LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 03-02-2009, 05:18 PM   #1
Mistoffeles
Member
 
Registered: Dec 2007
Location: TGWN
Distribution: Fedora, RHEL, CentOS, Evil Entity
Posts: 36

Rep: Reputation: 15
su failing, same password works fine at console


Never had this happen before, I have a new server (RHEL 5.3) that I can log into at the console keyboard but I can't su from my account using the exact same password.

I have gone through the /etc/pam.d/su file, /etc/ssh/sshd_config and just about every other thing that I can think of, comparing it to my other servers, and nothing seems to be any different.

Anyone able to point me in the right direction towards solving this?
 
Old 03-02-2009, 06:16 PM   #2
FragInHell
Member
 
Registered: Sep 2003
Location: Sydney Australia
Distribution: Redhat, Centos, Ubuntu
Posts: 282

Rep: Reputation: 45
Try resseting the password as root, or even editing shadow and removing the password, then can u login?
 
Old 03-02-2009, 06:42 PM   #3
Mistoffeles
Member
 
Registered: Dec 2007
Location: TGWN
Distribution: Fedora, RHEL, CentOS, Evil Entity
Posts: 36

Original Poster
Rep: Reputation: 15
I've done that, and then just to see I tried something else, I logged in using my account at the console and I could not su to root.

So, nothing wrong with ssh/sshd, it's just su. Going to research this, but if anyone has any ideas please post as I generally take forever to find what I need just by book/Google research.
 
Old 03-02-2009, 08:03 PM   #4
FragInHell
Member
 
Registered: Sep 2003
Location: Sydney Australia
Distribution: Redhat, Centos, Ubuntu
Posts: 282

Rep: Reputation: 45
can u post your pam su and pam login configuration files, are you using directory server/ldap?
 
Old 03-02-2009, 08:36 PM   #5
Mistoffeles
Member
 
Registered: Dec 2007
Location: TGWN
Distribution: Fedora, RHEL, CentOS, Evil Entity
Posts: 36

Original Poster
Rep: Reputation: 15
As far as I know, I am using local shadow password authentication. I set up the wheel group to allow only certain users to be able to use su.

The only thing I changed in /etc/pam.d/su was to uncomment the line:
auth required pam.wheel.so use_uid
This gives me this result:
su: incorrect password
I then recommented the other line and uncommented this:
auth sufficient pam_wheel.so trust use_uid
Which gave me this result:
su: cannot set groups: operation not permitted
So I changed back to the first one.

Here are the pam files:
[root@beastie ~]# cat /etc/pam.d/su
#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
auth required pam_wheel.so use_uid
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so

[root@beastie ~]# cat /etc/pam.d/login
#%PAM-1.0
auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session include system-auth
session required pam_loginuid.so
session optional pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open
session optional pam_keyinit.so force revoke
SELinux is disabled.
 
Old 03-02-2009, 08:55 PM   #6
Mistoffeles
Member
 
Registered: Dec 2007
Location: TGWN
Distribution: Fedora, RHEL, CentOS, Evil Entity
Posts: 36

Original Poster
Rep: Reputation: 15
Note: According to env, kerberos is in my path. I don't know if that means I am actually using it to authenticate.

The more I learn about Linux, the more I realise how little I know.
 
  


Reply

Tags
login, ssh, su


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
su - password not accepted; root console login fine mrclisdue Linux - Security 5 11-25-2007 06:24 PM
Kubuntu - Console mode shows black screen, X works fine shiv_379 Linux - Newbie 6 08-07-2006 05:11 PM
e0 will Rx, but not Tx...e1 works fine giant Linux - Networking 2 09-15-2004 02:13 PM
Works just fine...I think /home/kyle Linux - Software 0 03-10-2004 06:09 AM
LILO install failing, Boot failing, but Installation fine. sramelyk Slackware 9 08-23-2003 03:37 PM


All times are GMT -5. The time now is 02:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration