Solved

su problem

Posted on 2004-10-19
15
1,273 Views
Last Modified: 2013-12-27
Hello ,

The following error is return to me when I try to make a "su - login" on my Solaris :

su: syntax error at line 1 : `(' unexpected

i was able to su yesterday, but now i cant !!
my system is solaris 7.

 help plz.



0
Comment
Question by:sorsolsel
  • 7
  • 3
  • 2
  • +2
15 Comments
 
LVL 12

Expert Comment

by:stefan73
ID: 12345272
Hi sorsolsel,
Check that you "su" command is really a command and not an alias or script:

which su

In case this doesn't work, try
/bin/su - login

instead.

Cheers!

Stefan
0
 

Author Comment

by:sorsolsel
ID: 12345362
here is the output

$ which su
/usr/bin/su
$ /bin/su
/bin/su: syntax error at line 1: `(' unexpected
$ /sbin/su
/sbin/su: syntax error at line 1: `(' unexpected
 
its not an alias
0
 
LVL 2

Assisted Solution

by:Troxalias
Troxalias earned 40 total points
ID: 12345398
It looks like a "hacked" su command. Try
file /usr/bin/su
 and give us the output of this. If it is a shell script then do a
cat /usr/bin/su
and copy-paste the script here to have a look at...
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 

Author Comment

by:sorsolsel
ID: 12345637
i think so
see this output
$ file /usr/bin/su
/usr/bin/su:    data

on other system i have
/usr/bin/su:    ELF 32-bit MSB executable SPARC Version 1, dynamically linked, stripped

the output of vat is as follow
 
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
$ cat /usr/bin/su
ULF☺☻☺☻☻☺☺↓ذ4Bx4 (↨♠4☺4بب♥╘♦☺☺/D/D☺☺/D☻/D↕F▲ك☺☻2|☻2|ك/usr/lib/ld.so.1ù†↔x0`zép1
OXAg2w%q-~'hâ[ &#8735;à94*iFb&#9660;Il(&#9650;&#128;&#132;eY68"_mcG^|@\tnR&#8595;/}TrJ5s]{)ZPk=oSBvCQU#afy!$+3;<&M
&#9472;&#9829;&#9830;&#9786;&#9644;$&#9829;&#9786;&#9644;&#132;&#9829;&#9824;&#9786;&#9644;£&#9829;&#9786;&#9644;&#1584;&#9786;&#8595;&#1584;&#9829;     &#9786;,\&#9829;
&#9786;,¤&#9829;
(( lines ommetted ))
&#8597;&#9829;&#9567;&#9787;0&#1607;&#8597;&#9829;&#9575;&#9787;N(&#9830;§_startSupathshellcallocatoiusernamesetuidshelltyppam_setcred_envir
on_endstrdup_iobpam_authenticate_ex_register_GLOBAL_OFFSET_TABLE_supathsleeptzna
mSulogpathsignalatexitpam_acct_mgmtexitalarmhznamehomedirttynameopenlogmallocuna
mePathgettexttermtyp_inittextdomainfputsttyntimesuprmtpwdpam_set_itemgetuidaudit
_su_bad_authenticationtermpam_endfclose___Argvgetenvstrncataudit_su_init_infolog
name_DYNAMICaudit_su_unknown_failurestrncmpchdirprintf__iobexeclsetgidchownsetlo
caleexecvstrcatstrrchrdefopen_exitaudit_su_bad_username_ex_deregisterenviron__cg
89_usedenvinitgetpwnam_r__cg92_usedputenv__fnonstd_usedfreecloseaudit_su_reset_a
iopenstrcmpfgetshz_edata_PROCEDURE_LINKAGE_TABLE_fopeninitgroupsaudit_su_success
defread__fsr_init_valuestrcpycuserid_etext_lib_versioncloselogmainsyslogpam_star
tstrlenlocaltime__environ_lockgetpassphrasesu_finitzpwdbufpam_getenvlistfprintfC
onsolelibcmd.so.1SUNWprivate_1.1libdl.so.1SUNW_0.7libc.so.1SUNW_1.1libcrypt_i.so
.1libcmd.so.1libbsm.so.1libmp.so.2libsocket.so.1libnsl.so.1libdl.so.1libpam.so.1
libc.so.1&#9786;&#9786;&#9829;&#9579;&#9658;
               N&#9568;q&#9829;&#1593;&#9786;&#9786;&#9829;&#1613;&#9658;
=(ù&#9787;&#9829;&#9632;&#9786;&#9786;&#9830;&#9658;
(( lines ommetted ))

&#128;&#1580;&#9787;&#128;&#9830;&#9786;&#1575;&#9472;&#9786;&#9567;&#1603;&#1573;&#1593;&#9488;&#1576;@&#9829;&#9786;&#9786;&#9824;&#9560;&#9576;&#9829;&#9829;&#1590;&#9787;?&#8319;&#128;&#1580;&#9787;&#128;&#9830;&#9786;&#1575;&#9472;&#9786;&#9567;&#1603;SUNW_OST_OSCMDYESsusu'su
 %s' succeeded for %s on %ssu: Unknown id: %s
'su %s' failed for %s on %ssu: Sorry
'su %s' failed for %s on %ssu: Sorry
su: Invalid GID
su: Invalid UID
/su: No directory! Using home=/
HOME=LOGNAME=HZHZ=TZTZ=SHELL=No directory!
TERMTERM=su: No shell
su: unable to obtain memory to expand environmentsu: unable to obtain memory to
expand environmentaSU %.2d/%.2d %.2d:%.2d %c %s %s-%s


