su -> permission denied
 

When I use su I always get "permission denied. sorry", I'm sure I typed the right password and the keymap is the right one....

What else could cause this?

~Progster

The capslock? The password is case sensitive, try typing it in a different case, or if it's a 'proper' word, try making the first letter a capital letter...

nope, caps lock is off...

~Progster

Look for any clues in /etc/pam.d/su
this is the stock unmodified RedHat 7.3

It is an other distro of course, but I believe everything is there...

Could it be my user isn't part of a required group? it is only part of the users group at the moment, if this is it how do I make my user part of other groups? (I believe I need to add it to the "wheel" group)

~Progster

I prefer editing /etc/group make the entry for wheel look like this

wheel:x:10:root,username,another_user_name

Or you can comment out with a hash sign (#) /etc/pam.d/su entry
auth required /lib/security/pam_wheel.so use_uid

B/c it is in requred section - you are right if you are not in the wheel group you can't su.

thx for the help.

I added myself to the wheel group (in my opinion more secure then the other option) and everything works now!

but I've got another question: are there any other groups a user should be part of (I guess it might depend on the distro)?

~Progster

There are also other obsticles along the way, if security level is set too high you won't be able to login as root in KDM/GDM/XDM, then you need to login as a regular user and use one of the virtual consoles accessed by pressing Ctrl-Alt-F1 through F6 keys, and login as root from there, with the systems set in paranoid mode you won't be able to get to the root by that method either, then I suggest booting into runlevel1 using
linux single
at lilo boot prompt accessed by pressing Ctrl-X during lilo graphical menu. And still there are possibilities not being able successfuly login as root if the delay for LILO is set to 0 seconds.
I hope in your case you won't have to struggle your way through all this.
Cheers
P.S. I threw all this here because you will need to be root to isue commands like
usermod -G gid username (to add user to wheel group gid=10 usually), to edit /etc/group by hand you need root rights, edit /etc/pam.d/su you need root as well. And sometimes it is vey hard to get to the root on paranoid security level system - Mandrake is doing it all the time.

one other possibility
 

It is also possible the root does not have permissions for some services. You can change this if you have kuser. At command line type kuser and then when the screen comes up double click on root. Select the groups tab and then make sure that everything is checkmarked. I have run into this issue myself where some service was not accessible under root. This should solve the issue.

Had the same issue. The user your logged in as must be in the wheel group to su.

note that the user does not have to be in the wheel group if you set up the user to use commands in the sudo file "visudo"

For security reasons only allow users in which you would like the ability to use root to the wheel group.