[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to use sudo not root

* Magnus Therning <magnus@therning.org> [2006-06-17 11:38]:
> > > Historically in UNIX the group wheel has GID 0, in Debian that's
> > > the root group.
> >
> > Do you know where the name `wheel' comes from?
> No I don't. I couldn't find anything on Google either (10 minute
> search only). One interesting peculiarity I wasn't aware of is that
> on BSDs, which have the wheel group, `su root` is only allowed for
> members of the wheel group.

That's how I've set it up as well.  I've added a system group wheel
and made sure PAM only allows su (and console logins) for members of
group wheel.  Also, SSH only allows members of group wheel to log in
remotely.  I think I got the idea from the "Securing Debian Manual".

- Felix

Felix C. Stegerman <flx@obfusk.net>                  http://obfusk.net
~ "Any sufficiently advanced bug is indistinguishable from a feature."
~   -- R. Kulawiec
~ vim: set ft=mail tw=70 sw=2 sts=2 et:

Attachment: pgp2m8MqOYgMk.pgp
Description: PGP signature

Reply to: