1CCA3@turtle.stack.nl> Date: Wed, 18 Aug 2004 16:12:08 +0200 (CEST) From: Jilles Tjoelker To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: docs/70616: incompleteness and error in su(1) man page X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Jilles Tjoelker List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Aug 2004 14:20:26 -0000 >Number: 70616 >Category: docs >Synopsis: incompleteness and error in su(1) man page >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Wed Aug 18 14:20:19 GMT 2004 >Closed-Date: >Last-Modified: >Originator: Jilles Tjoelker >Release: FreeBSD 5.2.1-RELEASE-p8 i386 >Organization: MCGV Stack >Environment: System: FreeBSD turtle.stack.nl 5.2.1-RELEASE-p8 FreeBSD 5.2.1-RELEASE-p8 #28: Wed May 26 18:25:55 CEST 2004 marcolz@turtle.stack.nl:/usr/obj/usr/src/sys/TURTLE i386 Also in 5-CURRENT >Description: 1. The su man page doesn't mention that by default users must be in group wheel to su to root. While it is mentioned in other documentation, it should be in the man page as well. The 4.x man page mentioned it. (This confuses new users.) 2. The su man page says the PAM configuration for su is in /etc/pam.conf, but it is in /etc/pam.d/su now. >How-To-Repeat: man su >Fix: Patch included --- su.1.diff begins here --- --- su.1.orig Wed Aug 18 15:58:47 2004 +++ su.1 Wed Aug 18 16:05:16 2004 @@ -52,7 +52,10 @@ (the default user is the superuser). A shell is then executed. .Pp -PAM is used to set all policy. +PAM is used to set all policy. In particular, by default only users in group +``wheel'' may use +.Nm +to switch to UID 0 (``root''). .Pp By default, the environment is unmodified with the exception of .Ev USER , @@ -159,13 +162,10 @@ .Dq Sy \&# to remind one of its awesome power. .Sh FILES -.Bl -tag -width /etc/pam.conf -compact -.It Pa /etc/pam.conf +.Bl -tag -width /etc/pam.d/su -compact +.It Pa /etc/pam.d/su .Nm -is configured with PAM support; it uses -.Pa /etc/pam.conf -entries with service name -.Dq su +is configured with PAM support .El .Sh SEE ALSO .Xr csh 1 , --- su.1.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted: