LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 05-02-2003, 01:09 PM   #1
tisource
Member
 
Registered: Feb 2002
Posts: 322

Rep: Reputation: 30
Can no longer 'su'


Okay, I'm posting alot here the past few days. It shows how much I still don't know.

I recently read a security article about linux, and decided I'd better check my security. I fired up Mandrake Control panel to see what options it had. I don't recall changing much at all, in fact I added some permissions to system folders to an "admins" group which I had to remove, as it was causing problems with apache.

Nonetheless, everything is working good now, but I cannot su. I can log in as root, and everything works fine. But if I log in as a normal user, I cannot su. I get 'invalid password'. I can 'su' as my normal user from a root logon, but cannot do the inverse.

I read somewhere that 'shadow passwords' can cause problems if messed up. I don't know much about it...anyone with ideas?

Again, sorry I'm asking more questions than I'm answering, but I guess we all gotta learn some way.

Thanks
 
Old 05-02-2003, 01:42 PM   #2
fancypiper
LQ Guru
 
Registered: Feb 2003
Location: Sparta, NC USA
Distribution: Ubuntu 10.04
Posts: 5,141

Rep: Reputation: 60
If you tightened down security, you probably have to add users to the "wheel" group to access admin functions.
 
Old 05-02-2003, 02:26 PM   #3
jailbait
LQ Guru
 
Registered: Feb 2003
Location: Virginia, USA
Distribution: Debian 12
Posts: 8,334

Rep: Reputation: 547Reputation: 547Reputation: 547Reputation: 547Reputation: 547Reputation: 547
su setup

As part of security setup you can allow or disallow users to use the su command. You can also limit what su allows, i.e. you can set up su so that it gives a user less than full root privilages.

I have always used unrestricted su commands and have never messed with it. But I think that when you were browsing through security administration that you probable changed the su security setup.
 
Old 05-02-2003, 03:22 PM   #4
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
Your log files in /var/log will hold valueable information why you haven't been allowed to su.
 
Old 05-03-2003, 01:04 PM   #5
tisource
Member
 
Registered: Feb 2002
Posts: 322

Original Poster
Rep: Reputation: 30
Okay.....

I checked /var/log, and auth.log shows I ran 'su' but it shows no error. I can't find errors in any of the log files.

I checked permissions, and only root had access to the 'su' command...no one else had ANY permissions, but then that doesn't account for the fact that su did run. I'm kinda baffled on that one.

I gave everyone read permissions to su, and now I get:

su: cannot set groups: Operation not permitted

BTW, I did add my user to the 'wheel' group, and that made no difference. root can login just fine. Wierd.

I still login as root and administer that way, but I am trying to be security conscious and login as my normal user, and 'su' when necessary.

I have no idea how to tweak 'su' in terms of what a 'su' user can do. Ideas?

Thanks for all your help. Learning, slowly, but steadily.
 
Old 05-03-2003, 08:51 PM   #6
camelrider
Member
 
Registered: Apr 2003
Location: Juneau, Alaska
Posts: 251

Rep: Reputation: 32
Have you tried (as root) giving users execute permission to the 'su' file?
 
Old 05-04-2003, 09:09 AM   #7
Nukes
Member
 
Registered: Apr 2003
Location: Scotland UK
Distribution: Gentoo
Posts: 92

Rep: Reputation: 15
He can access su, look at his post. This is becuase he isn't in the wheel group. edit /etc/group and add your username to the wheel one. Login as root to do this.
There is another way to do it (editing sudoers) but thats pretty tricky and probably beyond you if you're new.
 
Old 05-04-2003, 03:20 PM   #8
tisource
Member
 
Registered: Feb 2002
Posts: 322

Original Poster
Rep: Reputation: 30
My user is already in the wheel group.

When I set permissions on su, now it says this when I try to run su:
su: cannot set groups: Operation not permitted

I actually looked at sudoers file and I don't see anything that should cause a conflict.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
What's the difference between 'su' and 'su -' rickh Linux - Newbie 2 09-10-2005 12:48 PM
Problem with 'su' gri6507 Linux - Software 5 06-17-2005 09:11 AM
'su' will not work under KDE digx Linux - General 5 02-13-2005 06:01 PM
how to change 'su' path danahata Slackware 4 02-26-2004 01:09 PM
did a iptables -L as 'su' and got this ..... purpleburple Linux - Security 1 07-27-2002 01:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 07:38 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration