LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-25-2007, 04:19 PM   #1
mrclisdue
Senior Member
 
Registered: Dec 2005
Distribution: Slackware -current, 14.1
Posts: 1,049

Rep: Reputation: 170Reputation: 170
su - password not accepted; root console login fine


Slackware 12.0

Just a recent occurrence.

I can login as root, no problem.

However, I can't su - without the password being rejected.

I can sudo -s to root.

I'm stumped.

Last edited by mrclisdue; 11-25-2007 at 04:20 PM.
 
Old 11-25-2007, 04:36 PM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
When did it start happening? Are you using PAM? If so, what does your /etc/pam.d/su file look like? Also, you are positive that you actually do have a root password set, right? You can check your /etc/shadow file for that. Remember that the password you enter when you sudo is your non-root user's password - not root's. I know these are basic things you likely already checked - I'm just making sure.
 
Old 11-25-2007, 04:53 PM   #3
mrclisdue
Senior Member
 
Registered: Dec 2005
Distribution: Slackware -current, 14.1
Posts: 1,049

Original Poster
Rep: Reputation: 170Reputation: 170
It started happening today.

I'm not using PAM - the machine I'm running slack on is *well-protected*, and is just for screwing around with.

I moved everything from /bin to another partition, then realized it was a combination of pointless and not-well-thought-out, so I moved everything back. I'm guessing this marked the beginning of my issues.

A root password exists - it's in /etc/shadow, as well as the fact that I need the pw to login to a console. It seems that the only time I can't go to root is with an su.

cheers,
 
Old 11-25-2007, 05:13 PM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Check the permissions on your su binary. Is it SUID root?

Also, what is the exact error message you get when your password gets rejected?
 
Old 11-25-2007, 05:37 PM   #5
mrclisdue
Senior Member
 
Registered: Dec 2005
Distribution: Slackware -current, 14.1
Posts: 1,049

Original Poster
Rep: Reputation: 170Reputation: 170
Quote:
Originally Posted by win32sux View Post
Check the permissions on your su binary. Is it SUID root?
No! But I certainly didn't chmod -s the file.

So I set it, and it now works.

btw, the error message in the terminal was "Sorry".

As for /var/log/secure: Authentication failed for root

I'm somewhat curious as to what went wrong.

Thanks for your prompt help, you've saved me much time searching for answers.

cheers,
 
Old 11-25-2007, 06:24 PM   #6
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
I'm glad that was it cuz I was running out of ideas.

You should check any other binaries that need SUID to make sure they didn't lose it also.

Here's the ones on my box (stock Ubuntu) in case it helps:
Code:
win32sux@candystore:~$ sudo find / -user root -perm -4000
/bin/su
/bin/ping
/bin/check-foreground-console
/bin/mount
/bin/ping6
/bin/umount
/bin/fusermount
/lib/dhcp3-client/call-dhclient-script
/usr/bin/X
/usr/bin/mtr
/usr/bin/chfn
/usr/bin/chsh
/usr/bin/sudo
/usr/bin/lppasswd
/usr/bin/fping
/usr/bin/traceroute6.iputils
/usr/bin/arping
/usr/bin/fping6
/usr/bin/newgrp
/usr/bin/passwd
/usr/bin/gpasswd
/usr/bin/sudoedit
/usr/lib/eject/dmcrypt-get-device
/usr/lib/openssh/ssh-keysign
/usr/lib/pt_chown
/usr/sbin/pppd
/usr/sbin/exim4
What filesystem did the partition you moved /bin to have?

My guess is the filesystem didn't honor SUID or something like that - not sure.

Last edited by win32sux; 11-25-2007 at 08:15 PM. Reason: Typo.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to set login and password and root password in suse 10.2 sirius57 Suse/Novell 8 07-24-2007 10:51 AM
How to console login without password ERBRMN Linux - Security 2 06-20-2005 08:41 PM
Login fails, but password is accepted skulka Linux - Software 3 01-06-2005 07:38 PM
root password not accepted MauricioTulua Linux - Software 3 07-04-2004 02:21 AM
Help.. su password no longer accepted icb410 Linux - General 3 05-30-2004 10:52 AM


All times are GMT -5. The time now is 01:13 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration