Heya,

After booting up Linux and logging in as lithium, I realised something was wrong. A few minutes later, I discovered my user account had no ID, home dir or login shell. I used KUser (with KDE 3.4.0) and recreated the account. All worked.

Then, I used KUser to change the root login shell to /bin/zsh. Big mistake. KUser destroyed root (or probably me using KUser destroyed root). Anyway, after getting a friend to help me boot from the Slackware 10.1 CD and correct the /etc/passwd file, I could login as root. Now, if I run su as a normal user, even if I provide the correct password, I get a "sorry". If I run su as root, it proceeds to the next line. The permissions for /bin/su are -

User: Read/Write/Execute
Owner: Read/Execute
Group: Read/Execute

setuid
setgid

Owner: root
Group: bin

I've checked /etc/groups and I am a member of wheel. Could it be a problem with root, maybe root isn't members of the groups it is needed to be in? I've tried changing the root password then su'ing to no avail. I've tried everything I can think of and I really don't want to have to reinstall. Your advice would be greatly appreciated.

hrmm my perms for /bin/su are -rws--x--x if that helps
And my local user isn't a member of wheel...just root

I would check the permissions for /etc/passwd and /etc/shadow files also because su depends on this to make check for root, in my system:
Just in case, my root line at /etc/passwd:

Hey,

Thanks for your replies. I've checked the files, and they all match the permissions you describe apart from su. su is -rwx--x--x, but I'm stuck on getting it to -rws--x--x. What's the numeric value of -rws--x--x? I hope that the problem is with getting the permissions correct, but I'm stuck on the -rws--x--x bit.

Update: I was looking in /bin and noticed "sulogin", which links to /sbin/sulogin. The permissions for sulogin in sbin are -rwxr-xr-x. Could this, and the incorrect permissions for su, be causing the problem?

What does -rws--x--x equate to in numerical values, and does it represent setuid or setgid? Your help is appreciated.

Excuse my stupidity!

I've worked out how to, and have set, /bin/su and /sbin/sulogin to -rws--x--x. However, I still can't su. All other files have matching permissions to the permissions you described, however, /sbin/sulogin remains unconfirmed. Could somebody please tell me what the permissions for /sbin/sulogin should be, or if there is anything else I can try to fix this problem?

here's my /sbin/sulogin
-rwxr-xr-x 1 root bin 15608 2004-05-20 20:01 /sbin/sulogin

Here's a little story....at work something went horribly wrong w/ a recursive chown, a user had a link to /. in his dir. Why....no freakin clue....but the sysadmin chown'd his whole dir to that user and then it got loose in / and starting changing ownership in /etc /usr and the like. All that mess made su not work from anywhere, and it was impossible to log in.
Good thing there was another root console open. But the sysadmin went through and fixed some of the perms. And i think he had to make sure the group password and shadow files had the right ownership. Once those were changed he could at least login as root, but su was still broke. He ended up gettin on another machine and going through the dirs and manually chown'ing everything back for a temp fix. The real solution was just to reinstall everything.

So, you might be better off backing important stuff up and doing a reinstall. Especially since you might not exactly know what other things could have changed.

Hey,

Thanks again for your help. I set the /sbin/sulogin file to match that, and still no joy. I was advised, as I use SWareT, to try swaret --reinstall shadow, and I did, yet again to no avail.

I seriously considered reinstalling, but as I downloading a Sunday afternoon's worth of updates, and have no other problems with my system, I don't see why I can't fix this. I think it's probably a permissions problem, but after reading through the su man page I noticed that it talks about /etc/login.defs which in turn has a lot of references to su. Lines like this caught my attention -

The paragraph -

Also grabbed my attention. Especially the /sbin:/bin:/usr/sbin:/usr/bin for the super user bit. The login shell for root is set to /bin/zsh, I'm not really sure if this is wrong (should it be /sbin?).

Also -

What does .profile represent? It isn't present in any of the home dirs, even for root.

