Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
05-13-2004, 07:48 PM
|
#1
|
Member
Registered: Jul 2003
Location: Fort Worth, Texas
Distribution: Mepis Linux 2004
Posts: 547
Rep:
|
Normal users can't su to root? Why not?
I've gotton root to a server from which is profesionally hosted.
I have root access, and I've found out that if I log in as a user then go
su
<type password here>
then it says
[jon_k@sls-dc4p3 root]$ su
Password:
su: incorrect password
[jon_k@sls-dc4p3 jon_k]$
I am _sure_ this is the password i've tried it hundreds of times.
I can ssh in to the box as root and then do su jon_k and get in to jon_k fine.
Is there a security feature disabling su to root? If so how could i disable it?
Please help me I'm pulling my hair out on this it's frustrating as hell!
ANY HELP APPRICIATED, THANK YOU!
Last edited by jon_k; 05-13-2004 at 07:49 PM.
|
|
|
05-13-2004, 08:56 PM
|
#2
|
Senior Member
Registered: Nov 2000
Location: Seattle, WA USA
Distribution: Ubuntu @ Home, RHEL @ Work
Posts: 3,892
Rep:
|
On many machine users have to been in the wheel group to su. Also, sometimes admins will disable su completely and make users use sudo instead.
|
|
|
05-13-2004, 08:59 PM
|
#3
|
Member
Registered: Jul 2003
Location: Fort Worth, Texas
Distribution: Mepis Linux 2004
Posts: 547
Original Poster
Rep:
|
How do I get my user in the "wheel" to be able to SU.
I've got root to this box, so I can fix this if anyone knows how to get me in the "wheel" as explained above.
|
|
|
05-13-2004, 10:05 PM
|
#4
|
Senior Member
Registered: Nov 2000
Location: Seattle, WA USA
Distribution: Ubuntu @ Home, RHEL @ Work
Posts: 3,892
Rep:
|
Edit /etc/group
Somewhere in there there will be a line like this wheel:x:username1,usernamer2
Add your user to this list (comma is the dilimeter).
|
|
|
05-13-2004, 10:08 PM
|
#5
|
Newbie
Registered: Apr 2004
Posts: 24
Rep:
|
It would probably be safer and quicker to do this :-)
gpasswd -a username wheel
Of course you would want to change username with a user like Tom, Harry, etc thus making it look like:
gpasswd -a rdmenotte wheel
man gpasswd for some options :-)
have phun!!
|
|
|
05-13-2004, 10:14 PM
|
#6
|
Senior Member
Registered: Nov 2000
Location: Seattle, WA USA
Distribution: Ubuntu @ Home, RHEL @ Work
Posts: 3,892
Rep:
|
Eh... why are people so scared of text files?
|
|
|
05-13-2004, 11:52 PM
|
#7
|
LQ Newbie
Registered: Sep 2003
Location: Hull
Distribution: Slackware 9.1
Posts: 9
Rep:
|
Doesn’t su need to run as root, so that it can access the password files?, I get the same error after I change its access rights
|
|
|
05-14-2004, 12:35 AM
|
#8
|
Newbie
Registered: Apr 2004
Posts: 24
Rep:
|
It's not that people are scared of text files... but why open the file, find the line, edit and save and still have the possibility to screw it up? Why not just use the tool and be correct?
|
|
|
05-14-2004, 12:46 AM
|
#9
|
Senior Member
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038
Rep:
|
gpasswd --help and you'll see why
and see what happens when you don't enter in a password when you use su,, but i think Balban is correct
|
|
|
05-14-2004, 10:26 AM
|
#10
|
Newbie
Registered: Apr 2004
Posts: 24
Rep:
|
actually... I was just saying to use gpasswd to add users to groups...
|
|
|
05-14-2004, 12:07 PM
|
#11
|
Member
Registered: Jul 2003
Location: Fort Worth, Texas
Distribution: Mepis Linux 2004
Posts: 547
Original Poster
Rep:
|
Okay, tried what was mentioned:
-----------------------------------------------------
Code:
[root@sls-dc4p3 home]# gpasswd -a jon_k wheel
Adding user jon_k to group wheel
[root@sls-dc4p3 home]# su jon_k
[jon_k@sls-dc4p3 home]$ su
Password:
su: incorrect password
[jon_k@sls-dc4p3 home]$ su
Password:
su: incorrect password
[jon_k@sls-dc4p3 home]$
-----------------------------------------------------
See, still doesn't work. Any idea? :/
Thank you.
Jon Kelley
Last edited by jon_k; 05-14-2004 at 12:14 PM.
|
|
|
05-15-2004, 01:57 AM
|
#12
|
Member
Registered: Jul 2003
Location: Fort Worth, Texas
Distribution: Mepis Linux 2004
Posts: 547
Original Poster
Rep:
|
*bump*
|
|
|
07-09-2004, 04:09 PM
|
#13
|
Member
Registered: Jun 2004
Posts: 47
Rep:
|
The thing about this system is that su has been disabled. If you are using pam, a lot of linux users are and don't even know it, then check the su config file in pam and it should have something like this.
In fedora core 2 it's in /etc/pam.d/su. Add this line
auth required /lib/security/$ISA/pam_wheel.so use_uid
Then only those in the wheel group will be able to use su. Everyone will still be able to run it. But everyone not in the wheel group will get an incorrect password response, no matter what password you enter, does not matter if it is correct or not.
I'm looking for something similar. I have a post in another part of the board about su and wheel group. but I do not want to disable su for some people.
|
|
|
All times are GMT -5. The time now is 11:09 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|