Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I added a normal user when I first installed Gentoo and I was always able to su to get root access. But recently I have been unable to get root access using su. I have checked my /etc/group and I am in wheel.
Any ideas on how to fix this
Thanks
In AIX there is an option when creating a user : "user can su" (yes or not), and "another user can asu to this user" (yes or not).
Is there such an option in Linux ?
Distribution: Mint Cinnamon, Trixie KDE, PCLOS Cinnamon, Manjaro XFCE
Posts: 273
Rep:
Admittedly know nothing of Gentoo and am newbie, but are you using KDE? Have you recently upgraded to 3.2.2? There is a known bug: http://www.kde.org/info/3.2.2.php#binary
Perhaps related?
Sorry for the seriously late reply, I had the problem before kde was installed, I have the following
Code:
#%PAM-1.0
auth required /lib/security/pam_rootok.so
# If you want to restrict users begin allowed to su even more,
# create /etc/security/suauth.allow (or to that matter) that is only
# writable by root, and add users that are allowed to su to that
# file, one per line.
#auth required /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow
# Uncomment this to allow users in the wheel group to su without
# entering a passwd.
#auth sufficient /lib/security/pam_wheel.so use_uid trust
# Alternatively to above, you can implement a list of users that do
# not need to supply a passwd with a list.
#auth sufficient /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass
# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth required /lib/security/pam_wheel.so use_uid nullok
auth required /lib/security/pam_stack.so service=system-auth nullok
account required /lib/security/pam_stack.so service=system-auth nullok
password required /lib/security/pam_stack.so service=system-auth nullok
session required /lib/security/pam_stack.so service=system-auth nullok
session optional /lib/security/pam_xauth.so
I have also tried adding the line
Code:
auth required /lib/security/pam_unix.so nullock
but this prompts me for the password twice and gives the same error
I found this post while searching for a solution to the same problem. My circumstances were a little different and the solution that worked for me may be relevant to someone else.
My OS is CentOS 5.4 in a production environment with several users who have access to the server for development so adding users to the wheel group in /etc/group is not an ideal solution. We like to try to keep our install as standard as possible across all servers. To that end, here is what I did to troubleshoot
checked permissions on /bin/su. They should be set as setuid...rwsr-xr-x. To make them this way, run chmod u+s /bin/su.
If that works then cat or vi the /etc/pam.d/su file. When I compared this file on the system that didn't work with one that did, I found that the working system had the following line:
#auth required pam_wheel.so use_uid
On the server that didn't work, this line was there but it was not commented out. Changing it to comment it out fixed the issue for me.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.