# su error in service module

## pacman99

Hi,

I just did a emerge -uDN world and now I'm getting a "su error in service module" whenever I try to do "su root" from a terminal within gnome. I have no trouble switching to root when remotely using ssh though.  I'm not sure but it may have something to do with me zapping the new /etc/pam/su file after the update out of fear of losing the settings I had made prior to the update.

my /etc/pam/su file is as follows:

```
#%PAM-1.0

auth       sufficient   pam_rootok.so

auth       required     pam_wheel.so group=wheel

# If you want to restrict users begin allowed to su even more,

# create /etc/security/suauth.allow (or to that matter) that is only

# writable by root, and add users that are allowed to su to that

# file, one per line.

#auth       required     pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow

# Uncomment this to allow users in the wheel group to su without

# entering a passwd.

#auth       sufficient   pam_wheel.so use_uid trust

# Alternatively to above, you can implement a list of users that do

# not need to supply a passwd with a list.

#auth       sufficient   pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass

# Comment this to allow any user, even those not in the 'wheel'

# group to su

auth       required     pam_wheel.so use_uid

auth       include              system-auth

account    include              system-auth

password   include              system-auth

session    include              system-auth

session    required     pam_env.so

session    optional             pam_xauth.so
```

thanks

----------

## desultory

 *pacman99 wrote:*   

> I just did a emerge -uDN world and now I'm getting a "su error in service module" whenever I try to do "su root" from a terminal within gnome. I have no trouble switching to root when remotely using ssh though.

 What version of sys-apps/shadow is in use on that system? Does reinstalling it and accepting the updated configuration produce the expected behavior?

 *pacman99 wrote:*   

> I'm not sure but it may have something to do with me zapping the new /etc/pam/su file after the update out of fear of losing the settings I had made prior to the update.

 Instead of using that approach, either keep backups of existing configuration files, or use dispatch-conf to merge new configuration files.

Moved from Installing Gentoo to Networking & Security.

----------

