10 Comments

Leave a Comment
  1. Thanks for this article.
    I had trouble getting it to work at first. I found that the /etc/security/access.conf was getting modified a few seconds after the sed line in rc.local, so I guess it was getting replaced.
    I put a ‘sleep 4′ before the sed line in rc.local and it worked as expected after that.

  2. Ah that explains why a few of our servers came up without the modifications. It wasn’t consistent but I suspected that it was overwritten. Manually adding the line in seemed to fix the issue though so I didn’t bother pursuing it any further.

    Thanks for the tip though, I’ll add that in to the post :)

  3. Hello! When I made such configuration, user logins with root privelegies! Even, user is not in admin group. I do the following steps:
    /usr/lib/vmware/auth/bin/adduser testuser
    echo “+:testuser:ALL” >> /etc/security/access.conf

    Then, when I login with ssh, I am superuser :(
    Thks!

  4. Hey Ruslan. I think that might be due to the way the access.conf file processes the security permissions as when you echo’ed in the testuser it will be after the -:ALL:ALL line. From memory when I did this I had the exact same issue which is why I use sed in the rc.local file rather than echo. It’s been a while since I actually used this on an ESX server though so if you give that a go and still get the same issue let me know!

Leave a Reply