SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello.
I have problem. I've installed Slackware 12.0 yesterday. It works fine exccept one thing. I have problem with su. I can login as root and user fine. But when I login as user I cannot use su.
Code:
tom@metodej:/$ su
Password:
Sorry.
Password is correct but it still doesn't work. User is in wheel group, has rights to /bin/su......
Code:
cat securetty
# This file defines which devices root can log in on.
# These are the ttys on the physical console:
console
tty1
tty2
tty3
tty4
tty5
tty6
Hello.
I have problem. I've installed Slackware 12.0 yesterday. It works fine exccept one thing. I have problem with su. I can login as root and user fine. But when I login as user I cannot use su.
Code:
tom@metodej:/$ su
Password:
Sorry.
Password is correct but it still doesn't work. User is in wheel group, has rights to /bin/su......
Code:
cat securetty
# This file defines which devices root can log in on.
# These are the ttys on the physical console:
console
tty1
tty2
tty3
tty4
tty5
tty6
Does anybody has any idea?
Thanks..
Stupid question, but who's password are you using when it asks you for su, user or root?
Sorry, mine was stupid, not yours. It's saying you are typing the password incorrect, but if you can login as root then I doubt it. Forgive me, I'm still a newb so don't know/remember all the file names and such, but perhaps su can't cross reference with the user/password files? Did you try:
Code:
su root
Maybe it's not recognizing that you're trying to go into root.
Sorry, mine was stupid, not yours. It's saying you are typing the password incorrect, but if you can login as root then I doubt it. Forgive me, I'm still a newb so don't know/remember all the file names and such, but perhaps su can't cross reference with the user/password files? Did you try:
Code:
su root
Maybe it's not recognizing that you're trying to go into root.
No problem. No need to apologies.. I am happy for each idea... Yes i try
Code:
su root
su -root
sudo...etc
Today I've installed Slackware on friend's PC and no problem with su. I've matched conf. It seems same....... Passwd is correct. I tried single letter as password... but no effect
Note that it is suid. If /bin/su is not suid, it will execute just fine, but it will not allow any switching of users.
Also note that this is *not* the default permissions of /bin/su -- I have removed executable permissions from everyone but the root user and members of the wheel group. If that's what you're trying to do, then here's what you want:
This is a very interesting thread.
The wheel group and his power is normally belong to BSD (man su).
Of course we can use wheel group in Slackware too, but it is not support by default:
Code:
Why GNU su does not support the wheel group (by Richard Stallman)
Sometimes a few of the users try to hold total power over
all the rest. For example, in 1984, a few users at the
MIT AI lab decided to seize power by changing the operator
password on the Twenex system and keeping it secret from
everyone else. (I was able to thwart this coup and give
power back to the users by patching the kernel, but I
wouldn't know how to do that in Unix.)
However, occasionally the rulers do tell someone. Under
the usual su mechanism, once someone learns the root pass-
word who sympathizes with the ordinary users, he can tell
the rest. The "wheel group" feature would make this
impossible, and thus cement the power of the rulers.
I'm on the side of the masses, not that of the rulers. If
you are used to supporting the bosses and sysadmins in
whatever they do, you might find this idea strange at
first.
Ok, back to work. I modify in /etc/login.defs the line bellow
Code:
#
# If "yes", the user must be listed as a member of the first gid 0 group
# in /etc/group (called "root" on most Linux systems) to be able to "su"
# to uid 0 accounts. If the group doesn't exist or is empty, no one
# will be able to "su" to uid 0.
#
SU_WHEEL_ONLY no
to
Code:
SU_WHEEL_ONLY yes
If the user belong or not to wheel group the answer is the same:
Code:
$ su
You are not authorized to su root
This will work if we follow the rworkman's way.
But if we turn to pure BSD style and create the /etc/suauth file (without chown & chmod)
Code:
#
# /etc/suauth file
#
# A couple of privileged usernames may
# su to root with their own password.
#
# root:andrew,thomas:OWNPASS
#
# Anyone else may not su to root unless in
# group wheel. This is how BSD does things.
#
root:ALL EXCEPT GROUP wheel:DENY
#
# Perhaps andrew and thomas are accounts
# owned by the same person.
# Access can be arranged between them
# with no password.
#
# andrew:thomas:NOPASS
#
then user can su only he belong to wheel group. If he don't, the answer is:
Code:
$ su
Access to su to that account DENIED.
You are not authorized to su root
And my : this is the right way for Slackware to use wheel group.
@ OP
I don't know what modifications did you do to your system, but this error message
OK, well, I did something wrong, but I cannot for the life of me figure out what it is. This box is used only by me, but I wanted to screw around with the sudo stuff, so I followed all the advice here, and now I can't su, and only sudo certain commands, i.e. I cannot sudo vigr, but I can sudo vi /etc/group. Here is the output of the selected files:
keith@Unimatrix01:~$ sudo cat /etc/sudoers
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
# Host alias specification
# User alias specification
# Cmnd alias specification
# Defaults specification
# Runas alias specification
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
%wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
# Samples
# %users ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users localhost=/sbin/shutdown -h now
Code:
keith@Unimatrix01:~$ su
You are not authorized to su root
Note that it is suid. If /bin/su is not suid, it will execute just fine, but it will not allow any switching of users.
Also note that this is *not* the default permissions of /bin/su -- I have removed executable permissions from everyone but the root user and members of the wheel group. If that's what you're trying to do, then here's what you want:
Code:
# chown root:wheel /bin/su
# chmod 4710 /bin/su
Hello everybody. This solution worked for me. Thanks rworkman.
OK, well, I did something wrong, but I cannot for the life of me figure out what it is. This box is used only by me, but I wanted to screw around with the sudo stuff, so I followed all the advice here, and now I can't su, and only sudo certain commands, i.e. I cannot sudo vigr, but I can sudo vi /etc/group.
As you can run sudo vi you can shell out and change the permissions on /bin/su:
Code:
sudo vi /tmp/test
:!/bin/bash
Should be at a root prompt, then:
Code:
chmod 4711 /bin/su
exit
Should see "Press ENTER or type any command to continue"
Press Enter
then you should be back in vi session for /tmp/test
Code:
:q!
Now you should have /bin/su back for all users.
It's a little less work than rebooting into single user mode
Also raises the question of what commands you allow users to run via sudo...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.