File coreutils-8.6-update-man-page-for-pam.diff of Package coreutils.import4829

From 13ed7b537ae655c6d67965f1486aa2e3b181e574 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <>
Date: Tue, 17 Aug 2010 08:59:35 +0200
Subject: [PATCH 2/7] update man page for pam

 doc/coreutils.texi |   34 +++++-----------------------------
 1 files changed, 5 insertions(+), 29 deletions(-)

Index: doc/coreutils.texi
--- doc/coreutils.texi.orig	2011-01-05 14:27:40.715232991 +0100
+++ doc/coreutils.texi	2011-01-05 14:27:41.929267939 +0100
@@ -15290,8 +15290,11 @@ to certain shells, etc.).
 @findex syslog
 @command{su} can optionally be compiled to use @code{syslog} to report
 failed, and optionally successful, @command{su} attempts.  (If the system
-supports @code{syslog}.)  However, GNU @command{su} does not check if the
-user is a member of the @code{wheel} group; see below.
+supports @code{syslog}.)
+This version of @command{su} has support for using PAM for
+authentication.  You can edit @file{/etc/pam.d/su} resp @file{/etc/pam.d/su-l}
+to customize its behaviour.
 The program accepts the following options.  Also see @ref{Common options}.
@@ -15372,33 +15375,6 @@ Exit status:
 the exit status of the subshell otherwise
 @end display
-@cindex wheel group, not supported
-@cindex group wheel, not supported
-@cindex fascism
-@subsection Why GNU @command{su} does not support the @samp{wheel} group
-(This section is by Richard Stallman.)
-@cindex Twenex
-@cindex MIT AI lab
-Sometimes a few of the users try to hold total power over all the
-rest.  For example, in 1984, a few users at the MIT AI lab decided to
-seize power by changing the operator password on the Twenex system and
-keeping it secret from everyone else.  (I was able to thwart this coup
-and give power back to the users by patching the kernel, but I
-wouldn't know how to do that in Unix.)
-However, occasionally the rulers do tell someone.  Under the usual
-@command{su} mechanism, once someone learns the root password who
-sympathizes with the ordinary users, he or she can tell the rest.  The
-``wheel group'' feature would make this impossible, and thus cement the
-power of the rulers.
-I'm on the side of the masses, not that of the rulers.  If you are
-used to supporting the bosses and sysadmins in whatever they do, you
-might find this idea strange at first.
 @node timeout invocation
 @section @command{timeout}: Run a command with a time limit
openSUSE Build Service is sponsored by