Re: wheel group
On Fri, May 06, 2011 at 12:20:17PM -0300, Henrique de Moraes Holschuh wrote:
> On Fri, 06 May 2011, Stanisław Findeisen wrote:
> > Restricting certain privileges (like su root) to certain users only
> > looks more secure than letting everyone do it... Is there any particular
> > reason Debian GNU/Linux is so permissive by default?
> Beats me. I am one of those who fight to keep braindamage such as
> wide-open "sudo su -" and password-less root accounts away from Debian,
> so asking me about it would be moot.
> File a wishlist bug against the debian-installer (if one doesn't exist
> already), requesting the optional support of pam_wheel at install time.
No. /etc/pam.d/su is a conffile owned by the login package; you need to
file a bug there first and get the maintainers to provide a policy-compliant
mechanism for configuring this change to the file. *Then* you can talk to
the installer team about supporting it (if debconf doesn't already give you
But I hope the login maintainers 'wontfix' any such bug report. This is a
silly edge case to spend time making configurable via the installer.
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/