Hi, all, I just upgraded an older system from 8.4 to 10.2 in a single go. No unexpected problems, until I tried to use "su":
$ su - su: Sorry Well, I *am* a member of the wheel group: $ id uid=10093(ry93) gid=10001(intern) groups=10001(intern),0(wheel),10002(entwickler) Hmmm ... we pull all this information from LDAP. My nsswitch.conf has always been: group: files cache ldap passwd: files cache ldap Without the "compat" entries. Let's check the groups: $ pw group show -a wheel:*:0: wheel:*:0:ry22,ry96,ry90,ry93 Before the update the members were merged. The first line is coming from /etc/group, the second from LDAP. I do have to remove the "root" member in /etc/group from wheel on all systems for LDAP information to be merged in, even on the older systems. But for some reason that seems not to be sufficient, anymore. If I put myself (ry93) in the file, everything works as expected. Another way I tried was this for nsswitch.conf: group: compat group_compat: cache ldap and then the traditional "+:*:0:" entry in /etc/group. The outcome of "id" and "su -" is precisely the same as above. I am shown to be a member of group wheel, yet su won't let me. Any ideas? Thanks, Patrick -- punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe Tel. 0721 9109 0 * Fax 0721 9109 100 i...@punkt.de http://www.punkt.de Gf: Jürgen Egeling AG Mannheim 108285 _______________________________________________ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"