hi Ship's Log, Lt. D'jinnie, Stardate 051298.1329: > > Ok, I suspect this comment is going to brand me as permanently clueless, > but...debian has some thing where you can authorize your users to su > without supplying a password.
that's for example secure-su which I used to have installed Desired=Unknown/Install/Remove/Purge | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad) ||/ Name Version Description +++-===============-==============-============================================ rc secure-su 980403-0.3 su with more security options however /etc/suauth looks still ok: # /etc/suauth - secure-su control file. See suauth(5) for full documentation. # Uncommenting this line will only allow members of group root to su to root. root:ALL EXCEPT GROUP sudo:DENY root:GROUP sudo:OWNPASS it schould still ask me for my own passwd > Since sudo -s seems to be rather analogous > to that, i.e. it runs a root shell for you, could this configuration > somehow work for both su and sudo? What happens when you try to su? As I skipet back to normal su (suspeckting secure-su) it now asks me for the root passwd as su is ment to be :) But anyway, I cannot find anything weired going on I did a su -c 'strace sudo -s' 2>sudo.trace grep etc sudo.trace show this: open("/etc/ld.so.preload", O_RDONLY) = 3 open("/etc/ld.so.cache", O_RDONLY) = 3 open("/etc/nsswitch.conf", O_RDONLY) = 3 read(3, "# /etc/nsswitch.conf\n#\n# Examp"..., 4096) = 406 open("/etc/ld.so.cache", O_RDONLY) = 3 open("/etc/passwd", O_RDONLY) = 3 open("/etc/shadow", O_RDONLY) = 3 open("/etc/localtime", O_RDONLY) = 3 open("/etc/resolv.conf", O_RDONLY) = 3 open("/etc/hosts", O_RDONLY) = 3 lstat("/etc/sudoers", {st_mode=S_IFREG|0440, st_size=302, ...}) = 0 lstat("/etc/sudoers", {st_mode=S_IFREG|0440, st_size=302, ...}) = 0 open("/etc/sudoers", O_RDONLY) = 4 open("/etc/group", O_RDONLY) = 5 open("/etc/group", O_RDONLY) = 5 open("/etc/group", O_RDONLY) = 4 open("/etc/passwd", O_RDONLY) = 4 open("/etc/ld.so.preload", O_RDONLY) = 4 open("/etc/ld.so.cache", O_RDONLY) = 4 open("/etc/nsswitch.conf", O_RDONLY) = 4 read(4, "# /etc/nsswitch.conf\n#\n# Examp"..., 4096) = 406 open("/etc/ld.so.cache", O_RDONLY) = 4 open("/etc/passwd", O_RDONLY) = 4 open("/etc/terminfo/s/screen", O_RDONLY) = 4 stat("/etc/inputrc", {st_mode=S_IFREG|0644, st_size=315, ...}) = 0 open("/etc/inputrc", O_RDONLY) = 4 read(4, "# /etc/inputrc - global inputrc "..., 315) = 315 nothing bad as far as I can tell. grep var sudo.trace shows (among other) this: lstat("../../var", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 stat("/var", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 stat("/var/run", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 stat("/var/run/sudo", {st_mode=S_IFDIR|0700, st_size=1024, ...}) = 0 stat("/var/run/sudo/root", 0xbffff3c0) = -1 ENOENT (No such file or directory) utime("/var/run/sudo/root", NULL) = -1 ENOENT (No such file or directory) open("/var/run/sudo/root", O_WRONLY|O_CREAT|O_TRUNC, 0600) = 4 timestamp does not exist and is therefor created ... /me joins the cluless party and aplies to be president ... Greetings -- Alexander N. Benner <*> [EMAIL PROTECTED] <*> Ephesians 6:12 For we wrestle not against flesh and blood, but against principalities, against powers, against the rulers of the darkness of this world, against spiritual wickedness in high places.