*BSD News Article 26261


Return to BSD News archive

Path: sserve!newshost.anu.edu.au!munnari.oz.au!constellation!news.uoknor.edu!ns1.nodak.edu!netnews.nwnet.net!news.uoregon.edu!cs.uoregon.edu!sgiblab!sdd.hp.com!cs.utexas.edu!natinst.com!hrd769.brooks.af.mil!cynjut.ogisd.ess.harris.com!cynjut.ogisd.ess.harris.com!not-for-mail
From: burgess@cynjut.ogisd.ess.harris.com (Dave Burgess)
Newsgroups: comp.os.386bsd.questions
Subject: Re: NetBSD 0.9: Unable to su to root from wheel group
Date: 19 Jan 1994 20:25:10 -0600
Organization: Creative Imagineering
Lines: 64
Message-ID: <2hkq26$23j@cynjut.ogisd.ess.harris.com>
References: <17JAN94.15533228@tifrvax.tifr.res.in>
NNTP-Posting-Host: cynjut.ogisd.ess.harris.com

In article <17JAN94.15533228@tifrvax.tifr.res.in>,
 <bhiksha@tifrvax.tifr.res.in> wrote:
>
>I've set myself in the wheel group (i tried variously sys, staff etc too).
>
>Though id shows that im in group, su reports that im in the wrong group
>to su to root.
>???
>
>I can live without su-ing to root i guess (i have, so far), but id like to
>know why this happens.
>
>bhiksha

SU(1)                       NetBSD Reference Manual                      SU(1)

[text deleted ]

     Only users in group 0 (normally ``wheel'') can ssuu to ``root''.

[ more deleted ]

SEE ALSO
     csh(1),  login(1),  sh(1),  kinit(1),  kerberos(1),  passwd(5),
     group(5),  environ(7)

[ the rest deleted ]

It would seem that you are doing the correct thing, and in fact, setting
your group ID in the password file would be enough in SysV.  In section
0 of the FAQ, I talk about the different feel of the two systems (BSD
and SysV).  This feature is one of the things I had to learn about in my
introduction (trial by fire) to BSD.

From the See Also line above, I see that there is a 'group' file entry
that looks promising, since our problem seems to be the failure to
figure out the BSD requirements for 'being in group 0'. 

Without including the entire man page, I will summarize.

The file /etc/group describes the membership of each of the groups
maintained.  In our case, the first line is the entry for the group
wheel.  As you can see from the man page, the list of members of the
group is actually maintained here in the /etc/group file.

A disconcerting feature of this function is that the man page, in fact,
does not seem to be completely true.  My version says that "A user is
automatically in a group if that group was specified in their
/etc/passwd entry and does not need to be added to that group in the
/etc/group file."  While this may be true for other groups, it is
clearly not true for wheel (as our original poster has shown).  So, is
this a bug or a feature?  Since it is not covered on the group(5) man
page, I assume that it is a bug and will remain one until it is properly
documented :-)...

If it is a feature (I can see why you wouldn't want to have a single
break-in point for the 'wheel' group), it should be documented better
perhaps.  I will add something to the FAQ if someone will add something
to the group(5) man page.
-- 
------
TSgt Dave Burgess               | Dave Burgess
NCOIC, USSTRATCOM/J6444         | *BSD FAQ Maintainer
Offutt AFB, NE                  | Burgess@hrd769.brooks.af.mil