Pages - Menu

Thursday, April 26, 2012

su to root without a password

I'm sick of typing the root password every time I want to su - on Fedora to become the root user. I know how to allow sudo access without a password, but I don't want to use sudo, I want to be able to just type su - and become root.

I couldn't find a good answer for this on Google, so I read the man pages of pam (Pluggable Authentication Modules) until I figured it out.

In the file /etc/pam.d/su put this as the second line:

auth            sufficient

This is incredibly insecure as it lets literally anyone at all with a login become root.

To restrict this just to your username, use this line instead, replace the yourusername with your actual username:

auth            sufficient use_uid user = yourusername

You can also restrict this to a group, here the group allowedpeople can su without a password:

auth            sufficient use_uid user ingroup allowedpeople

No comments: