Re: Please verify these 2 OpenBSD Bugs (FAQ, adduser, login.conf)

[Matthias Kilian <kili@outback.escape.de>]

On Sat, Jan 01, 2005 at 11:04:30AM +0100, Otto Moerbeek wrote:
> Again, read group(5). If the primary group is wheel, there's no need to 
> add the user to the wheel group in /etc/group. It has always been this 
> way, and su(1) works. /etc/group is used to record _secondary_ groups.

There's a little caveat with su(1), which may indeed cause some
confusion:

  If group 0 (normally ``wheel'') has users listed then only those
  users can su to ``root''.  It is not sufficient to change a user's
  /etc/passwd entry to add them to the ``wheel'' group; they must
  explicitly be listed in /etc/group.  If no one is in the ``wheel''
  group, it is ignored, and anyone who knows the root password is
  permitted to su to ``root''.


Ciao,
	Kili