Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
02-04-2001, 10:12 PM
|
#1
|
LQ Newbie
Registered: Feb 2001
Posts: 4
Rep:
|
Dear Sir,
I am using SUSE linux and I encountered a problem on changing user right to root by "su -" command. After entering the password, it displayed an error message, "su: cannot set groups: Operation not permitted". This error had not encountered in the past and now I just can logon as root at boot up time.
Please advise.
I look forward to see your reply.
Thanks and regards,
Nelson Yuen
|
|
|
02-04-2001, 10:30 PM
|
#2
|
root 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,626
|
I would make sure that the su binary is suid root. Then make sure that /etc/passwd and /etc/group are both world readable. If everything checks out I would run an strace on su. It may be looking for a library that no longer exists.
|
|
|
02-04-2001, 10:46 PM
|
#3
|
LQ Newbie
Registered: Feb 2001
Posts: 4
Original Poster
Rep:
|
Thanks for you quick reply.
I made sure that /etc/group and /etc/passwd are world readable, but how can I sure the su is suid root?
I used the strace su command and got the follow result at the tail.
----------------------------------------------------------
igaction(SIGPIPE, {0x400eef30, [], 0x4000000}, {SIG_DFL}, 8) = 0
socket(PF_UNIX, SOCK_DGRAM, 0) = 3
fcntl(3, F_SETFD, FD_CLOEXEC) = 0
connect(3, {sin_family=AF_UNIX, path=" /dev/log"}, 16) = 0
send(3, "<37>Feb 10 04:25:27 su: (to root"..., 51, 0) = 51
rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
close(3) = 0
open("/etc/group", O_RDONLY) = 3
fcntl(3, F_GETFD) = 0
fcntl(3, F_SETFD, FD_CLOEXEC) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=667, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40152000
_llseek(3, 0, [0], SEEK_CUR) = 0
read(3, "root:x:0:root\nbin:x:1:root,bin,d"..., 4096) = 667
read(3, "", 4096) = 0
close(3) = 0
munmap(0x40152000, 4096) = 0
setgroups(7, [0, 1, 14, 15, 16, 17, 65534]) = -1 EPERM (Operation not permitted)
open("/usr/share/locale/en_US/LC_MESSAGES/sh-utils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/sh-utils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, "su: ", 4su: ) = 4
write(2, "cannot set groups", 17cannot set groups) = 17
open("/usr/share/locale/en_US/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, ": Operation not permitted", 25: Operation not permitted) = 25
write(2, "\n", 1
) = 1
_exit(1) = ?
-----------------------------------------------------
Then what can I do?
Please advise.
|
|
|
02-04-2001, 10:51 PM
|
#4
|
root 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,626
|
If you do an ls -l on su you should see:
|
|
|
02-05-2001, 12:08 AM
|
#5
|
LQ Newbie
Registered: Feb 2001
Posts: 4
Original Poster
Rep:
|
It shows rwxr-xr-x, should I change to mode? How?
|
|
|
02-05-2001, 06:44 AM
|
#6
|
LQ Newbie
Registered: Jan 2001
Location: Santiago, Chile
Posts: 21
Rep:
|
chmod +s
chmod +s being root
you could chose chmod [ugo]+s where u = user, g = group,
o = others ...
if you want to use "group" and user ... chmod ug+s <program>
|
|
|
02-05-2001, 08:20 PM
|
#7
|
LQ Newbie
Registered: Feb 2001
Posts: 4
Original Poster
Rep:
|
Oh thanks a lot. it works now.
but why will it change the mode suddenly? Is the suse not stable?
|
|
|
02-06-2001, 06:34 AM
|
#8
|
LQ Newbie
Registered: Jan 2001
Location: Santiago, Chile
Posts: 21
Rep:
|
don't worry
Don't worry, "su" may be or may be not be executed from users, this (AFAIK) is a security issue. For example, in my old job no other user than root can do "su" ... it was some kind of paranoia, but that has nothing to do with stability of the system ...
(every program with "set uid" root is potencialy dangerous, but if the machine is yours, not setting set uid root to "su" could be very annoying :-)
I think that suse is a great distrubution ...
|
|
|
10-16-2009, 09:47 PM
|
#9
|
LQ Newbie
Registered: Oct 2009
Posts: 1
Rep:
|
Worked for me
Great answer. Thanks a lot.
|
|
|
10-17-2009, 06:23 AM
|
#10
|
Senior Member
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Ubuntu 12.04, Antix19.3
Posts: 3,797
|
Kicking a thread that's more than 8.5 years old, just to say thanks
But OK, nice to see that jeremy actually did assist in solving problems in the old days 
|
|
|
10-17-2009, 11:43 AM
|
#11
|
root 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,626
|
Wim Sturkenboom, I still do - just not quite as much as when LQ started (and I was one of the only members answering threads).
--jeremy
|
|
|
10-18-2009, 01:55 AM
|
#12
|
Senior Member
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Ubuntu 12.04, Antix19.3
Posts: 3,797
|
I assume you do; probably not as much in the sections that I visit. To be honest, it was the first time in my 4 year history with LQ that I saw your name, so that caught the attention.
And just in case, it was not intended as an offence
|
|
|
10-18-2009, 10:53 AM
|
#13
|
root 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,626
|
None taken
--jeremy
|
|
|
01-14-2010, 03:18 PM
|
#14
|
LQ Newbie
Registered: Mar 2005
Location: Chicago area
Distribution: Fedora Core
Posts: 8
Rep:
|
One other way....
You can also set the SETUID on su by entering: chmod 4755 /bin/su as root. I never got used to those "+" changes...
|
|
|
07-31-2010, 12:24 PM
|
#15
|
LQ Newbie
Registered: Jul 2010
Posts: 1
Rep:
|
this was incredibly helpful! registered just to say thanks.
|
|
|
All times are GMT -5. The time now is 03:48 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|