%s '%s' %s
Passwd for userhas expired - use passwd(1) to update it'su %s' failed for %s on
%ssu: Sorry
'su %s' failed for %s on %s&#9787;2|&#9829;00&#9488; &#1613;&#9786;&#9829;<0&#9488; &#8801;&#9786;&#9829;H0&#9488; &#1608;&#9786;&#9829;T0&#9488; &#1605;&#9786;&#9829;`0&#9488; &#1602;&#9786;&#9829;l0&#9488; &#1594;&#9786;&#9829;x0&#9488; &#1591;&#132;&#9829;
0&#9488; &#9616;&#9786;&#9829;0&#9488; &#9608;&#9786;&#9829;£0&#9488; &#9578;&#9786;&#9829;&#1584;0&#9488; &#9554;&#9786;&#9829;&#9508;0&#9488; &#9573;&#9786;&#9829;&#9492;0
(( lines ommetted ))
    &#9658;§o ²&#8319;&#9786;&#9829;&#9787;/H&#9787;&#9829;¶&#8616;&#9786;&#9644;&#1584;&#9786;&#9644;&#9829;$
                                  &#9632;µ< &#9632;&#8729;` &#9632;°&#8801; &#9632;&#8729;`&#9786;(X/usr/bin/shsuHOME=OGNAME=&#9787;@
TERM=SHELL=TZ=HZ=PATH=PATH=&#9787;A@&#9787;AH&#9787;AP&#9787;A\&#9787;Ad&#9787;Al&#9787;At&#9787;A|&#9787;A&#128;&#9787;A&#132;PS1=# root/etc/default/
suSULOG=CONSOLE=PATH=SUPATH=SYSLOG=/usr/bin:/usr/sbin:/usr/bin/dev/???(null)/etc
/default/loginSLEEPTIME=--susuSHELL=HOME=LOGNAME=MAIL=CDPATH=IFS=PATH=TZ=HZ=TERM
=@(#)SunOS 5.7 Generic October 1998.interp.hash.dynsym.dynstr.SUNW_version.rela.
ex_shared.rela.bss.rela.plt.text.init.fini.exception_ranges.rodata.rodata1.got.p
lt.dynamic.ex_shared.data.data1.bss.comment.shstrtab&#9786;&#9786;&#9787;&#9786;&#9560;&#9560;&#9786; &#9787;&#9786;&#1603;&#1603;&#9830;|&#9829;&#9830;&#9830;
(( lines ommetted ))
&#9830;&#1586;&#9786;&#9829;&#9787;@@·&#9830;&#9829;&#9787;AA
                 &#9570;&#9786;Aè$&#9786;&#9488;&#9829;A«&#9556;&#9786;$
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>.>>

note that this file contains alot of lines that doesnt a normal strings, i just omit them to shorten the field

can you help me solving and tracking this problem  
 


0
 
LVL 2

Expert Comment

by:Troxalias
ID: 12345698
Have you installed anything that might have changed your su binary ?
I am almost sure that the su binary you have is not the original version of your OS. Maybe somebody hacked your system or (even probably) an installation you made
replaced your su binary with another one, not compatible with your platform!
0
 

Author Comment

by:sorsolsel
ID: 12345871
no i did not install anything
any added help ??
0
 
LVL 12

Expert Comment

by:stefan73
ID: 12346021
That's weird. Your system is Solaris, right? All executables there should be ELF32 or ELF64. Their binaries should start with
od -x -c /bin/su | head -
0000000 7f45 4c46 0102 0100 0000 0000 0000 0000
        177   E   L   F 001 002 001  \0  \0  \0  \0  \0  \0  \0  \0  \0

...so it seems someone put a bad binary on your system.
0
 

Author Comment

by:sorsolsel
ID: 12346060
i just replaced the su file with other one from other solaris 7 OS, then i tried to su, this time i have received a password prompt.  

$ su username
Password:

but after i fill the password, the server return with sorry, while im sure the password is correct.

su username
Password:
su: Sorry
$

whats going on !??!
0
 

Author Comment

by:sorsolsel
ID: 12346370
this may help

i loged in on the consol by the root user account and type   #su normaluser   this command runs successfully since there is no password prompt,
but if i repeat to su from one normal user to other i have to go through password prompt and then this fails again.

your assistent highly appreciated.

0
 

Author Comment

by:sorsolsel
ID: 12355367
any additional help ...?
0
 

Author Comment

by:sorsolsel
ID: 12355686
i found that only the root can use the su, other users fail

any help please it seems turned to urgent  
0
 

Accepted Solution

by:
palima earned 110 total points
ID: 12355741
what is the permission of the su and login files under /etc/bin ??
you must care of this.
submit it here.
0
 
LVL 18

Expert Comment

by:liddler
ID: 12355940
You need to set the SUID bit on su
chmod +s /usr/bin/su
chown root sys /usr/bin/su (if not already)
so
ls -l /usr/bin/su
should look like:
-r-sr-xr-x   1 root     sys        21576 Dec 20  2003 /usr/bin/su

0
 

Expert Comment

by:palima
ID: 12356271
palima : thank you

i had change the permission during file transfer, this is the problem

i fixed that and i can use su now, but what about the attack .. ill switch it to other question.
 
thanks for all
0
 

Expert Comment

by:palima
ID: 12356291
liddler: thank you too
i compare it with other system and did that exactly
thanks again
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question