Re: [lfs-book] [LFS Trac] #4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf

[LFS Trac via lfs-book]

#4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf
+---
 Reporter:  xry111  |   Owner:  lfs-book
 Type:  defect  |  Status:  new
 Priority:  normal  |   Milestone:  8.4
Component:  Book| Version:  systemd
 Severity:  normal  |  Resolution:
 Keywords:  |
+---

Comment (by dj@…):

 To clarify, this configuration would allow members of the wheel group do
 unsightly things like 'sudo su' but I think that's the whole point of the
 module, if you have wheel access, you had best know what you are doing
 anyway.

--
Ticket URL: 
LFS Trac 
Linux From Scratch: Your Distro, Your Rules.
-- 
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [lfs-book] [LFS Trac] #4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf

[LFS Trac via lfs-book]

#4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf
+---
 Reporter:  xry111  |   Owner:  lfs-book
 Type:  defect  |  Status:  new
 Priority:  normal  |   Milestone:  8.4
Component:  Book| Version:  systemd
 Severity:  normal  |  Resolution:
 Keywords:  |
+---

Comment (by dj@…):

 I suppose for su, we'd do auth required pam_wheel.so to prevent
 misconfiguration of sudo allowing regular su access. For chage and the
 rest, these are all root only as of now and require sudo. Would it be
 appropriate to do an early {auth,account} sufficient pam_wheel.so before
 their -system counterparts for all of the default binaries that we create
 a specific configuration? The same does not apply to sudo as you would use
 its configuration directly, though I'd probably add the wheel group to the
 default configuration there.

--
Ticket URL: 
LFS Trac 
Linux From Scratch: Your Distro, Your Rules.
-- 
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [lfs-book] [LFS Trac] #4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf

[LFS Trac via lfs-book]

#4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf
+---
 Reporter:  xry111  |   Owner:  lfs-book
 Type:  defect  |  Status:  new
 Priority:  normal  |   Milestone:  8.4
Component:  Book| Version:  systemd
 Severity:  normal  |  Resolution:
 Keywords:  |
+---

Comment (by xry111):

 If we add the `wheel` group we should also introduce `pam_wheel` module of
 Linux-PAM in BLFS.

--
Ticket URL: 
LFS Trac 
Linux From Scratch: Your Distro, Your Rules.
-- 
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [lfs-book] [LFS Trac] #4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf

[LFS Trac via lfs-book]

#4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf
+---
 Reporter:  xry111  |   Owner:  lfs-book
 Type:  defect  |  Status:  new
 Priority:  normal  |   Milestone:  8.4
Component:  Book| Version:  systemd
 Severity:  normal  |  Resolution:
 Keywords:  |
+---

Comment (by renodr):

 I agree here - let's put it in /etc/group

 GID of 97 would fit the best IMO. It would make us the most consistent
 with other distros (my CIT-132 class has us examining the differences
 between 11 different distros, and they all have a wheel group below GID
 100).

--
Ticket URL: 
LFS Trac 
Linux From Scratch: Your Distro, Your Rules.
-- 
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [lfs-book] [LFS Trac] #4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf

[LFS Trac via lfs-book]

#4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf
+---
 Reporter:  xry111  |   Owner:  lfs-book
 Type:  defect  |  Status:  new
 Priority:  normal  |   Milestone:  8.4
Component:  Book| Version:  systemd
 Severity:  normal  |  Resolution:
 Keywords:  |
+---

Comment (by bdubbs):

 I don't really see a problem creating a wheel group when we create
 /etc/group.  Looking at what we have in LFS and BLFS, I'd suggest a gid of
 97 or possibly 100.

--
Ticket URL: 
LFS Trac 
Linux From Scratch: Your Distro, Your Rules.
-- 
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [lfs-book] [LFS Trac] #4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf

[LFS Trac via lfs-book]

#4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf
+---
 Reporter:  xry111  |   Owner:  lfs-book
 Type:  defect  |  Status:  new
 Priority:  normal  |   Milestone:  8.4
Component:  Book| Version:  systemd
 Severity:  normal  |  Resolution:
 Keywords:  |
+---

Comment (by dj@…):

 I'm not too attached to it, but I see wheel more and more (likely as a
 result of systemd). I do use it for sudoers locally. I just want to make
 sure it is discussed before killing it off from the get go. Thoughts?

--
Ticket URL: 
LFS Trac 
Linux From Scratch: Your Distro, Your Rules.
-- 
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [lfs-book] [LFS Trac] #4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf

[LFS Trac via lfs-book]

#4376: Non-exist group "wheel" in /usr/lib/tmpfiles.d/systemd.conf
+---
 Reporter:  xry111  |   Owner:  lfs-book
 Type:  defect  |  Status:  new
 Priority:  normal  |   Milestone:  8.4
Component:  Book| Version:  systemd
 Severity:  normal  |  Resolution:
 Keywords:  |
+---

Comment (by xry111):

 We should add meson option '-Dwheel-group=false' to tell systemd we don't
 have wheel group.

--
Ticket URL: 
LFS Trac 
Linux From Scratch: Your Distro, Your Rules.
-- 
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page