Every reference(1) to configuring PAM and sudo(8) (in my case, for LDAP),
suggests just symlinking [/usr/local/]etc/pam.d/sudo to /etc/pam.d/su
However, when I do that, all wheel-group users are automatically passing
auth requirements due to:
auth sufficient pam_rootok.so no_warn
...which I assume is happening because sudo(8) is running SUID root?
---s--x--x 2 root wheel 105264 Aug 19 12:36 /usr/local/bin/sudo*
...the problem is, that confuses the visudo(8),sudoers(5) policy by
effectivly adding:
%wheel ALL=(ALL) NOPASSWD: ALL
Is this correct? If so, the docs should probably be updated.
1.:
http://sudo.rtin.bz/sudo/install.html
http://www.freebsd.org/doc/en_US.ISO8859-1/articles/pam/pam-config.html
http://netbsd.org/guide/en/chap-pam.html
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
