Linux From ScratchThis Forum is for the discussion of LFS.
LFS is a project that provides you with the steps necessary to build your own custom Linux system.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have finished my current build using the SVN checkout of the book, adding Linux-PAM and CrackLib to my system (yes, I have rebuilt shadow and systemd). Following the directions provided by the SVN BLFS book, running `su - <username>`, all I get is `su: Permission denied` when running it as root. My /etc/pam.d/su is as it looks in the book (provided below). I am currently chrooting into the system with the command provided by the LFS book. Is there a bug that I am unaware of, or did I miss something that should've been painfully obvious?
EDIT: Adding root to the 'wheel' group does not change it
EDIT2: Using shadow NOT compiled with PAM does work
/etc/pam.d/su:
Code:
# Begin /etc/pam.d/su
# always allow root
auth sufficient pam_rootok.so
# Allow users in the wheel group to execute su without a password
# disabled by default
#auth sufficient pam_wheel.so trust use_uid
# include system auth settings
auth include system-auth
# limit su to users in the wheel group
auth required pam_wheel.so use_uid
# include system account settings
account include system-account
# Set default environment variables for the service user
session required pam_env.so
# include system session settings
session include system-session
# End /etc/pam.d/su
I have finished my current build using the SVN checkout of the book, adding Linux-PAM and CrackLib to my system (yes, I have rebuilt shadow and systemd). Following the directions provided by the SVN BLFS book, running `su - <username>`, all I get is `su: Permission denied` when running it as root. My /etc/pam.d/su is as it looks in the book (provided below). I am currently chrooting into the system with the command provided by the LFS book. Is there a bug that I am unaware of, or did I miss something that should've been painfully obvious?
EDIT: Adding root to the 'wheel' group does not change it
EDIT2: Using shadow NOT compiled with PAM does work
/etc/pam.d/su:
Code:
# Begin /etc/pam.d/su
# always allow root
auth sufficient pam_rootok.so
# Allow users in the wheel group to execute su without a password
# disabled by default
#auth sufficient pam_wheel.so trust use_uid
# include system auth settings
auth include system-auth
# limit su to users in the wheel group
auth required pam_wheel.so use_uid
# include system account settings
account include system-account
# Set default environment variables for the service user
session required pam_env.so
# include system session settings
session include system-session
# End /etc/pam.d/su
You are setting the default environment variables to nothing, instead of reading /etc/environment
This should fix that. Also if you add root user to group wheel you need to logout for it to take effect
Even with adding readenv=1 to /etc/pam.d/su, nothing has changed. I have recompiled CrackLib, Linux-PAM, and shadow (just to make sure there was nothing missing in terms of deps) but to no avail. Still getting permission denied from su. I will post additional configurations when I can copy them out of my distro.
EDIT: So, I realized I was some how missing /etc/pam.d/system-session... It's almost like if you're missing a single configuration file, things don't work
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.