Why is Debian not creating the ‘wheel’ group by default?

It appears to be Unix tradition that a wheel group is created automatically, but Debian (and children, naturally) doesn’t do so. Is there a rationale somewhere? Where else have you seen this tradition discarded?

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Some unix systems allow only members of the wheel group to use su. Others allow anyone to use su if they know the password of the target user. There are even systems where being in the wheel group grants passwordless root access; Ubuntu does this, except that the group is called sudo (and doesn’t have id 0).

I think wheel is mostly a BSD thing. Linux is a mix of BSD and System V, and the various distributions have different default policies with respect to granting root access. Debian happens not to implement a wheel group by default; if you want to enable it, uncomment the auth required pam_wheel.so line in /etc/pam.d/su.

Method 2

Because wheel is a tool of oppression! From info su:

Why GNU ‘su’ does not support the ‘wheel’ group

(This section is by Richard
Stallman.)

Sometimes a few of the users try to
hold total power over all the rest.
For example, in 1984, a few users at
the MIT AI lab decided to seize power
by changing the operator password on
the Twenex system and keeping it
secret from everyone else. (I was
able to thwart this coup and give
power back to the users by patching
the kernel, but I wouldn’t know how to
do that in Unix.)

However, occasionally the rulers do
tell someone. Under the usual `su’
mechanism, once someone learns the
root password who sympathizes with the
ordinary users, he or she can tell the
rest. The “wheel group” feature would
make this impossible, and thus cement
the power of the rulers.

I’m on the side of the masses, not
that of the rulers. If you are used
to supporting the bosses and sysadmins
in whatever they do, you might find
this idea strange at first.

See also the Debian Reference. Anyways, the sudo group is built in so who needs wheel?


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments