LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 05-13-2004, 08:48 PM   #1
jon_k
Member
 
Registered: Jul 2003
Location: Fort Worth, Texas
Distribution: Mepis Linux 2004
Posts: 547

Rep: Reputation: 30
Normal users can't su to root? Why not?


I've gotton root to a server from which is profesionally hosted.

I have root access, and I've found out that if I log in as a user then go

su
<type password here>

then it says

[jon_k@sls-dc4p3 root]$ su
Password:
su: incorrect password
[jon_k@sls-dc4p3 jon_k]$


I am _sure_ this is the password i've tried it hundreds of times.

I can ssh in to the box as root and then do su jon_k and get in to jon_k fine.


Is there a security feature disabling su to root? If so how could i disable it?

Please help me I'm pulling my hair out on this it's frustrating as hell!
ANY HELP APPRICIATED, THANK YOU!

Last edited by jon_k; 05-13-2004 at 08:49 PM.
 
Old 05-13-2004, 09:56 PM   #2
jtshaw
Senior Member
 
Registered: Nov 2000
Location: Seattle, WA USA
Distribution: Ubuntu @ Home, RHEL @ Work
Posts: 3,892
Blog Entries: 1

Rep: Reputation: 67
On many machine users have to been in the wheel group to su. Also, sometimes admins will disable su completely and make users use sudo instead.
 
Old 05-13-2004, 09:59 PM   #3
jon_k
Member
 
Registered: Jul 2003
Location: Fort Worth, Texas
Distribution: Mepis Linux 2004
Posts: 547

Original Poster
Rep: Reputation: 30
How do I get my user in the "wheel" to be able to SU.

I've got root to this box, so I can fix this if anyone knows how to get me in the "wheel" as explained above.
 
Old 05-13-2004, 11:05 PM   #4
jtshaw
Senior Member
 
Registered: Nov 2000
Location: Seattle, WA USA
Distribution: Ubuntu @ Home, RHEL @ Work
Posts: 3,892
Blog Entries: 1

Rep: Reputation: 67
Edit /etc/group

Somewhere in there there will be a line like this wheel:x:username1,usernamer2

Add your user to this list (comma is the dilimeter).
 
Old 05-13-2004, 11:08 PM   #5
rdmenotte
Newbie
 
Registered: Apr 2004
Posts: 24

Rep: Reputation: 15
It would probably be safer and quicker to do this :-)

gpasswd -a username wheel

Of course you would want to change username with a user like Tom, Harry, etc thus making it look like:

gpasswd -a rdmenotte wheel


man gpasswd for some options :-)

have phun!!
 
Old 05-13-2004, 11:14 PM   #6
jtshaw
Senior Member
 
Registered: Nov 2000
Location: Seattle, WA USA
Distribution: Ubuntu @ Home, RHEL @ Work
Posts: 3,892
Blog Entries: 1

Rep: Reputation: 67
Eh... why are people so scared of text files?
 
Old 05-14-2004, 12:52 AM   #7
Balban
LQ Newbie
 
Registered: Sep 2003
Location: Hull
Distribution: Slackware 9.1
Posts: 9

Rep: Reputation: 0
Doesn’t su need to run as root, so that it can access the password files?, I get the same error after I change its access rights
 
Old 05-14-2004, 01:35 AM   #8
rdmenotte
Newbie
 
Registered: Apr 2004
Posts: 24

Rep: Reputation: 15
It's not that people are scared of text files... but why open the file, find the line, edit and save and still have the possibility to screw it up? Why not just use the tool and be correct?
 
Old 05-14-2004, 01:46 AM   #9
SciYro
Senior Member
 
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038

Rep: Reputation: 51
gpasswd --help and you'll see why

and see what happens when you don't enter in a password when you use su,, but i think Balban is correct
 
Old 05-14-2004, 11:26 AM   #10
rdmenotte
Newbie
 
Registered: Apr 2004
Posts: 24

Rep: Reputation: 15
actually... I was just saying to use gpasswd to add users to groups...
 
Old 05-14-2004, 01:07 PM   #11
jon_k
Member
 
Registered: Jul 2003
Location: Fort Worth, Texas
Distribution: Mepis Linux 2004
Posts: 547

Original Poster
Rep: Reputation: 30
Okay, tried what was mentioned:

-----------------------------------------------------
Code:
[root@sls-dc4p3 home]# gpasswd -a jon_k wheel
Adding user jon_k to group wheel
[root@sls-dc4p3 home]# su jon_k
[jon_k@sls-dc4p3 home]$ su
Password:
su: incorrect password
[jon_k@sls-dc4p3 home]$ su
Password:
su: incorrect password
[jon_k@sls-dc4p3 home]$
-----------------------------------------------------

See, still doesn't work. Any idea? :/

Thank you.

Jon Kelley

Last edited by jon_k; 05-14-2004 at 01:14 PM.
 
Old 05-15-2004, 02:57 AM   #12
jon_k
Member
 
Registered: Jul 2003
Location: Fort Worth, Texas
Distribution: Mepis Linux 2004
Posts: 547

Original Poster
Rep: Reputation: 30
*bump*
 
Old 07-09-2004, 05:09 PM   #13
kj6loh
Member
 
Registered: Jun 2004
Posts: 47

Rep: Reputation: 17
The thing about this system is that su has been disabled. If you are using pam, a lot of linux users are and don't even know it, then check the su config file in pam and it should have something like this.

In fedora core 2 it's in /etc/pam.d/su. Add this line

auth required /lib/security/$ISA/pam_wheel.so use_uid

Then only those in the wheel group will be able to use su. Everyone will still be able to run it. But everyone not in the wheel group will get an incorrect password response, no matter what password you enter, does not matter if it is correct or not.

I'm looking for something similar. I have a post in another part of the board about su and wheel group. but I do not want to disable su for some people.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems with normal users SabaumLinux Linux - Software 5 02-15-2005 02:18 AM
KDE users - Having root file manager while still logged in as normal user thegeekster Linux - General 1 04-27-2004 11:47 PM
Permission for normal users Vizy Linux - General 1 03-16-2004 12:39 PM
I want to allow normal users for mounting bacon22 Linux - General 9 01-29-2004 03:29 AM
snes9express and normal users murray_linux Slackware 12 12-20-2003 04:56 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:12 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration