Hi,
I find there is some customized linux with application.
When I use login account root and type the password.
It is not allow to login.
But if I login with specified user and password.
Then I use command "su - " and type root passwd.
It allow you to switch to "root" account .
Or if i use "su - root" and type password .it is not allow to login again .
It is strange I cannot login if I specified to use "root" account .
How to make this setting ..
Please advice in detailed.
Hi,
I try to change /etc/passw to false at root entry.
I follow your setting.
But I find I cannot login in console with root.
Even I login with other non-root account.
I cannot use "su -" to switch to root again.
it is not my case . my case is .. I can use "su -" to switch to root again.
Because of /bin/false , it was problem .After changing /bin/false to /bin/bash it was ok for me .
log in with other user and what is the log in shell in /etc/passwd file .
I have given another user a root privilege , so I was able to change file .
then the login root in console will be not allow .
But I login with other non-root account and use "su - root " .
I is still working ...
I need to make "su - root" not working from other non-root account .
But "su - " is needed to work.
The root user is no regular user.
And for security issues, its not supposed (on any 'real' *nix system != *ubuntu (did suse remove that option yet?)) to login to GUI.
You might have better luck, to remove the users from admin group (adm) so they wont have permission to login root.
Further a closer inspection of /etc/passwd as already suggested seems a good idea.
You dont need to limit root, leave root's values alone, you need to limit the user!
I can use "su -" in non-root user account to switch to "root" .But the command "su - root" is disabled.
the login from console with root account is also disable .
please advice how I can make this setting in normal linux OS .
It is true . That is what I find in the strange centos linux OS.
I want to know how to reproduce in normal Centos OS linux ...
Please advice in detailed....
I have a hard time believing that what you say is true. But if it is true the most probably source of the strange behavior is the file /etc/pam.d/su and this is a text file that you can examine and modify with an editor. Compare the file on the strange OS with the file on the normal OS. If they are different try copying the file from the strange to the normal.
If this works please post the contents of the file. It will only be a few lines.
And here is the content of file /etc/pam.d/su for comparison:
$ cat /etc/pam.d/su
#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required pam_wheel.so use_uid
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so