On Sat, 2006-05-13 at 13:22, Schlaegel wrote: > I want everyone to avoid 'su', and most users won't know any important > target passwords (like root). Also, which password is required is > inconsistent across linux programs and even across `sudo` > installations, so I want either to work. > > Rather than debate the social issues, I want to know if anyone knows a > technical solution that allows this. It's more program philosophy than a social issue. When you disagree with the author about what the program is supposed to do, the source code is the place to start. > (This same pam recipe would be handy in a screensaver lock screen.) Pam can check a password against any number of things you want, but I don't think there is a way to tell it that other user names are OK in the same run. You might build an appropriate permutation of the password file for a service (where the expected user name is matched with the alternate acceptable password) and add that to the list that pam should check. -- Les Mikesell lesmikesell@xxxxxxxxx
