after giving for sudo su - command,it is prompting to change root passwd
 

Hi All,

I have been facing a problem from past 1 week.I have declared root id as shared ID and set root age to 0 (chage -d 0 root, as a part of security policies laid by company.

Now when i am using sudo su - command,i am unable to login and it is prompting me to change root password immediately.If i change the root password,root cron jobs are not excuting.

what parameters should i have to consider,so that my root cronjobs should not be affected even after root passwd change,and sudo login should not be affected.

Thanks in advance


--Amar

It might help to know which distribution you are using. I do not know about Red Hat-based and other systems, but with Debian-based systems, su and sudo are different. I interpret your wording to mean you are entering both: sudo su. Only guessing, but could that be part of the problem?

I'm using Red Hat Enterprise Linux Server release 5.7 (Tikanga)

Hi amar.sree,

1) Just curious, what is meant by "declaring root ID as shared ID".
2) I dont know if the following would suit your environment :
that is, do not set password for root user, but to use key-based authentication for root user so that you could avoid the "chage -d 0" issues for root user.
3)Please check if root user password being mentioned in cron jobs, If not used, then the crons should be running fine.

The command that you are running changed the expiration of root's passwd to 0 so it is expecting you to set a new password now. Basically you have expired root's password.

Hi grim,

yes,root password is expired and my requirement is with expired root password also i should be able to perform sudo su -.

Even with expired root password, i was able to execute any command with sudo <command>.but it was not allowing to sudo su - login.

IS it possible by making changes in /etc/pam.d.su,/etc/pam.d/su -i and /etc/pam.d/system-auth files.


Thanks for all replies

Amar
"The belief in a thing makes it happen."