Grrrrr can't login as normal user only root
The host is my external firewall. Running Debian Squeeze. No gui, and hardened. Originally it was setup as a Lenny box. Here some time ago I upgraded it to Squeeze. Every thing was fine.
I aquired a serial console unit and I was getting it set up to see if it worked. I does. But durring the proccess I lost the ability to login to the host with a normal user. I have looked at the files I changed to set it up but can't locate anything that should have changed the login permissions. I created a new user but can't login with that account either. I ran # passwd -u <user> on the original account but no joy. When I try with the original user I do get a brief message about the last login and then I am returned to the standard login when the machine first boot. With the new user I get a "permission denied" message before I am returned to the standard login screen. I am able to login as root at the regular console and at the serial console, but not as a regular user. I resized the partitions to be sure that it was not a space size problem like I had one time before. The dirve it runs on is only 4g. No joy. There were some entries in the log about some pam modules not being there. I looked at another maching that I can login to and there were some symlinks missing . I put them in the directory but, No Joy :( Login attempts by the new user account are logged in /var/log/auth.log, as well as successfull root logins, but logins via the existing user don't show up. :scratch: So far google has not helped much. Any thoughts / places to look? Thanks |
I suggest you start with checking permissins for both /home and users home partition.
Also check users HOME & login-shell in /etc/fstab if you haven't done so already. |
Side note:
I do use Webmin on the serever and I am able to access it via the old standard user as normal. |
Thanks pingu,
The premissions on the users folders is normal. I am assuming that you ment /etc/passwd and not fstab. Yes the home folder is correct and the login shell is correct /bin/bash |
Not so sure about the permissions on the partitions its self.
/home ext3 defaults,nosuid 0 2 |
Please check the free space on your disk filesystems.
A full filesystem (>95% usually) will make logins fail for all, except the root user. |
Thanks tredegar,
already done that, see my original post The porblem seams no have come from no where. I checked for new users, thinking that someone had broke in but there are none. |
Let's see now:
(First, of course I meant /etc/passwd and not /etc/fstab! Sorry, but good you're alert! :p ) The line for /home in your /etc/fstab looks ok. How about permissions on the directory & subdirectories of /home? But reading your first post again I'm beginning to think it's something else: Quote:
Just a few thoughts: if some pam modules are missing it might be you can't just add symlinks, you will have to install correct modules. Or it could also be a pam-configuration issue - must be some reason for symlinks not being in place!? Suggestions: 1) Read logs carefully - all logs. See if you can find anything that can point you in right direction (pam problem is just a guess!) 2) Unmount /home, create a new user and see if it works. 3) Go the *-way, reboot.. 4) For what it's worth, post output of "df", " ls -l /", "ls -l /home" ( "*" : "It-that-Must-Not-Be-Named" .. :p ) |
chkrootkit shows
Checking `bindshell` INFECTED (PORTS: 15 24 4000 6667 31337) But this appears to be a false positive of PortSentry which is running on this host. There is also Checking `scalper` Warning: Possible scalper worm installed But this also a false positive of PortSentry pingu; the symlinks point to an existing module in the directory. The box has been rebooted df Filesystem 1K-blocks Used Available Use% Mounted on /dev/sdb1 505860 139922 339836 30% / tmpfs 509416 0 509416 0% /lib/init/rw udev 504952 164 504788 1% /dev tmpfs 509416 0 509416 0% /dev/shm /dev/sdb9 670720 57348 579240 10% /home /dev/sdb8 373359 6175 347911 2% /tmp /dev/sdb5 1265240 762408 438580 64% /usr /dev/sdb6 1176840 451712 665296 41% /var ls -l / total 61 drwxr-xr-x 2 root root 5120 Aug 11 23:47 bin drwxr-xr-x 3 root root 1024 Jan 19 18:51 boot lrwxrwxrwx 1 root root 11 Dec 10 2008 cdrom -> media/cdrom drwxr-xr-x 15 root root 3180 Jan 20 16:24 dev drwxr-xr-x 97 root root 8192 Jan 22 10:38 etc drwxr-xr-x 6 root root 4096 Dec 16 2010 home lrwxrwxrwx 1 root root 28 Aug 12 15:34 initrd.img -> boot/initrd.img-2.6.32 -5-486 drwxr-xr-x 11 root root 9216 Nov 17 09:48 lib drwx------ 2 root root 12288 Dec 10 2008 lost+found drwxr-xr-x 12 root root 1024 Dec 11 2008 media drwxr-xr-x 2 root root 1024 Nov 4 2008 mnt drwxr-xr-x 2 root root 1024 Dec 10 2008 opt dr-xr-xr-x 112 root root 0 Jan 20 11:22 proc drwxr-xr-x 8 root root 1024 Jan 19 19:30 root drwxr-xr-x 2 root root 5120 Nov 17 09:47 sbin drwxr-xr-x 2 root root 1024 Sep 16 2008 selinux drwxr-xr-x 2 root root 1024 Dec 10 2008 srv drwxr-xr-x 12 root root 0 Jan 20 11:22 sys drwxrwxrwt 8 root root 1024 Jan 22 12:39 tmp drwxr-xr-x 11 root root 4096 Jan 20 10:22 usr drwxr-xr-x 16 root root 4096 Jan 20 10:17 var lrwxrwxrwx 1 root root 25 Aug 12 15:34 vmlinuz -> boot/vmlinuz-2.6.32-5-486 -rw-r--r-- 1 root root 1028 Oct 10 11:40 webmin-setup.out ls -l /home total 28 -rw-r--r-- 1 root root 0 Jun 28 2009 log drwx------ 2 root root 16384 Dec 10 2008 lost+found drwxr-xr-x 5 root root 4096 Dec 16 2010 mounts # some nfs mounts drwxr-xr-x 2 named named 4096 Jun 28 2009 named # bind config drwxr-xr-x 14 smoke smoke 4096 Dec 17 19:34 smoke # normal user |
All times are GMT -5. The time now is 05:11 AM. |