Re: su doesn't work "Authentication failure"
- From: Kevin Buhr <buhr+debian@xxxxxxxxxxx>
- Date: Thu, 31 Jan 2008 12:50:53 -0600
paul <google@xxxxxxxxxx> writes:
It is possible to do 'su someuser' from root but it's not possible to
get back to root then using just 'su' or change from a normal user to
another user account.
[ . . . ]
Jan 31 15:44:18 myserver su[27729]: (pam_unix) authentication failure;
logname= uid=1000 euid=1000 tty=pts/4 ruser=myuser rhost= user=root
The "euid=1000" should read "euid=0": your "su" is running as the
invoking user, so it fails for non-root users. The most likely
explanation is that "/bin/su" doesn't have the setuid flag set, so
that would be the first thing to check. (If the setuid bit *is* set,
the problem may be that your root partition has been mounted with the
"nosuid" mount flag or something.)
If you have a logical explanation for the missing bit, great,
otherwise good security practice would suggest that you give a little
thought before restoring setuid bits on files where it has
mysteriously disappeared. If your version of the "login" package is
the latest official Etch version 1:4.0.18.1-7, then "md5sum /bin/su"
should give:
1381ae1ac77b512258657b096522bb6a /bin/su
If your Etch version matches mine but the md5 doesn't, you might start
to get pretty worried.
--
Kevin Buhr <buhr+debian@xxxxxxxxxxx>
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
- Follow-Ups:
- Re: su doesn't work "Authentication failure"
- From: Kevin Buhr
- Re: su doesn't work "Authentication failure"
- References:
- su doesn't work "Authentication failure"
- From: paul
- su doesn't work "Authentication failure"
- Prev by Date: Re: keyword filtering or bayes, WAS- Re: PUPPIES FOR SALE
- Next by Date: Re: Will using kernel 2.6.24 make my laptop faster?
- Previous by thread: Re: su doesn't work "Authentication failure"
- Next by thread: Re: su doesn't work "Authentication failure"
- Index(es):
Relevant Pages
|
|
