You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Local user account unable to "su" to another local user account

edited Jun 30, 2022 2:54AM in Linux

Applies To:

Oracle Cloud Infrastructure - Version N/A and later

Linux OS - Version Oracle Linux 5.0 to Oracle Linux 8.3 with Unbreakable Enterprise Kernel [5.4.17] [Release OL5 to OL8U3]

Symptoms:

Local user account unable to "su" to another local user account.

[opc@<SERVER1> ~]$ su <TESTUSER1>
Password:
su: Permission denied

[opc@<SERVER2> ~]$ su <TESTUSER2>
Password:
su: Permission denied

Changes:

None

Cause:

The file /etc/pam.d/su has an entry "auth required pam_wheel.so use_uid" in the stack.

[root@localhost ~]# head /etc/pam.d/su
#%PAM-1.0
auth            sufficient      pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth           sufficient      pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
auth            required        pam_wheel.so use_uid
auth            substack        system-auth
auth            include         postlogin
account         sufficient      pam_succeed_if.so uid = 0 use_uid quiet
account         include         system-auth
[root@localhost

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!