Solved

su problem

Posted on 2004-10-19
15
1,266 Views
Last Modified: 2013-12-27
Hello ,

The following error is return to me when I try to make a "su - login" on my Solaris :

su: syntax error at line 1 : `(' unexpected

i was able to su yesterday, but now i cant !!
my system is solaris 7.

 help plz.



0
Comment
Question by:sorsolsel
  • 7
  • 3
  • 2
  • +2
15 Comments
 
LVL 12

Expert Comment

by:stefan73
Comment Utility
Hi sorsolsel,
Check that you "su" command is really a command and not an alias or script:

which su

In case this doesn't work, try
/bin/su - login

instead.

Cheers!

Stefan
0
 

Author Comment

by:sorsolsel
Comment Utility
here is the output

$ which su
/usr/bin/su
$ /bin/su
/bin/su: syntax error at line 1: `(' unexpected
$ /sbin/su
/sbin/su: syntax error at line 1: `(' unexpected
 
its not an alias
0
 
LVL 2

Assisted Solution

by:Troxalias
Troxalias earned 40 total points
Comment Utility
It looks like a "hacked" su command. Try
file /usr/bin/su
 and give us the output of this. If it is a shell script then do a
cat /usr/bin/su
and copy-paste the script here to have a look at...
0
 

Author Comment

by:sorsolsel
Comment Utility
i think so
see this output
$ file /usr/bin/su
/usr/bin/su:    data

on other system i have
/usr/bin/su:    ELF 32-bit MSB executable SPARC Version 1, dynamically linked, stripped

the output of vat is as follow
 
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
$ cat /usr/bin/su
ULF☺☻☺☻☻☺☺↓ذ4Bx4 (↨♠4☺4بب♥╘♦☺☺/D/D☺☺/D☻/D↕F▲ك☺☻2|☻2|ك/usr/lib/ld.so.1ù†↔x0`zép1
OXAg2w%q-~'hâ[ &#8735;à94*iFb&#9660;Il(&#9650;&#128;&#132;eY68"_mcG^|@\tnR&#8595;/}TrJ5s]{)ZPk=oSBvCQU#afy!$+3;<&M
&#9472;&#9829;&#9830;&#9786;&#9644;$&#9829;&#9786;&#9644;&#132;&#9829;&#9824;&#9786;&#9644;£&#9829;&#9786;&#9644;&#1584;&#9786;&#8595;&#1584;&#9829;     &#9786;,\&#9829;
&#9786;,¤&#9829;
(( lines ommetted ))
&#8597;&#9829;&#9567;&#9787;0&#1607;&#8597;&#9829;&#9575;&#9787;N(&#9830;§_startSupathshellcallocatoiusernamesetuidshelltyppam_setcred_envir
on_endstrdup_iobpam_authenticate_ex_register_GLOBAL_OFFSET_TABLE_supathsleeptzna
mSulogpathsignalatexitpam_acct_mgmtexitalarmhznamehomedirttynameopenlogmallocuna
mePathgettexttermtyp_inittextdomainfputsttyntimesuprmtpwdpam_set_itemgetuidaudit
_su_bad_authenticationtermpam_endfclose___Argvgetenvstrncataudit_su_init_infolog
name_DYNAMICaudit_su_unknown_failurestrncmpchdirprintf__iobexeclsetgidchownsetlo
caleexecvstrcatstrrchrdefopen_exitaudit_su_bad_username_ex_deregisterenviron__cg
89_usedenvinitgetpwnam_r__cg92_usedputenv__fnonstd_usedfreecloseaudit_su_reset_a
iopenstrcmpfgetshz_edata_PROCEDURE_LINKAGE_TABLE_fopeninitgroupsaudit_su_success
defread__fsr_init_valuestrcpycuserid_etext_lib_versioncloselogmainsyslogpam_star
tstrlenlocaltime__environ_lockgetpassphrasesu_finitzpwdbufpam_getenvlistfprintfC
onsolelibcmd.so.1SUNWprivate_1.1libdl.so.1SUNW_0.7libc.so.1SUNW_1.1libcrypt_i.so
.1libcmd.so.1libbsm.so.1libmp.so.2libsocket.so.1libnsl.so.1libdl.so.1libpam.so.1
libc.so.1&#9786;&#9786;&#9829;&#9579;&#9658;
               N&#9568;q&#9829;&#1593;&#9786;&#9786;&#9829;&#1613;&#9658;
=(ù&#9787;&#9829;&#9632;&#9786;&#9786;&#9830;&#9658;
(( lines ommetted ))

&#128;&#1580;&#9787;&#128;&#9830;&#9786;&#1575;&#9472;&#9786;&#9567;&#1603;&#1573;&#1593;&#9488;&#1576;@&#9829;&#9786;&#9786;&#9824;&#9560;&#9576;&#9829;&#9829;&#1590;&#9787;?&#8319;&#128;&#1580;&#9787;&#128;&#9830;&#9786;&#1575;&#9472;&#9786;&#9567;&#1603;SUNW_OST_OSCMDYESsusu'su
 %s' succeeded for %s on %ssu: Unknown id: %s
'su %s' failed for %s on %ssu: Sorry
'su %s' failed for %s on %ssu: Sorry
su: Invalid GID
su: Invalid UID
/su: No directory! Using home=/
HOME=LOGNAME=HZHZ=TZTZ=SHELL=No directory!
TERMTERM=su: No shell
su: unable to obtain memory to expand environmentsu: unable to obtain memory to
expand environmentaSU %.2d/%.2d %.2d:%.2d %c %s %s-%s


