This is Su-options in view mode; [Up]
Date: Sun 07-May-1990 18:01:02 From: tuchngo@oxy.edu (Theodore Richard Harvey) Subject: Su options I have a question about su. We would like to set up su so that when a person in the wheel group su's, they are prompted for the root password. The NeXT manuals talk about the differences between su and su.wheel, but I cannot successfully implement the su.wheel command. Any ideas? Thanks for your assistance. Ted Harvey tuchngo@oxy.edu
Date: Sun 13-May-1990 21:46:33 From: rogerj@batcomputer.tn.cornell.edu (Roger Jagoda) Subject: Re: Su options In article <92700@tiger.oxy.edu> tuchngo@oxy.edu (Theodore Richard Harvey) writes: >I have a question about su. We would like to set up su so that when a >person in the wheel group su's, they are prompted for the root >password. The NeXT manuals talk about the differences between >su and su.wheel, but I cannot successfully implement the su.wheel >command. Any ideas? Yes. This will also help a few others that have posted here about wheel group access. When you FIRST get the cube up as user "me", you SHOULD be able to su to root in a Terminal window as me has su privs. out of the box. If you can't do this, re-install the OS as you've screwed something up. Now, do: nidump group. and this will show you the "group" file loaded in the "." domain. Make any changes you want by doing something like this: nidump group . > /etc/group.local vi group.local ---make changes by adding yourself to the line "wheel:*:" ...remove the "me" entry too as this is a security breach if others have accounts on the cube. niload group . < /etc/group.local Of course you can also use the Edit App if you're unfamiliar with vi. NOOOOWWWW, anyone logging in who you've added to the "wheel" group should be able to su to root with the root passwd. BUT, uh, you must have already set a root passwd! SOOooo, startup the machine and come up as "me". Get into a Terminal window (system admins LIVE in terminal windows) and issue su. Now your prompt should be a "#" sign. passwd root ...give the passwd you want to use... exit You have to say passwd root or else passwd will change the "me" passwd (which you should do anyway, but you don't need to be root to do it). This all works for networks to, just use the "/" domain instead of ".", although, as you'll find out, each machine on the net SHOULD have it's own me and root passwds in its own "." domain as a security messure. The su.wheel bit is if you want people in the "wheel" group to be able to use their OWN passwds to get to root (religious argument, but I don't like that idea). If you want that functionality, copy su.wheel to su and you're there (backup su first in case you want to change you mind!). Any more Q's send me mail, ok? --Roger Jagoda --Cornell University --FQOJ@CORNELLA.CIT.CORNELL.EDU
These are the contents of the former NiCE NeXT User Group NeXTSTEP/OpenStep software archive, currently hosted by Marcel Waldvogel and Netfuture.ch.