auth required pam_wheel.so use_id

    1. [liwm@riyimei ~]$ cat /etc/pam.d/su
    2. #%PAM-1.0
    3. auth        sufficient    pam_rootok.so
    4. # Uncomment the following line to implicitly trust users in the "wheel" group.
    5. #auth        sufficient    pam_wheel.so trust use_uid
    6. # Uncomment the following line to require a user to be in the "wheel" group.
    7. #auth        required    pam_wheel.so use_uid
    8. auth        substack    system-auth
    9. auth        include        postlogin
    10. account        sufficient    pam_succeed_if.so uid = 0 use_uid quiet
    11. account        include        system-auth
    12. password    include        system-auth
    13. session        include        system-auth
    14. session        include        postlogin
    15. session        optional    pam_xauth.so
    16. auth        required    pam_wheel.so use_id
    17. [liwm@riyimei ~]$ su - 
    18. Password: 
    19. su: Permission denied
    20. [liwm@riyimei ~]$ exit
    21. logout
    22. [root@riyimei ~]# usermod -G wheel liwm 
    23. [root@riyimei ~]# su - liwm 
    24. Last login: Wed Jul 15 00:19:20 CST 2020 on pts/1
    25. [liwm@riyimei ~]$ 
    26. [liwm@riyimei ~]$ su - 
    27. Password: 
    28. Last login: Wed Jul 15 00:17:09 CST 2020 on pts/1
    29. Last failed login: Wed Jul 15 00:21:02 CST 2020 on pts/1
    30. There were 3 failed login attempts since the last successful login.
    31. [root@riyimei ~]#

    不加入wheel组的普通用户无法切换到root权限
    auth required pam_wheel.so use_uid

    sed -i ‘/#%PAM/a\auth required pam_wheel.so use_uid’ /etc/pam.d/su