"Permissions on the password database may be too restrictive"
Hi Folks
When i try to su to root in a console window I get the message "Permissions on the password database may be too restrictive" I've been messing around trying to correct ownership problems with chown and must have screwed something somewhere. I can ctrl-alt-F1 to a text console and login as root. However if I try to use any functions via the gui needing root privilages I get the message above or "su error" Does anyone know which file the password database is in? I'm using Opensuse10.2 64 bit version Thanks |
If you are using the standard password file and not LDAP or NIS or any other authentication, you will probably want to check the permissions on /etc/shadow and /etc/passwd. I think /etc/shadow should only be readable by root (400) and /etc/passwd should be readable/writable by root, readable by root group, and readable by everyone (644).
|
hi,
/etc/passwd (644) /etc/shadow (400) ...are the default permissions. if you made any changes, please revert to the defaults. never allow shadow file readable to other users! if you are using KDE desktop, do the following. its a fix to KDE on SuSE. Quote:
________________________________ mmn |
Thanks Folks:p
Sorted!!! I can now get YAST via the Gui |
I noticed that the permissions on my /etc/shadow file are 640, not 400.
Here is what I see: Code:
-rw-r----- 1 root shadow 657 2006-12-02 22:42 shadow |
I'm guessing here , its possibly a distribution thing but
400 means root only can read the shadow file (security) but cant accidentally write to it. So if root is adding a new user he has to explicitly change the file permissions to write to the file. If chmod is only usable by root when logged in locally then a hacker (assuming a remote access ) cant add to the file. Any one know about restrictions to chmod use ? |
All times are GMT -5. The time now is 08:20 PM. |