I recently searched for a solution to su into a user which is only used for an application without entering a password. I normally create an application user without any password because that user never should be able to be logged on to. If you are not using the root user or sudo to log on you are required to enter a password even though the user does not have one at all. I found a neat trick which I want to share with you. We can achieve these goals using Pluggable Authentication Modules or short PAM. We need to edit the corosponding su file with is located under `/etc/pam.d/su` and add the following lines under `pam_rootok.so`: auth [success=ignore default=1] pam_succeed_if.so user = user auth sufficient pam_succeed_if.so use_uid user = adminuser If you want to allow a group of users to su into the user defined in the first line instead of one single user you can use auth sufficient pam_succeed_if.so use_uid user ingroup admins for the second line. In this example the group is called `admins`, the user which will su into another user `adminuser` and the user that will be su’ed in `user` The finished file should now look like this: ``` # # The PAM configuration file for the Shadow `su' service # # This allows root to su without passwords (normal operation) auth sufficient pam_rootok.so auth [success=ignore default=1] pam_succeed_if.so user = user auth sufficient pam_succeed_if.so use_uid user ingroup admins ... ```
| author | timoschuetz |
|---|---|
| permlink | use-su-without-the-need-of-a-password |
| category | linux |
| json_metadata | {"tags":["linux","server","authorization"],"app":"steemit/0.1","format":"markdown"} |
| created | 2019-09-13 09:20:30 |
| last_update | 2019-09-13 09:21:21 |
| depth | 0 |
| children | 2 |
| last_payout | 2019-09-20 09:20:30 |
| cashout_time | 1969-12-31 23:59:59 |
| total_payout_value | 0.228 HBD |
| curator_payout_value | 0.226 HBD |
| pending_payout_value | 0.000 HBD |
| promoted | 0.000 HBD |
| body_length | 1,468 |
| author_reputation | 38,710,934,222 |
| root_title | "Use su without the need of a password" |
| beneficiaries | [] |
| max_accepted_payout | 1,000,000.000 HBD |
| percent_hbd | 10,000 |
| post_id | 90,533,142 |
| net_rshares | 1,784,832,780,229 |
| author_curate_reward | "" |
| voter | weight | wgt% | rshares | pct | time |
|---|---|---|---|---|---|
| ocisly | 0 | 10,468,340,177 | 100% | ||
| aditor | 0 | 5,541,936,421 | 100% | ||
| nicniezgrublem | 0 | 189,339,999,781 | 100% | ||
| spacesheep | 0 | 4,461,646,022 | 100% | ||
| profit-shooter | 0 | 938,167,287,573 | 100% | ||
| technocracy | 0 | 430,068,102 | 100% | ||
| santarius | 0 | 196,756,546 | 100% | ||
| acronyms | 0 | 1,308,829,950 | 100% | ||
| syntoxictech | 0 | 556,592,383 | 100% | ||
| glodniwiedzy | 0 | 29,476,850,346 | 100% | ||
| krasnalek | 0 | 142,049,130 | 100% | ||
| freakout-pl | 0 | 912,266,318 | 100% | ||
| aceofsteem | 0 | 71,126,650 | 100% | ||
| xara | 0 | 166,194,653 | 100% | ||
| engrave | 0 | 597,267,602,533 | 100% | ||
| meowcliver | 0 | 301,712,564 | 100% | ||
| gameeit | 0 | 3,007,576,148 | 100% | ||
| joelpugapt | 0 | 1,856,734,288 | 100% | ||
| bgornicki | 0 | 1,159,210,644 | 100% |
Congratulations @timoschuetz! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) : <table><tr><td><img src="https://steemitimages.com/60x60/http://steemitboard.com/img/notifications/firstvote.png"></td><td>You made your First Vote</td></tr> <tr><td><img src="https://steemitimages.com/60x70/http://steemitboard.com/@timoschuetz/voted.png?201909131340"></td><td>You received more than 10 upvotes. Your next target is to reach 50 upvotes.</td></tr> </table> <sub>_You can view [your badges on your Steem Board](https://steemitboard.com/@timoschuetz) and compare to others on the [Steem Ranking](https://steemitboard.com/ranking/index.php?name=timoschuetz)_</sub> <sub>_If you no longer want to receive notifications, reply to this comment with the word_ `STOP`</sub> ###### [Vote for @Steemitboard as a witness](https://v2.steemconnect.com/sign/account-witness-vote?witness=steemitboard&approve=1) to get one more award and increased upvotes!
| author | steemitboard |
|---|---|
| permlink | steemitboard-notify-timoschuetz-20190913t142632000z |
| category | linux |
| json_metadata | {"image":["https://steemitboard.com/img/notify.png"]} |
| created | 2019-09-13 14:26:33 |
| last_update | 2019-09-13 14:26:33 |
| depth | 1 |
| children | 0 |
| last_payout | 2019-09-20 14:26:33 |
| cashout_time | 1969-12-31 23:59:59 |
| total_payout_value | 0.000 HBD |
| curator_payout_value | 0.000 HBD |
| pending_payout_value | 0.000 HBD |
| promoted | 0.000 HBD |
| body_length | 1,004 |
| author_reputation | 38,975,615,169,260 |
| root_title | "Use su without the need of a password" |
| beneficiaries | [] |
| max_accepted_payout | 1,000,000.000 HBD |
| percent_hbd | 10,000 |
| post_id | 90,540,430 |
| net_rshares | 0 |
Really cool, works perfectly in my environment!
| author | syntoxictech |
|---|---|
| permlink | pxru3a |
| category | linux |
| json_metadata | {"tags":["linux"],"app":"steemit/0.1"} |
| created | 2019-09-13 13:14:00 |
| last_update | 2019-09-13 13:14:00 |
| depth | 1 |
| children | 0 |
| last_payout | 2019-09-20 13:14:00 |
| cashout_time | 1969-12-31 23:59:59 |
| total_payout_value | 0.000 HBD |
| curator_payout_value | 0.000 HBD |
| pending_payout_value | 0.000 HBD |
| promoted | 0.000 HBD |
| body_length | 47 |
| author_reputation | 3,575,525,740 |
| root_title | "Use su without the need of a password" |
| beneficiaries | [] |
| max_accepted_payout | 1,000,000.000 HBD |
| percent_hbd | 10,000 |
| post_id | 90,538,259 |
| net_rshares | 0 |
| author_curate_reward | "" |
| voter | weight | wgt% | rshares | pct | time |
|---|---|---|---|---|---|
| timoschuetz | 0 | 0 | 100% |
hiveblocks