%general-entities; ]> Util-linux Util-linux was indeed installed in LFS and there is no reason to reinstall it unless you installed Linux-PAM after your LFS system was completed. If you have installed Linux-PAM, it's possible to build su and runuser from Util-linux. The Shadow maintainers recommend using su from Util-linux instead of the version from Shadow. &lfs110a_checked; Package Information Download (HTTP): Download (FTP): Download MD5 sum: &util-linux-md5sum; Download size: &util-linux-size; Estimated disk space required: &util-linux-buildsize; Estimated build time: &util-linux-time; Util-linux Dependencies Required User Notes: The installation commands shown below are for installations where Linux-PAM has been installed and Util-linux is being rebuilt to support the Linux-PAM installation. If you are upgrading Util-linux, follow the instruction for Util-linux in LFS. If Linux-PAM has been installed, su and runuser will automatically be built too. You should follow to set up the PAM configuration in this case. Build su and runuser from Util-linux: ./configure ADJTIME_PATH=/var/lib/hwclock/adjtime \ --libdir=/usr/lib \ --docdir=/usr/share/doc/util-linux-&util-linux-version; \ --disable-chfn-chsh \ --disable-login \ --disable-nologin \ --disable-setpriv \ --disable-pylibmount \ --disable-static \ --without-python \ runstatedir=/run && make su runuser This package does not come with a test suite. Now, as the root user: install -vm4755 su /usr/bin/su install -vm0755 runuser /usr/sbin/runuser find /usr/share/man -name su.1 -delete install -vm0644 login-utils/{su,runuser}.1 /usr/share/man/man1 find /usr/share/man -name su.1 -delete: This is used to remove the man pages for su installed from Shadow. Shadow installs man pages with multiple languages. They need to be removed to prevent man su from picking up a translated man page instead of /usr/share/man/man1/su.1. /etc/pam.d/su, /etc/pam.d/su-l, and /etc/pam.d/runuser /etc/pam.d/su /etc/pam.d/su-l /etc/pam.d/runuser As the root user, create the following Linux-PAM configuration files in the /etc/pam.d/ directory (or add the contents to the /etc/pam.conf file) using the following commands: cat > /etc/pam.d/su << "EOF" # Begin /etc/pam.d/su # always allow root auth sufficient pam_rootok.so # Allow users in the wheel group to execute su without a password # disabled by default #auth sufficient pam_wheel.so trust use_uid # include system auth settings auth include system-auth # limit su to users in the wheel group auth required pam_wheel.so use_uid # include system account settings account include system-account # Set default environment variables for the service user session required pam_env.so # include system session settings session include system-session # End /etc/pam.d/su EOF ln -sv su /etc/pam.d/su-l cat > /etc/pam.d/runuser << "EOF" # Begin /etc/pam.d/runuser auth sufficient pam_rootok.so session include system-session # End /etc/pam.d/runuser EOF At this point, you should do a simple test to see if su is working as expected. Open another terminal and log in as a user, then su to root. If you do not see any errors, then all is well. If you did receive errors, stop now and double check the above configuration files manually. One obvious reason for an error is if the user is not in group wheel. You may want to run (as root): usermod -a -G wheel <user>. Any other error is the sign of an error in the above procedure. You can also run the test suite from the Linux-PAM package to assist you in determining the cause of the problem. Listed below are the newly installed programs along with short descriptions. Installed Programs su and runuser Short Descriptions su runs a command with substitute user and group ID su runuser runs a command with substitute user and group ID; it's like su but can only be used as the root user. runuser