Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a system set up with an administrator account aside from root.
I've lost the ability to su to that administrator account, even from root. It was working fine a week ago.
When I log in as root, I get the following:
[root@localhost root]# su admin
su: incorrect password
I can su to any other account just fine.
[root@localhost root]# su user
bash-2.05b$
I've tried changing the root password and admin password, but nothing has helped. I've removed the admin entries from /etc/passwd and /etc/shadow and tried, and system says the account doesn't exist, which is expected. However, when I add them back, same problem.
Not sure if this matters or not, but the admin account password was set to expire after 60 days. I've checked the config files the account is not locked.
Look at the "passwd -u" option to unlock the account - it probably got locked due to expiration. You can also use the "chage" command to deal with setting expiration values.
I had checked everything concerning the /etc/passwd and /etc/shadow files, everything seemed to be ok. I tried locking and unlocking with 'passwd -l' and 'passwd -u', but still no go.
As it turns out, there were cron jobs that did a su to the admin account.
When the password expired, the cron job was being prompted for the password. After 3 login failures, the account was getting locked by PAM. This was due to using the pam_tally.so module.
To fix the problem, I removed deny= argument from /etc/pam.d/system-auth.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.