From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Q8wGs-0006Ec-Ra for garchives@archives.gentoo.org; Sun, 10 Apr 2011 15:09:51 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CFE711C007; Sun, 10 Apr 2011 15:08:24 +0000 (UTC) Received: from mail-wy0-f181.google.com (mail-wy0-f181.google.com [74.125.82.181]) by pigeon.gentoo.org (Postfix) with ESMTP id 85BB51C007 for ; Sun, 10 Apr 2011 15:08:24 +0000 (UTC) Received: by wyi11 with SMTP id 11so6046543wyi.40 for ; Sun, 10 Apr 2011 08:08:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:from:to:subject:date:user-agent:references :in-reply-to:mime-version:content-type:content-transfer-encoding :message-id; bh=hur8YNHi/4Mw1c4edzq7oB1TZnNJgfkLYxp0WQ2x2t4=; b=u0e+r1ROcKTh6owCFmPjg6eS+BA9hrd/RUl5amQm9NZYCN8cmMPLWrlY//LCE3l/9Y LFqKv232p88NNyCn/AOcMWQEhgPoywBwi2tW9dosST5wp8s3Cq6n4p5HiCiUeKY7r30b b/Mz2DxYowVYcsXNvOGL6jJJaR23m02n3wI3I= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:references:in-reply-to:mime-version :content-type:content-transfer-encoding:message-id; b=vsGY53qyiB+fCX3GQoZLJnZiChrEyozVeYW8XEFWu9UX5l7g/pgf/lOLopxfIAeL4p 9uNCgC8emcS12XkXh9loONtF+dTtYyz+NB08XkgHCxzUhCSzKTaqUdUAeFgBGau8vLC3 Eo18iXN+29lJYqoPUQPlWdwaj9tDkDK8ytHcU= Received: by 10.216.145.152 with SMTP id p24mr1674572wej.97.1302448103763; Sun, 10 Apr 2011 08:08:23 -0700 (PDT) Received: from nazgul.localnet (196-215-19-231.dynamic.isadsl.co.za [196.215.19.231]) by mx.google.com with ESMTPS id k76sm2217105wej.43.2011.04.10.08.08.21 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 10 Apr 2011 08:08:22 -0700 (PDT) From: Alan McKinnon To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] su doesn't work for me. Date: Sun, 10 Apr 2011 17:08:01 +0200 User-Agent: KMail/1.13.6 (Linux/2.6.38-ck; KDE/4.6.2; x86_64; ; ) References: <20110410132146.GA936@muc.de> <20110410142821.GB936@muc.de> <4DA1BE7F.3050800@gmail.com> In-Reply-To: <4DA1BE7F.3050800@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201104101708.01721.alan.mckinnon@gmail.com> X-Archives-Salt: X-Archives-Hash: b3a2885cc19cab378fe82c308a4b4284 Apparently, though unproven, at 16:28 on Sunday 10 April 2011, Dale did opine thusly: > > That was it! I've now got su-ability from that normal user. > > > > Funny, though, on my (very) old Debian system I don't seem to have a > > wheel. > > > > Thanks. > > > >> Best regards, > >> Yann > > I think that is a Gentoo thing. It does add some security if you don't > want a user, like maybe some little kid, getting root access for any > reason. No, it's pretty standard across Unix. The BSD's for example have had it since forever - members of the wheel group being allowed to sudo anything only came along much later. Leaving it *out* is a Linux-distro thing, probably from the usual usage case for Linux for many years - a server on the web that actually only had one user even though it was capable of being fully multi-user. The concept of wheel for su is pretty redundant in that case. -- alan dot mckinnon at gmail dot com