|
Not getting prompted for Root password
I just started using Fedora 6 a few weeks ago (first-time Linux user) and today I started getting an "insufficient rights" message when attempting to launch apps that previously prompted me to enter the root password.
Now, when I last used Fedora a few days ago, I did disable some services that a Web doc said I could disable, and I changed the permissions on the /usr folder (gave Group and others "View and Modify" access; have changed the permissions back to just "View"). I can still do a "SU" to login as root in the Terminal.But when I try to open anything under Administration or System in my Fedora "Start" menu, I just get an insufficent rights error message. Thanks in advance for any help you can provide. |
I'm not too familiar with Fedora, but it may be that there is a command that needs to be run in the /usr/bin folder. Check that you can run gnomesu or whatever the graphical su program is used in Fedora. If you can't run it, you will need to change permissions to allow you to execute on that program.
|
Quote:
Anybody have any other ideas? |
The KDE equivalent is kdesu.
Have you added yourself to the sudoers file? Do you have selinux active? If your system is not publicly accessible, consider setting selinux to "permissive" mode. (The text of your message seems like it might be from selinux.) If you do set permissive mode, remember to check the audit logs for accesses that would have been disallowed if selinux was active. If selinux is active and you don't want to set "permissive" mode, you'll need to add a rule so you can access "root" items. (Of course, just doing a su - would, in this case, be a better solution since it would restrict "root" access to users logged in as "root.") |
Quote:
I believe it has got to do something with "special permissions" - those that can be set by suid. The uid for the programs in the "Administration" menu hast to be root, of course. I never actually solved the problem, since this happend shortly before Fedora 5 came out, and so I decided to simply upgrade. But knowing a possible cause, you may have a new starting point, or someone else can help you from there. Cheers, Tanja Edit: When I posted the above, I was at work with a Windoze system. Now I'm back home, and on checking the directory /usr/bin, I found the following programs with special permissions: crontab -rwsr-sr-x fusermount -rwsr-x-r-- at -rwsr-xr-x chage -rwsr-xr-x gpasswd -rwsr-xr-x kgrantpty -rwsr-xr-x kpac_dhcp_helper -rwsr-xr-x newgrp -rwsr-xr-x passwd -rwsr-xr-x rcp -rwsr-xr-x rlogin -rwsr-xr-x rsh -rwsr-xr-x chfn -rws--x--x chsh -rws--x--x Xorg -rws--x--x lockfile -rwxr-sr-x screen -rwxr-sr-x ssh-agent -rwxr-sr-x write -rwxr-sr-x sudo ---s--x--x sudoedit ---s--x--x After changing the permissions for the complete /usr direction, you ended up with -rwxr-xr-x (or whatever you specified) for all the commands that had special permissions before. I suppose that's what causes the problem. |
Quote:
I have: Owner: can view and modify content Group: can view content Others: can view content Ownership: User: root Group: root When I click "Advanced Permissions", there are three entries: Owner (rwx), Owning Group (r-x), Others (r-x). Do you know how I can add crontab, fusermount, at, etc. to the permissions list? |
After looking around the Web for a while for more information on my problem, I learned that I am not the first one to have this problem, and it doesn't look like those before me had any luck fixing it:
http://forums.fedoraforum.org/showthread.php?t=64872 http://www.linuxforums.org/forum/red...nt-rights.html http://www.linuxquestions.org/questi...ad.php?t=75428 http://www.redhatconfig.com/msg/85705.html It appears that all who get the "insufficient rights" message made changes to the permissions on the /usr directory. How can I change the permissions there back to the default? |
It appears that all who get the "insufficient rights" message made changes to the permissions on the /usr directory.
Yes, but in some cases the cause is unknown. Besides that you're quoting random threads from ages ago (in terms of FC releases). How can I change the permissions there back to the default? Well, since you said: Quote:
If you can't here's a script (basically is a twist on my earlier posted versions of "rpm-restore-perms.sh"): Code:
#!/bin/sh --Use the RPM package manager to verify packages, selecting only files in /usr with ownership or access rights that are wrong. It will not make changes but output what needs to be done. The lines should be of the format "chown user.user /some/file" and "chmod rights /some/file". Since you appear to have only problems with /usr that's what it'll output fixes for. * How to use this: 1. Save as "/tmp/rpm-restore-perms-usr.sh". 2. Run "sh /tmp/rpm-restore-perms-usr.sh 2>/dev/null >/tmp/rpm-restore-perms-usr.pre" 3. Open /tmp/rpm-restore-perms-usr.pre in a text editor and review (for say changes outside /usr). 4. Run "sh /tmp/rpm-restore-perms-usr.pre 2>&1 | tee /tmp/rpm-restore-perms-usr.post" 5. Open /tmp/rpm-restore-perms-usr.post in a text editor and review for errors: post them here. (6. Just in case: if you run SELinux, do "touch /.autorelabel" and reboot.) As always: YMMV(VM). Do make backups if you don't trust stuff. Hell, make backups anyway ;-p --- @PTrenholme: If your system is not publicly accessible, consider setting selinux to "permissive" mode. IMO people should run SELinux regardless of the system being publicly accessable or not. Chances are that if they make it publicly accessable later on they'll forget to enable SELinux. Besides that fixing and reporting errors will help make SELinux policies better which everybody benefits from. (The text of your message seems like it might be from selinux.) AFAIK it isn't. If it was then IMO the next step would be to look at AVC messages. |
Quote:
BTW, problem fixed by reinstalling Fedora 6. |
| All times are GMT -5. The time now is 10:19 PM. |