From 782caf3dd09dfa449e0e1e552af76b9c3ceb33cd Mon Sep 17 00:00:00 2001
From: Michael Scherer <misc@mageia.org>
Date: Wed, 24 Nov 2010 01:27:30 +0000
Subject: pam_wheel is made to be used with su only. pam_succeed_if seems to be
 the proper module

---
 modules/pam/templates/system-auth | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'modules')

diff --git a/modules/pam/templates/system-auth b/modules/pam/templates/system-auth
index 6f4074bc..184553b4 100644
--- a/modules/pam/templates/system-auth
+++ b/modules/pam/templates/system-auth
@@ -6,10 +6,10 @@ auth    [abort=ignore success=done new_authtok_reqd=done default=ignore]  pam_tc
 auth    sufficient   pam_unix.so likeauth nullok try_first_pass
 auth    sufficient   pam_ldap.so use_first_pass
 <%- if access_class = 'admin' -%>
-auth    required     pam_wheel.so group=mga-sysadmin
+auth    required     pam_succeed_if.so quiet user ingroup mga-sysadmin
 <%- end -%>
 <%- if access_class = 'commiters' -%>
-auth    required     pam_wheel.so group=mga-commiters
+auth    required     pam_succeed_if.so quiet user ingroup mga-commiters
 <%- end -%>
 auth    required     pam_deny.so
 
-- 
cgit v1.2.1