Add an answer to the ``can't su to root because you're not in wheel''

question.

en_US.ISO8859-1/books/faq/book.sgml

@@ -14,7 +14,7 @@
 
     <corpauthor>The FreeBSD Documentation Project</corpauthor>
 
-    <pubdate>$FreeBSD: doc/en_US.ISO_8859-1/books/faq/book.sgml,v 1.185 2001/04/25 09:25:22 nik Exp $</pubdate>
+    <pubdate>$FreeBSD: doc/en_US.ISO_8859-1/books/faq/book.sgml,v 1.186 2001/04/26 01:48:18 dd Exp $</pubdate>
 
     <copyright>
       <year>1995</year>
@@ -5604,6 +5604,30 @@ device sio5 at isa? port 0x2b8 tty flags 0x501 vector siointr</programlisting>
         </answer>
       </qandaentry>
 
+      <qandaentry>
+	<question id="su-wheel-group">
+	  <para>&man.su.1; says <errorname>you are not in the correct group
+	    to su root</errorname> when I try to su to
+	    <username>root</username>.</para>
+	</question>
+
+	<!-- XXX uses <username> around a group name -->
+	<answer>
+	  <para>This is a security feature.  In order to su to
+	    <username>root</username> (or any other account with superuser
+	    privileges), you must be in the <username>wheel</username>
+	    group.  If this feature were not there, anybody with an account
+	    on a system who also found out <username>root</username>'s
+	    password would be able to gain superuser level access to the
+	    system.  With this feature, this isn't strictly true;
+	    &man.su.1; will prevent them from even trying to enter the
+	    password if they aren't in <username>wheel</username>.</para>
+
+	  <para>To allow someone to su to <username>root</username>, simply
+	    put them in the wheel group.</para>
+	</answer>
+      </qandaentry>
+
       <qandaentry>
         <question id="rcconf-readonly">
           <para>I made a mistake in <filename>rc.conf</filename>,

en_US.ISO_8859-1/books/faq/book.sgml

@@ -14,7 +14,7 @@
 
     <corpauthor>The FreeBSD Documentation Project</corpauthor>
 
-    <pubdate>$FreeBSD: doc/en_US.ISO_8859-1/books/faq/book.sgml,v 1.185 2001/04/25 09:25:22 nik Exp $</pubdate>
+    <pubdate>$FreeBSD: doc/en_US.ISO_8859-1/books/faq/book.sgml,v 1.186 2001/04/26 01:48:18 dd Exp $</pubdate>
 
     <copyright>
       <year>1995</year>
@@ -5604,6 +5604,30 @@ device sio5 at isa? port 0x2b8 tty flags 0x501 vector siointr</programlisting>
         </answer>
       </qandaentry>
 
+      <qandaentry>
+	<question id="su-wheel-group">
+	  <para>&man.su.1; says <errorname>you are not in the correct group
+	    to su root</errorname> when I try to su to
+	    <username>root</username>.</para>
+	</question>
+
+	<!-- XXX uses <username> around a group name -->
+	<answer>
+	  <para>This is a security feature.  In order to su to
+	    <username>root</username> (or any other account with superuser
+	    privileges), you must be in the <username>wheel</username>
+	    group.  If this feature were not there, anybody with an account
+	    on a system who also found out <username>root</username>'s
+	    password would be able to gain superuser level access to the
+	    system.  With this feature, this isn't strictly true;
+	    &man.su.1; will prevent them from even trying to enter the
+	    password if they aren't in <username>wheel</username>.</para>
+
+	  <para>To allow someone to su to <username>root</username>, simply
+	    put them in the wheel group.</para>
+	</answer>
+      </qandaentry>
+
       <qandaentry>
         <question id="rcconf-readonly">
           <para>I made a mistake in <filename>rc.conf</filename>,