Date: Fri, 7 Oct 2005 13:02:20 -0400 (EDT) From: "Brian A. Seklecki" <lavalamp@spiritual-machines.org> To: =?iso-8859-1?q?Dag-Erling_Sm=F8rgrav?= <des@des.no> Cc: freebsd-questions@freebsd.org Subject: Re: pam_rootok(8) + pam.d/sudo symlink to pam.d/su Message-ID: <20051007130127.Y95280@arbitor.digitalfreaks.org> In-Reply-To: <86k6gp8fsf.fsf@xps.des.no> References: <20051007114027.Y95280@arbitor.digitalfreaks.org> <86k6gp8fsf.fsf@xps.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --0-935750738-1128704540=:95280 Content-Type: TEXT/PLAIN; charset=iso-8859-1; format=flowed Content-Transfer-Encoding: 8BIT sudo-1.6.8.9 via Ports. Is there any way to set PAM to trace/debug it's decision making process? ~BAS On Fri, 7 Oct 2005, Dag-Erling Smørgrav wrote: > "Brian A. Seklecki" <lavalamp@spiritual-machines.org> writes: >> However, when I do that, all wheel-group users are automatically >> passing auth requirements due to: >> >> auth sufficient pam_rootok.so no_warn >> >> ...which I assume is happening because sudo(8) is running SUID root? > > No, unless sudo is broken. What sudo implementation are you using? > > DES > -- > Dag-Erling Smørgrav - des@des.no > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > l8* -lava x.25 - minix - bitnet - plan9 - 110 bps - ASR 33 - base8 --0-935750738-1128704540=:95280--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051007130127.Y95280>