Re: [PAM] `su' doesn't work at boot time.
Ben Collins <firstname.lastname@example.org> writes:
> On Thu, Jun 03, 1999 at 03:15:36AM -0700, Karl M. Hegbloom wrote:
> > Postgres and dictd won't start because the PAM su doesn't work unless
> > the user calling it is in utmp. It reports that it can't set up
> > PAM_RUSER, and fails to `su' and start the daemon.
> > Why does it do things that way? Is there any good reason why we can't
> > patch `pam_rootok.so' so that it lets root `su' without needing to be
> > registered in utmp?
> > I don't understand these issues well yet.
> This issue is a problem handling devpts (su worked for cronjobs prior
> to glibc 2.1).
> All of this will hopefully be meaningless since I hope that shadow will
> soon be compiled with PAM support, as pam-apps is less than an optimal
> solution (it's mising key programs that are needed in order to really
> replace the shadow suite).
Maybe we should just grab "su" et al from Red Hat? (Which works quite
well with libc6 - in a previous Debian installation, I successfully
used the "login" program from RedHat because it worked much better
with PAM and libc2.1 than the pam-apps one. Same for the passwd and
su programs, IIRC. - I needed the RedHat utils cause I was testing
LDAP, and working PAM is essential for testing LDAP.)