Cannot "su" in the terminal
Hi there!
I'm using Mdk 10.0 and I cannot "su" when I'm logged in as a user of the wheel group.
I want to stay at level 4 (server), but also want to be able to su to root from any user.
Right now I get the message: Incorrect password. And I'm sure the pass is correct, since I can login as root from the login menu.
This is my level.4 file:
accept_bogus_error_responses no
accept_broadcasted_icmp_echo no
accept_icmp_echo no
allow_autologin no
allow_issues LOCAL
allow_reboot no
allow_remote_root_login without_password
allow_root_login yes
allow_user_list no
allow_x_connections NONE
allow_xserver_to_listen no
authorize_services LOCAL
enable_at_crontab no
enable_console_log yes
enable_dns_spoofing_protection yes
enable_ip_spoofing_protection yes
enable_log_strange_packets yes
enable_msec_cron yes
enable_pam_wheel_for_su yes
enable_password yes
enable_promisc_check yes
enable_security_check yes
enable_sulogin yes
password_aging 60 30
password_history 0
password_length 6 1 1
set_root_umask 022
set_secure_level 4
set_security_conf CHECK_OPEN_PORT yes
set_security_conf CHECK_PASSWD yes
set_security_conf CHECK_PERMS yes
set_security_conf CHECK_PROMISC yes
set_security_conf CHECK_SECURITY yes
set_security_conf CHECK_SGID yes
set_security_conf CHECK_SHADOW yes
set_security_conf CHECK_SUID_MD5 yes
set_security_conf CHECK_SUID_ROOT yes
set_security_conf CHECK_UNOWNED yes
set_security_conf CHECK_WRITABLE yes
set_security_conf CHKROOTKIT_CHECK yes
set_security_conf MAIL_EMPTY_CONTENT yes
set_security_conf MAIL_WARN yes
set_security_conf RPM_CHECK yes
set_security_conf SYSLOG_WARN yes
set_security_conf TTY_WARN yes
set_shell_history_size 10
set_shell_timeout 3600
set_user_umask 077
And this is my level.local file:
enable_pam_wheel_for_su (yes)
allow_root_login (yes)
enable_at_crontab (yes)
Oh yeah, when I use tcsh, no command is recognized anymore. Using bash, everything works ....
Any help to get su working again is very much appreciated!!!
And I admit I played a little with this msec thingy .... shouldn't have done that ...
Josh (noob)
Last edited by joshtt; 09-20-2005 at 06:33 AM.
|