On 01-Sep-05 Frank Bax wrote:
At 07:36 AM 9/1/05, daniel parkes wrote:
i Was wondering what is the use of the wheel group in suse systems??, in freebsd it has guid 0 and only people that are members of the wheel group can su to root.
Does it have any similar use in suse, it has guid 10 so i cant really see if it has any use out of the box??
Can someone tell me how u can configure the system so only people in the wheel group ca su to root, whitout using sudo.
man su - last line directs reader to "info su" where last section says "GNU 'su' does not support 'wheel' group.".
More precisely, it says "Why GNU 'su' does not support 'wheel' group."
And the reason is that Richard Stallman does not like it, considering
this use of it to be indemocratic and dictatorial. All users should
have equal rights.
I happen to disagree with this as a general proposition. In environments
where there are many users (in the sense of different people), it's
very wise to limit root access to those who know what they're doing.
The latter could be a set of different people, or a single person
with several accounts on the system. Granted, any such user could
simply log in as root from scratch on a new login prompt. However,
it may often be more convenient to 'su' from the account one has
already logged in to. So there is a point to su+wheel.
The main justification for Stallman's argument (that all users should
have equal rights, and someone who learns the root password should
have the right to leak it to others, which would be rendered ineffective
by the restriction to members of 'wheel') is in my mind overturned by
the fact of life that for many systems you wouldn't want this to be
possible!
Best wishes to all,
Ted.
--------------------------------------------------------------------
E-Mail: (Ted Harding)