Re: [suse-security] chgrp su to wheel * yes!
Yes! that works, then I re-ran security in yast and it's holding... even after reboot... making progress finally... now let me try adjusting access.conf... maybe there is a Suse replacement for doing the same thing? I haven't found one... I've only had the system up for a week, mostly only been cringing at it because of the aforementioned items... I do have better trojan coverage here than in redhat if all goes well I think... kind of my interest in it... but now that I have su set only to admin I need to block root/admin user login from remote access completely... On 2002.09.29 15:14 Eduard Avetisyan wrote:
Hello Susan,
Perhaps you could check in /etc/permissions.{easy,local,secure,paranoid} ? SuSEConfig uses the data from this file to refresh certain files' group, ownership and access controls...
Hope that helps Eduard
--- Susan Buczak <sbuczak2@comcast.net> wrote:
So ok anyone know how to chgrp su to wheel on suse8.0 and have it maintain the group wheel on reboot? as it is Yast ( or something)rewrites it's own desired config everytime I reboot... yesy I did chgrp as root... but the system doesn't listen to root it listens to yast...
I don't want all users using su, just a couple...
On Sun, Sep 29, 2002 at 06:49:32PM -0400, Susan Buczak wrote:
Yes! that works, then I re-ran security in yast and it's holding... even after reboot... making progress finally...
Perfect.
but now that I have su set only to admin I need to block root/admin user login from remote access completely...
In /etc/security/access.conf: # Disallow non-local logins to privileged accounts (group wheel). # #-:wheel:ALL EXCEPT LOCAL .win.tue.nl You should be able to tailer that to your needs. I'd also set "PermitRootLogin" to "no" in /etc/ssh/sshd_config. Regards, -- Otto
participants (2)
-
Otto Jongerius -
Susan Buczak