ÔÚÒ»°ãÇé¿öÏ£¬Ò»°ãÓû§Í¨¹ýÖ´ÐС°su -¡±ÃüÁî¡¢ÊäÈëÕýÈ·µÄrootÃÜÂ룬¿ÉÒԵǼΪrootÓû§À´¶Ôϵͳ½øÐйÜÀíÔ±¼¶±ðµÄÅäÖᣵ«ÊÇ£¬ÎªÁ˸ü½øÒ»²½¼ÓǿϵͳµÄ°²È«ÐÔ£¬ÓбØÒª½¨Á¢Ò»¸ö¹ÜÀíÔ±µÄ ×飬ֻÔÊÐíÕâ¸ö×éµÄÓû§À´Ö´ÐС°su -¡±ÃüÁîµÇ¼ΪrootÓû§£¬¶øÈÃÆäËû×éµÄÓû§¼´Ê¹Ö´ÐС°su -¡±¡¢ÊäÈëÁËÕýÈ·µÄrootÃÜÂ룬ҲÎÞ·¨µÇ¼ΪrootÓû§¡£ÔÚUNIXÏ£¬Õâ¸ö×éµÄÃû³Æͨ³£Îª¡°wheel¡±¡£
[root@sample ~]# usermod -G wheel CentOSpub ¡¡¡û ½«Ò»°ãÓû§ CentOSpub ¼ÓÔÚ¹ÜÀíÔ±×éwheel×éÖÐ
[root@sample ~]# vi /etc/pam.d/su ¡¡¡û ´ò¿ªÕâ¸öÅäÖÃÎļþ
#auth required /lib/security/$ISA/pam_wheel.so use_uid ¡¡ ¡û ÕÒµ½´ËÐУ¬È¥µôÐÐÊ׵ġ°#¡±
¡¡¡ý
auth required /lib/security/$ISA/pam_wheel.so use_uid¡¡ ¡û ±äΪ´Ë״̬£¨´óÔ¼ÔÚµÚ6ÐеÄλÖã©
[root@sample ~]# echo "SU_WHEEL_ONLY yes" >> /etc/login.defs¡¡¡û Ìí¼ÓÓï¾äµ½ÐÐÄ©
ÒÔÉϲÙ×÷Íê³Éºó£¬¿ÉÒÔÔÙ½¨Á¢Ò»¸öÐÂÓû§£¬È»ºóÓÃÕâ¸öн¨µÄÓû§²âÊԻᷢÏÖ£¬Ã»ÓмÓÈëµ½wheel×éµÄÓû§£¬Ö´ÐС°su -¡±ÃüÁ¼´Ê¹ÊäÈëÁËÕýÈ·µÄrootÃÜÂ룬ҲÎÞ·¨µÇ¼ΪrootÓû§¡£
