[SLE] what is the wheel group used for in suse??

Discussion:

daniel parkes

2005-09-01 11:36:58 UTC

Hy!,

i Was wondering what is the use of the wheel group in suse systems??, in
freebsd it has guid 0 and only people that are members of the wheel group
can su to root.

Does it have any similar use in suse, it has guid 10 so i cant really see if
it has any use out of the box??

Can someone tell me how u can configure the system so only people in the
wheel group ca su to root, whitout using sudo.

jdd sur free

2005-09-01 11:54:21 UTC

Permalink

Post by daniel parkes
Hy!,
i Was wondering what is the use of the wheel group in suse systems??, in
freebsd it has guid 0 and only people that are members of the wheel group
can su to root.

same in Gentoo

jdd
--
pour m'écrire, aller sur:
http://www.dodin.net
http://valerie.dodin.net
http://arvamip.free.fr

--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-***@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-***@suse.com

Frank Bax

2005-09-01 13:23:03 UTC

Permalink

Post by daniel parkes
i Was wondering what is the use of the wheel group in suse systems??, in
freebsd it has guid 0 and only people that are members of the wheel group
can su to root.
Does it have any similar use in suse, it has guid 10 so i cant really see if
it has any use out of the box??
Can someone tell me how u can configure the system so only people in the
wheel group ca su to root, whitout using sudo.

man su - last line directs reader to "info su" where last section says "GNU
'su' does not support 'wheel' group.".

A google of "wheel su root suse" would have given you this link among top 10:
http://forums.suselinuxsupport.de/lofiversion/index.php/t17161.html

Ted Harding

2005-09-01 14:33:26 UTC

Permalink

Post by Frank Bax

Post by daniel parkes
i Was wondering what is the use of the wheel group in suse systems??,
in freebsd it has guid 0 and only people that are members of the
wheel group can su to root.
Does it have any similar use in suse, it has guid 10 so i cant really
see if it has any use out of the box??
Can someone tell me how u can configure the system so only people in
the wheel group ca su to root, whitout using sudo.

man su - last line directs reader to "info su" where last section says
"GNU 'su' does not support 'wheel' group.".

More precisely, it says "Why GNU 'su' does not support 'wheel' group."

And the reason is that Richard Stallman does not like it, considering
this use of it to be indemocratic and dictatorial. All users should
have equal rights.

I happen to disagree with this as a general proposition. In environments
where there are many users (in the sense of different people), it's
very wise to limit root access to those who know what they're doing.

The latter could be a set of different people, or a single person
with several accounts on the system. Granted, any such user could
simply log in as root from scratch on a new login prompt. However,
it may often be more convenient to 'su' from the account one has
already logged in to. So there is a point to su+wheel.

The main justification for Stallman's argument (that all users should
have equal rights, and someone who learns the root password should
have the right to leak it to others, which would be rendered ineffective
by the restriction to members of 'wheel') is in my mind overturned by
the fact of life that for many systems you wouldn't want this to be
possible!

Best wishes to all,
Ted.

--------------------------------------------------------------------
E-Mail: (Ted Harding) <***@nessie.mcc.ac.uk>
Fax-to-email: +44 (0)870 094 0861
Date: 01-Sep-05 Time: 15:33:20
------------------------------ XFMail ------------------------------

daniel parkes

2005-09-02 07:16:57 UTC

Permalink

Yep Thnx,

i found this link that was very helpfull after some search:

http://www.faqs.org/docs/securing/chap5sec43.html

and this nice link to pam information:

http://www.phptr.com/articles/article.asp?p=165226&seqNum=1

Thnx Again for your help!.

Post by Ted Harding

Post by Frank Bax

Post by daniel parkes
i Was wondering what is the use of the wheel group in suse systems??,
in freebsd it has guid 0 and only people that are members of the
wheel group can su to root.
Does it have any similar use in suse, it has guid 10 so i cant really
see if it has any use out of the box??
Can someone tell me how u can configure the system so only people in
the wheel group ca su to root, whitout using sudo.

man su - last line directs reader to "info su" where last section says
"GNU 'su' does not support 'wheel' group.".

More precisely, it says "Why GNU 'su' does not support 'wheel' group."
And the reason is that Richard Stallman does not like it, considering
this use of it to be indemocratic and dictatorial. All users should
have equal rights.
I happen to disagree with this as a general proposition. In environments
where there are many users (in the sense of different people), it's
very wise to limit root access to those who know what they're doing.
The latter could be a set of different people, or a single person
with several accounts on the system. Granted, any such user could
simply log in as root from scratch on a new login prompt. However,
it may often be more convenient to 'su' from the account one has
already logged in to. So there is a point to su+wheel.
The main justification for Stallman's argument (that all users should
have equal rights, and someone who learns the root password should
have the right to leak it to others, which would be rendered ineffective
by the restriction to members of 'wheel') is in my mind overturned by
the fact of life that for many systems you wouldn't want this to be
possible!
Best wishes to all,
Ted.
--------------------------------------------------------------------
Fax-to-email: +44 (0)870 094 0861
Date: 01-Sep-05 Time: 15:33:20
------------------------------ XFMail ------------------------------
--
Check the headers for your unsubscription address
Also check the archives at http://lists.suse.com