LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-10-2002, 03:35 PM   #1
fmagoufis
LQ Newbie
 
Registered: Dec 2002
Location: Boston, MA
Distribution: RHEL
Posts: 8

Rep: Reputation: 0
cannot run su -


for some reason i cannot use su - anymore. It says

su: incorrect password

and i know it work the other day. Any ideas why this wouldnt work anymore?

The server is a new 8.0 install in a private home environment. Nobody can get to it other than myself.
 
Old 12-10-2002, 07:54 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607
Myabe you inadvertedly tripped the CAPS key? :-]
If all fails boot into single mode and just issue yourself a new root passwd.
 
Old 12-11-2002, 11:08 AM   #3
fmagoufis
LQ Newbie
 
Registered: Dec 2002
Location: Boston, MA
Distribution: RHEL
Posts: 8

Original Poster
Rep: Reputation: 0
i can log into the system with root just fine. If i connect to the system via telnet or ssh and attempt to run su -, thats when i get the incorrect password.
 
Old 12-11-2002, 01:35 PM   #4
moses
Senior Member
 
Registered: Sep 2002
Location: Arizona, US, Earth
Distribution: Slackware, (Non-Linux: Solaris 7,8,9; OSX; BeOS)
Posts: 1,152

Rep: Reputation: 50
Do you have a file called:
/etc/suauth

if so, you may have to fix it.
man suauth
man su
 
Old 12-12-2002, 01:43 PM   #5
fmagoufis
LQ Newbie
 
Registered: Dec 2002
Location: Boston, MA
Distribution: RHEL
Posts: 8

Original Poster
Rep: Reputation: 0
Dont have the file. What should i look for next?
 
Old 12-12-2002, 03:15 PM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607
Grep your logfiles for PAM warnings at the time of login.
 
Old 12-12-2002, 10:15 PM   #7
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
Any error messages in your logs that might be helpful to us?

Last edited by stickman; 12-12-2002 at 10:16 PM.
 
Old 12-13-2002, 01:20 PM   #8
fmagoufis
LQ Newbie
 
Registered: Dec 2002
Location: Boston, MA
Distribution: RHEL
Posts: 8

Original Poster
Rep: Reputation: 0
this is the message as I log in as the regular user and then attempt to su.

Dec 13 13:13:03 hades login(pam_unix)[5741]: session opened for user helpdesk by (uid=0)
Dec 13 13:13:03 hades -- helpdesk[5741]: LOGIN ON pts/1 BY helpdesk FROM ncit6212
Dec 13 13:15:21 hades su(pam_unix)[5793]: authentication failure; logname=helpdesk uid=500 euid=500
tty= ruser=helpdesk rhost= user=root
 
Old 12-16-2002, 10:40 AM   #9
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607
Could you open up your /etc/pam.d/system-auth and add this to the "pam_unix" line:
"auth required /lib/security/pam_unix.so debug"
and try again? It will log more info.
 
Old 12-16-2002, 03:36 PM   #10
indi
LQ Newbie
 
Registered: Dec 2002
Distribution: redhat
Posts: 14

Rep: Reputation: 0
if your machine is configured as high security or medium security, you need to be in wheel group in order to su ;-)

logon as root

vi /etc/group

add your name in front of wheel

done....

now you can su ;-)
 
Old 12-22-2002, 02:14 PM   #11
fmagoufis
LQ Newbie
 
Registered: Dec 2002
Location: Boston, MA
Distribution: RHEL
Posts: 8

Original Poster
Rep: Reputation: 0
I tried the debug statement, but the output is exactly the same. If I cannot run the su - command, can I set the system to allow root to telnet/ssh in? I am not concerned with security, the system is only going to be used by myself.
 
Old 12-23-2002, 07:48 AM   #12
ugenn
Member
 
Registered: Apr 2002
Posts: 549

Rep: Reputation: 30
securetty problem maybe?
 
Old 04-12-2006, 11:29 PM   #13
smuzzio
LQ Newbie
 
Registered: Apr 2006
Posts: 5

Rep: Reputation: 0
first check the content of this file:
/etc/pam.d/su

if you have this:
auth required /lib/security/pam_wheel.so group=root

change root to another group

the put in this new group your user that use "su" command
This solve my problem.

bye!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot get NVIDIA-Linux-x86_64-1.0-6629-pkg2.run to run properly doctorwebbox Linux - Hardware 0 02-06-2005 07:18 AM
Not able to run audio Cds (not MP3) and run VCDS.. satish427 Linux - Newbie 4 09-25-2004 12:27 AM
Trying to run photoshop in wine. Install, but wont run. bruno buys Linux - Software 14 07-15-2004 05:30 PM
will delphi run on winex ? (i cant run kylix3 :(( ) hunter_one Linux - Software 0 10-19-2003 09:41 AM
Java applets run fine in Konqueror, but won't run in MS IE. OAnimal Linux - Software 7 12-04-2002 07:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration