Locked out of SU...

wiskic10_4 · 12-03-2004, 04:09 AM

Hey guys,

Well, I don't consider myself much of a "noob," but this is the only place this question seems fit... I've locked myself out of "su"...

Earlier everything worked fine - I was "su"ing in and out with my normal account, installing some basic programs.

I noticed it right as I was installing SNORT. I needed to go "su", but I just kept getting a "Sorry" message. I can logout and log back in as root just fine, so I know I haven't forgot my password.

The only thing of significance I recall changing is are the rwx rights in certain directories. I executed a "chmod 755" for all files in /bin, /usr/bin, /usr/sbin, /etc, and /usr/etc. However, I've tried switching rights back around, but nothing seems to do the trick... most peculiar...

Anyway, any help would be greatly appreciated... I'm about fed up (I locked myself out of one of my servers yesterday by changing a home directory... sheesh...)

BTW, I'm running Slackware 10.0

Thanks,
Wiski

jax8 · 12-03-2004, 05:02 AM

What are the current permissions on the su command

run command

ls -l /bin/su

Make sure that you have execute rights it should look something like this

-rwsr-xr-x 1 root root 95957 Mar 4 2004 /bin/su

wiskic10_4 · 12-03-2004, 05:07 AM

jax8,

dean_j20@deanMachine001:~$ ls -l /bin/su
-rwxr-xr-x 1 root bin 35780 2004-06-21 14:20 /bin/su*
dean_j20@deanMachine001:~$

I've got the "x"... mysterious, isn't it?

-Wiski

hk_linux · 12-03-2004, 05:26 AM

hi,
nothing mysterious considering u have put 755 for /bin directory.

Also i think /etc/sudoers must not be world readable.

wiskic10_4 · 12-03-2004, 05:39 AM

hk_linux,

Actually, I meant the whole thing was mysterious, not the fact that su was executable...

Well, I logged back in as root, and set /etc/sudoers to 751 (so that it was no longer world-readable), but it didn't do the trick...

Thanks for your help, though

-Wiski

LasseW · 12-03-2004, 10:55 AM

When you set the 755 permissions you removed the SUID permission from su, you can restore it with chmod 4755 /bin/su. But you've done the same to a number of executables, all of which need to be SUID to work properly (eg does passwd work ?). You should compare the directory listings to another Linux system to see how the permissions should be. Or restore from backup if you have one.

wiskic10_4 · 12-03-2004, 06:49 PM

Your reply is much appreciated, LasseW,

But let me ask a stupid question - what would be the harm in simply changing everything in the directory to 4755? Essentially I'm only adding SUID to functions that didn't have it before, right? I'm pretty certain 755 is the setting I want for most of my main system directories, so what does it hurt to add SUID?

I'll read up on it... the more I think I know, the more I realize there is to learn... thanks again...

-Wiski