LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Unix-chkpwd problem with Linux-PAM-1.1-1 trying to run su from shadow-4.1.4.2 (http://www.linuxquestions.org/questions/linux-security-4/unix-chkpwd-problem-with-linux-pam-1-1-1-trying-to-run-su-from-shadow-4-1-4-2-a-826418/)

hoes 08-15-2010 07:14 PM

Unix-chkpwd problem with Linux-PAM-1.1-1 trying to run su from shadow-4.1.4.2
 
I am trying to run su as a non privileged user to log in as root.
However, this only works when I make /etc/shadow world readable.
I have /lib/security/unix_chkpwd as a setuid root executable

I use the following pam-file for su:

Code:

# Begin /etc/pam.d/su

auth        sufficient      pam_rootok.so
auth        required        pam_unix.so
account    required        pam_unix.so
session    optional        pam_mail.so    dir=/var/mail standard
session    optional        pam_xauth.so
session    required        pam_env.so
session    required        pam_unix.so

# End /etc/pam.d/su

Has anyone got a clue to what's happening here?

hoes 08-15-2010 07:55 PM

I kept getting errors in auth.log like:
Code:

unix_chkpwd[7569]: check pass; user unknown
unix_chkpwd[7569]: password check failed for user (root)
su[7568]: pam_unix(su:auth): authentication failure;
logname=hugo uid=10056 euid=10056 tty=/dev/tty5 ruser=hugo rhost= user=root
su[7568]: pam_authenticate: Authentication failure
su[7568]: FAILED su for root by hugo
su[7568]: - /dev/tty5 hugo:root

I interpreted this as a failure of unix_chkpwd.
However, I had /bin/su as a regular executable.
Once I changed this to setuid root, everything worked.

So sorry, false alarm.


All times are GMT -5. The time now is 09:39 PM.