Hi, all,
I just upgraded an older system from 8.4 to 10.2 in a single go.
No unexpected problems, until I tried to use "su":
$ su -
su: Sorry
Well, I *am* a member of the wheel group:
$ id
uid=10093(ry93) gid=10001(intern)
groups=10001(intern),0(wheel),10002(entwickler)
Hmmm ... we pull all this information from LDAP. My nsswitch.conf has always
been:
group: files cache ldap
passwd: files cache ldap
Without the "compat" entries.
Let's check the groups:
$ pw group show -a
wheel:*:0:
wheel:*:0:ry22,ry96,ry90,ry93
Before the update the members were merged. The first line is coming from
/etc/group,
the second from LDAP. I do have to remove the "root" member in /etc/group from
wheel
on all systems for LDAP information to be merged in, even on the older systems.
But for
some reason that seems not to be sufficient, anymore.
If I put myself (ry93) in the file, everything works as expected.
Another way I tried was this for nsswitch.conf:
group: compat
group_compat: cache ldap
and then the traditional "+:*:0:" entry in /etc/group. The outcome of "id" and
"su -" is
precisely the same as above. I am shown to be a member of group wheel, yet su
won't let me.
Any ideas?
Thanks,
Patrick
--
punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe
Tel. 0721 9109 0 * Fax 0721 9109 100
i...@punkt.de http://www.punkt.de
Gf: Jürgen Egeling AG Mannheim 108285
_______________________________________________
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
