On 6/28/07, paul beard <paulbeard@gmail.com> wrote:
I never use su, preferring sudo. So I don't get bitten by this. I think it only cropped up at install time, when heimdal was griping about an existing su that it didn't know about: coreutils installs one, but I think the solution was to prepend 'g' to all the identically-named binaries it provides. That or tweak the portfile so that one of those ports doesn't install the conflicting file.
The problem is that heimdal's su won't cope with pam.
Does heimdal's su do anything that coreutils' su doesn't?
It does handle kerberos. If you have configured your system to use kerberos for authentication, you probably want heimdal's su. If you have a single user system, or a network without kerberos, heimdal's su just won't work for you. Having gnome-vfs install heimdal, and having /opt/local/bin at the beginning of your path, will break things for you, notably su will stop working. You need su if your working account is not in group admin (recommended security practice), because you won't be able to sudo directly in that case (standard apple configuration). Regards, Marc