pam_ldap and nss_ldap : checken and egg problem with "wheel" group
and "su" utility
Lev Serebryakov
lev at FreeBSD.org
Thu Sep 22 08:17:12 UTC 2011
Hello, Freebsd-security.
I have chicken-adn-egg problem with wheel group and su utility when
all users but root are stored in LDAP.
wheel group should be in /etc/group to allow basic system services
to start before LDAP is available.
But when "wheel" is in /etc/group with only "root" member (as all
other members are in LDAP), system never takes "wheel" members from
LDAP (because /etc/group has priority) and "su" doesn't work!
What is proper way to resolve this problem?
--
// Black Lion AKA Lev Serebryakov <lev at FreeBSD.org>
More information about the freebsd-security
mailing list