Re: FC6(working 'su -') vs Centos5(failing 'su -')
- From: Justin W <jlist@xxxxxxxxxx>
- Date: Sun, 03 Jun 2007 12:29:39 -0500
Justin W wrote:
I've just started the process of virtualizing some of my servers into one machine. Right now I've been running Fedora releases for my home server, but keeping up with release cycles are too hard to do, especially when they usually coincide with me being in school. I successfully got Centos to run within Fedora using Xen, but now I'm having problems with logging in.I solved my problem. I started changing my root password to see if I could notice any particular logs coming up that would indicate a failure anywhere. Lo-and-behold, I was able to log in from my user in SSH! I could not see why I would be able to log in with one password and not the other, so I started doing password resetting tests to see if I could possibly find a bug somewhere (I doubted it, but I was curious anyway). As I was changing root's password for another test, I accidentally didn't run passwd before entering the password and I then noticed that the square brackets ('[' and ']') aren't being read by the virt-manager terminal. My problem had been solved! My password involved one of the square brackets (in my mind), but the terminal had never seen them when I entered the password, so to it, the characters never existed.
First, root access is allowed directly when I use virt-manager to access the xvc0 console. If I `su -' to my user (justin) and then `su -' again to root, I am prompted for the password, and once entered, I'm root again.
If I try the same technique when logging into the system as justin through ssh, I'm not allowed to `su -' to root. When I enter the password, I am returned with a "incorrect password" message. I know that the password being entered is correct. Following is the only logs I could find regarding my failed attempt to su to root (from /var/log/secure and /var/log/audit/audit.log)
May 31 15:04:24 zeus su: pam_unix(su-l:auth): authentication
failure; logname=justin uid=1000 euid=0 tty=pts/0 ruser=justin
rhost= user=root
type=USER_AUTH msg=audit(1180641866.633:212): user pid=2570 uid=1000
auid=1000 subj=user_u:system_r:unconfined_t:s0 msg='PAM:
authentication acct=root : exe="/bin/su" (hostname=?, addr=?,
terminal=pts/0 res=failed)'
I started digging through PAM to see if I could find anything there that would be blocking me. I've compared /etc/pam.d/{su,su-l,system-auth} on my Centos system to my Fedora 6 system and they match each other. I also tried adding pts/0 to /etc/securetty (though I didn't think it would help), and still I got nothing.
I've been thinking that I must be restricted in someway based on which terminal I'm logging into, but I can't find any restrictions. If you need any more information, I'll be happy to provide logs or configuration files (I just don't know what is needed).
Thanks
Justin W
'su -'-ing to my user and then back up to root again worked in the virt-manager terminal because the square brackets were never entered as far as 'su' was concerned, so it matched the stored password. PuTTY on the other hand does send the square brackets across the line, so (unknowingly) "invalid" characters were being put in to my password.
Justin W
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
- References:
- FC6(working 'su -') vs Centos5(failing 'su -')
- From: Justin W
- FC6(working 'su -') vs Centos5(failing 'su -')
- Prev by Date: Re: FC4 and Assembly Language Program
- Next by Date: Re: Upgrading mail/webserver with 512mb of ram
- Previous by thread: Re: FC6(working 'su -') vs Centos5(failing 'su -')
- Next by thread: network question
- Index(es):
Relevant Pages
|