%s '%s' %s
Passwd for userhas expired - use passwd(1) to update it'su %s' failed for %s on
%ssu: Sorry
'su %s' failed for %s on %s&#9787;2|&#9829;00&#9488; &#1613;&#9786;&#9829;<0&#9488; &#8801;&#9786;&#9829;H0&#9488; &#1608;&#9786;&#9829;T0&#9488; &#1605;&#9786;&#9829;`0&#9488; &#1602;&#9786;&#9829;l0&#9488; &#1594;&#9786;&#9829;x0&#9488; &#1591;&#132;&#9829;
0&#9488; &#9616;&#9786;&#9829;0&#9488; &#9608;&#9786;&#9829;£0&#9488; &#9578;&#9786;&#9829;&#1584;0&#9488; &#9554;&#9786;&#9829;&#9508;0&#9488; &#9573;&#9786;&#9829;&#9492;0
(( lines ommetted ))
    &#9658;§o ²&#8319;&#9786;&#9829;&#9787;/H&#9787;&#9829;¶&#8616;&#9786;&#9644;&#1584;&#9786;&#9644;&#9829;$
                                  &#9632;µ< &#9632;&#8729;` &#9632;°&#8801; &#9632;&#8729;`&#9786;(X/usr/bin/shsuHOME=OGNAME=&#9787;@
TERM=SHELL=TZ=HZ=PATH=PATH=&#9787;A@&#9787;AH&#9787;AP&#9787;A\&#9787;Ad&#9787;Al&#9787;At&#9787;A|&#9787;A&#128;&#9787;A&#132;PS1=# root/etc/default/
suSULOG=CONSOLE=PATH=SUPATH=SYSLOG=/usr/bin:/usr/sbin:/usr/bin/dev/???(null)/etc
/default/loginSLEEPTIME=--susuSHELL=HOME=LOGNAME=MAIL=CDPATH=IFS=PATH=TZ=HZ=TERM
=@(#)SunOS 5.7 Generic October 1998.interp.hash.dynsym.dynstr.SUNW_version.rela.
ex_shared.rela.bss.rela.plt.text.init.fini.exception_ranges.rodata.rodata1.got.p
lt.dynamic.ex_shared.data.data1.bss.comment.shstrtab&#9786;&#9786;&#9787;&#9786;&#9560;&#9560;&#9786; &#9787;&#9786;&#1603;&#1603;&#9830;|&#9829;&#9830;&#9830;
(( lines ommetted ))
&#9830;&#1586;&#9786;&#9829;&#9787;@@·&#9830;&#9829;&#9787;AA
                 &#9570;&#9786;Aè$&#9786;&#9488;&#9829;A«&#9556;&#9786;$
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>.>>

note that this file contains alot of lines that doesnt a normal strings, i just omit them to shorten the field

can you help me solving and tracking this problem  
 


0
 
LVL 2

Expert Comment

by:Troxalias
Comment Utility
Have you installed anything that might have changed your su binary ?
I am almost sure that the su binary you have is not the original version of your OS. Maybe somebody hacked your system or (even probably) an installation you made
replaced your su binary with another one, not compatible with your platform!
0
 

Author Comment

by:sorsolsel
Comment Utility
no i did not install anything
any added help ??
0
 
LVL 12

Expert Comment

by:stefan73
Comment Utility
That's weird. Your system is Solaris, right? All executables there should be ELF32 or ELF64. Their binaries should start with
od -x -c /bin/su | head -
0000000 7f45 4c46 0102 0100 0000 0000 0000 0000
        177   E   L   F 001 002 001  \0  \0  \0  \0  \0  \0  \0  \0  \0

...so it seems someone put a bad binary on your system.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:sorsolsel
Comment Utility
i just replaced the su file with other one from other solaris 7 OS, then i tried to su, this time i have received a password prompt.  

$ su username
Password:

but after i fill the password, the server return with sorry, while im sure the password is correct.

su username
Password:
su: Sorry
$

whats going on !??!
0
 

Author Comment

by:sorsolsel
Comment Utility
this may help

i loged in on the consol by the root user account and type   #su normaluser   this command runs successfully since there is no password prompt,
but if i repeat to su from one normal user to other i have to go through password prompt and then this fails again.

your assistent highly appreciated.

0
 

Author Comment

by:sorsolsel
Comment Utility
any additional help ...?
0
 

Author Comment

by:sorsolsel
Comment Utility
i found that only the root can use the su, other users fail

any help please it seems turned to urgent  
0
 

Accepted Solution

by:
palima earned 110 total points
Comment Utility
what is the permission of the su and login files under /etc/bin ??
you must care of this.
submit it here.
0
 
LVL 18

Expert Comment

by:liddler
Comment Utility
You need to set the SUID bit on su
chmod +s /usr/bin/su
chown root sys /usr/bin/su (if not already)
so
ls -l /usr/bin/su
should look like:
-r-sr-xr-x   1 root     sys        21576 Dec 20  2003 /usr/bin/su

0
 

Expert Comment

by:palima
Comment Utility
palima : thank you

i had change the permission during file transfer, this is the problem

i fixed that and i can use su now, but what about the attack .. ill switch it to other question.
 
thanks for all
0
 

Expert Comment

by:palima
Comment Utility
liddler: thank you too
i compare it with other system and did that exactly
thanks again
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now