A problem with su on OpenSolaris 2008.05
 

Hi guys.

I created an user for myself and gave it the Primary Administrator role. To my surprise, the user created by the installer can su to root, but my user cannot and the error is:
I usually pfexec bash when I have to do long task with root privileges but would like to know how I should configure the roles so that my user could su. I reviewd the roles given to the two users and they appear to be the same, so I cannot explain this discrepancy an man su gave me no hint.

Thanks,
Enrico.

Generally, to be able to su one has to be in the wheel group.

Thanks Emerson.

By the way, adding my user to the wheel group didn't change this behavior.

I also discovered that the user created by the installer has the role "root" whereas mine has not. I should read more about RBAC because I feel I'm missing many points. In my previous SXDE installation, by the way, the user was created the same way (with the same script) and it did su to root, so something must have changed between SXDE and OpenSolaris 2008.05. I feel like reading the SXDE docs and OpenSolaris docs to track the differences down but now I'm short of time for such task... ;)

There are a lot of difference between these distributions. That one you just hit is Solaris Express preserves the traditional root user account while OpenSolaris/Indiana is replacing it by a role, ie an account you can't log in to. Belenix is doing the same, Ubuntu is doing something closer based on sudo.

Instead of "su -" which won't work as you noticed, you should use "pfexec su".

If for some reason you want to revert to root as a regular account, just remove "type=role;" in the root entry of the /etc/user_attr file.

Thank you very much jlliagre!

With your input I immediately found the relevant documentation.

Bye,
Enrico.