user accounts

siawash · 01-27-2010, 08:43 PM

Hi, I am noticing when I try to use sudo or even log in as root I am getting the following;

Code:

siawacsh@debian:~$ sudo fdisk -l
sudo: must be setuid root
siawacsh@debian:~$ su
Password: 
setgid: Operation not permitted

Can anyone tell whats going on?

AlucardZero · 01-27-2010, 09:13 PM

You have (or something has) blown away the permissions on (at least) sudo and su. Both must be setuid root, with permissions -rwsr-xr-x or 4755 in octal. You'll have to boot from a LiveCD and change the permissions, if you don't have a root terminal up already.

siawash · 01-27-2010, 10:03 PM

Yes, I forgot to mention I was studying and messing around with a LPI tutorial on chgrp, chown, umask and the like. I created a bunch of files and couple of directories in my home and played around changing group ownership. I think what might have done it was changing a text file's group ownership to audio. Just a guess.

Anyway, one things I still have not understood about Debian is the fact that I cannot go into gnome as root. Neither have I been able to get hold of a live CD. All my Debian CD/DVD's have been install but would't boot live. Unless you meant to boot into any Debian derivative in which case I have a few including sidux, and a less known distro called DreamLinux.

Assuming I managed to get into a root terminal are saying I grep for su and sudo and change their permissions? Can you elaborate about what you mean I should do with "setuid"...?

Many thanks in advance

siawash · 01-27-2010, 10:57 PM

Here the files I was playing with in my home directory. I would appreciate it if you could walk me through what has to be done.

Code:

siawacsh@debian:~/xzy$ ls -l
total 4
drwxrwxrw- 2 root     audio 4096 2010-01-24 18:55 dir_2
-rw-r--r-- 1 siawacsh audio    0 2010-01-24 22:17 file1
-rw-r--r-- 1 root     audio    0 2010-01-24 18:46 file_1
-rw-r--r-- 1 siawacsh audio    0 2010-01-24 22:19 file2
-rw-r--r-- 1 siawacsh audio    0 2010-01-24 18:55 file_2
-rw-r--r-- 1 siawacsh users    0 2010-01-24 19:02 file_3
-rw-r--r-- 1 siawacsh audio    0 2010-01-24 22:24 file_4
-rw-r--r-- 1 siawacsh audio    0 2010-01-27 19:16 file_6
-rw-r--r-- 1 siawacsh audio    0 2010-01-27 20:00 file7
-rw-r--r-- 1 siawacsh audio    0 2010-01-27 19:55 file_7
siawacsh@debian:~/xzy$

siawash · 01-27-2010, 11:01 PM

Here is my fstab. At the moment /sdc1 which is my external ide/usb drive is not mounting any more. Sometimes the internal cdrom drive wont eject and when I try to do it manually i get an error saying drive is not mounting. A reboot solves it though.

Code:

 cat /etc/fstab
# /etc/fstab: static file system information.
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    defaults        0       0
/dev/sdd       /home/siawacsh/cowon vfat defaults 
/dev/sdc1      /home/siawacsh/myhome ext3 defaults     0        3
/dev/sdb2       /               ext3    errors=remount-ro 0       1
/dev/sdb1       none            swap    sw              0       0
/dev/scd0       /media/cdrom0   udf,iso9660 user,noauto     0       0
siawacsh@debian:~$

jschiwal · 01-27-2010, 11:04 PM

You need to check the permissions of the sudo and su programs.
ls -l /usr/bin/sudo /bin/su
-rwsr-xr-x 1 root root 35904 2009-10-23 23:41 /bin/su
-rwsr-xr-x 1 root root 190248 2009-10-19 14:36 /usr/bin/sudo

You may need to boot into single user mode to fix it. First try logging in as root in one of the virtual terminals.

It is normal to not allow root logins in X. You should never do that.

You must have done more then change permissions in an xyz/ directory.

AlucardZero · 01-28-2010, 08:52 AM

Boot from any live CD, it doesn't have to be Debian. Mount your local disk. Change the permissions with chmod to 4755 on su and sudo on the mounted disk.

Next time be more careful with chmod (do not lightly run chmod -R 777 ...).

siawash · 01-28-2010, 12:52 PM

I did exactly as AlucardZero instructions but still getting the following;

Code:

siawacsh@debian:~$ su
Password: 
setgid: Operation not permitted
siawacsh@debian:~$ sudo fdisk -l
sudo: must be setuid root
siawacsh@debian:~$

I booted into a live cd and booted straight into terminal. Then I mounted my /dev/sdb2 /mnt
Then chmod 4755 /bin/su* and chmod 4755 /usr/bin/sudo

I now remember another thing that I did which might have caused this.

I did chown -R cowon

cowon being a local directory listed in fstab at the time of issuing command my usb music player was connected it was taking a long time going through all the files. I decided to stop the command with Control-C then disconnected the drive.

AlucardZero · 01-28-2010, 12:55 PM

I said /mnt/bin/su* .

chown root /mnt/bin/su /mnt/usr/bin/sudo
chmod 4755 /mnt/bin/su /mnt/usr/bin/sudo

siawash · 01-28-2010, 02:28 PM

Thanks for spelling the solution out for me. It worked a treat. Thank you to all you wonderful experts. I wish there was a way I could return the favor. Your certainly most welcome to Dublin.

As to your warning about chmod, I am learning on a blank system. All my personal data is on an external drive, so as long as I keep away from that the rest of the system can get rebuilt without too much agony.

Quote:

Originally Posted by AlucardZero

Boot from any live CD, it doesn't have to be Debian. Mount your local disk. Change the permissions with chmod to 4755 on su and sudo on the mounted disk.

Next time be more careful with chmod (do not lightly run chmod -R 777 ...).