Oh, and one final thing, after setting /etc/suauth to bypass password authentication, look what I get -

Surely there has to be a way to fix this. Your help is greatly appreciated.

Those lines in your login.defs look like mine, so that's probably ok.

.profile is usually used with bash. It sets things up when you login.

You could try setting your shell back to bash for root and see if that gets you anywhere.

Can you login as root ok?

Just tried setting the login shell to bash, still no. I can log in and use root no problems, and I tried su'ing to root from root and no errors there. If I do su lithium, su root I get problems. One thing I have read about is that in passwd, the UID number can be a problem. Like mine for example, it is lithium:x:500:100, I read there should be no x there (although every account has an x). Here is my entire passwd file, maybe it is a user account issue with lithium?

The x is where the password normally goes, but the encrypted ones are in the shadow file. So the x is ok.

My user looks like..
buaku:x:1000:100:,,,:/home/buaku:/bin/bash
Not sure what all the ","s mean though.

Have you tried creating another user not using KUser and trying su from that account?

I googled for "Kuser root problem" and it seems at one point Kuser did some odd things to different account.

Hey,

Just created a new user, and still no. However, I can su from root to lithium to the test account to lithium, but not to root. It seems the root account is the problem. Now, shoot me if what I am about to ask is suicide, but -

Can I recreate the root account from inside Linux, or by booting off the CD?

su doesn't seem to be broken, but the root account seems to be having problems. Either I recreate root, or there could be something I need to change (root's groups perhaps?). Thanks for the help so far!

Let me see if I understand this... As root you can su to anyone, and as a user you can su to another user but not root?

Not too sure how you'd recreate root.
I guess you'd have to redo /root and the passwd group, shadow, and group files. Maybe if you reset root's password. You can probably do that by wiping out the string between the first and second colons in the shadow file. That might be dangerous tho, not sure what bad things could happen.

Here's all the groups my root is in
#> groups
root bin daemon sys adm disk wheel floppy

Another thought I had was if you have a shadow- and passwd- file, see how they compare to the real ones. I think the - ones are backups. I have no clue where mine came from though, hehe.

Another idea I had was, what if you use su with the -
su -
instead of just su

Also what happens if you like ssh to your own machine and try to login as root?

I'm not too sure what could be wrong with your su, so I'm just trying to think of things to try that could lend a clue to what's going on.

I guess you could boot off the cd and see what the passwd and group and shadow files look like there. Maybe that will tell you something too.

Hmm,

Here is an example of what I can do with su -

I also tried su - in that, and that didn't work. I'm sure I am typing the password correct by the way. I removed root's password in shadow, ran passwd and changed it. Again, nothing. I do have shadow-, passwd-, group-, gshadow-, and they are all identical. All mine were made right before KUser trashed everything (22:53 yesterday) .

I'm unsure on how to use ssh (I know I disabled the startup script for it), but I'll try. I'm about to boot off the CD now.

Now, I know that it would be easier to reinstall. That root being the problem account is bad, but think about it. root is just like another account, but in a special group and with the UID of 0. Therefore, it can be recreated and it isn't the end so long as you can boot from a CD. Or am I talking rubbish?

I had a similar problem, which was fixed by deleting and recreating my user account (but not the home directory). The problem is, with root, can I simply user KUser to delete and recreate the account? KUser creates fine, just it eats anything you edit. I'll try and recreate root now, wish me luck!

Don't worry about the ssh thing then if you disabled it.
You should be able to use rsh instead.

Yeah your logic sounds right about root just being another account.

Good luck w/ that and let us know how it turns out!.

Worst case you can always reinstall everything.

Great news!

I deleted root in KUser (but not /root), recreated the account with UID 0, matched your groups for root and -

So, after several posts, several curses, several fits of rage, the simplest thing worked! Thanks buaku for your help, and remember that KUser makes accounts, but doesn't edit them!