From owner-freebsd-questions@FreeBSD.ORG Sun Mar 26 12:21:00 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4518616A41F for ; Sun, 26 Mar 2006 12:21:00 +0000 (UTC) (envelope-from a@zeos.net) Received: from fobos.ldc.net (fobos.ldc.net [213.160.128.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 28DE043D4C for ; Sun, 26 Mar 2006 12:20:58 +0000 (GMT) (envelope-from a@zeos.net) Received: from localhost.my.domain (124-dup.ldc.net [213.160.136.124] (may be forged)) by fobos.ldc.net (8.13.5/8.13.5) with ESMTP id k2QCKj5o087483; Sun, 26 Mar 2006 15:20:55 +0300 (EEST) (envelope-from a@zeos.net) Received: from localhost.my.domain (localhost [127.0.0.1]) by localhost.my.domain (8.13.5/8.13.5) with ESMTP id k2QBKnI9001252; Sun, 26 Mar 2006 14:20:50 +0300 (EEST) (envelope-from a@zeos.net) Received: (from elisej@localhost) by localhost.my.domain (8.13.5/8.13.5/Submit) id k2QBKmHC001251; Sun, 26 Mar 2006 14:20:48 +0300 (EEST) (envelope-from a@zeos.net) X-Authentication-Warning: localhost.my.domain: elisej set sender to a@zeos.net using -f Date: Sun, 26 Mar 2006 14:20:48 +0300 From: User Elisej To: Freek Nossin Message-ID: <20060326112048.GA1205@> References: <20060326065414.GQ42429@dan.emsphone.com> <00d401c650c5$70bece10$9600000a@edsger> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00d401c650c5$70bece10$9600000a@edsger> User-Agent: mutt-ng/devel-r581 (FreeBSD) X-Virus-Scanned: ClamAV version 0.87.1, clamav-milter version 0.87 on fobos.ldc.net X-Virus-Status: Clean X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0.2 (fobos.ldc.net [213.160.128.2]); Sun, 26 Mar 2006 15:20:56 +0300 (EEST) Cc: freebsd-questions@freebsd.org Subject: Re: Thanks! and... the su command X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Mar 2006 12:21:00 -0000 On Sun, Mar 26, 2006 at 01:07:15PM +0200, Freek Nossin wrote: > > -----Original Message----- > > From: Dan Nelson [mailto:dnelson@allantgroup.com] > > Sent: zondag 26 maart 2006 8:54 > > To: Saul Mena Avila > > Cc: freebsd-questions@freebsd.org > > Subject: Re: Thanks! and... the su command > > > > In the last episode (Mar 26), Saul Mena Avila said: > > > Hi!. Thanks for helping me with the USB flash memory. I've also have > > trouble > > > with the su command... since I installed the FreeBSD 5.4, everytime I > > try to > > > login as root with su, the shell answers me with "Sorry"... and that's > > all. > > > Is it wrong configured or installed? > > > > You need to be in the 'wheel' group to su to root. It's not mentioned > > in the su manpage, but is in both the FAQ and handbook. > > > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/admin.html > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/securing- > > freebsd.html > > > > -- > > Dan Nelson > > dnelson@allantgroup.com > > > Although it is described in the handbook, in my opinion an "error message", > or more generally a "feedback message", should give more useful feedback to > the user. Now the user must think of all the checks that can fail while - in > this case - authenticating, which is rather silly when you think of it, > because the su-command, just did exactly the same, and could have easily > printed a message that would describe the check on which it returned the > error. > > - Freek Nossin > > PS: > cc to freebsd-? > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > There is a way to su root anyway. Should you read su(1) and pam.conf(5), you see that your ability to su root depends on the /etc/pam.d/su For the first time, you can delete this file, and you will be able to su anybody always. But this is not a good way for security reasons. Then read pam.conf(5) and edit the /etc/pam.d/su in a way allowing you to su root. But only you. Elisej Babenko mailto:a@zeos.net