Solved

Suse 9.1 Pro su password stopped working

Posted on 2004-10-19
7
677 Views
Last Modified: 2008-02-01
Just installed the system and su password worked the first few times and then just stopped working.  I can login as root and password works, but su password doesn't work under another user.

This has occurred on two different systems and both are 9.1 Pro.  Any ideas how I can fix this - I'm relatively new to linux.

I appreciate the help.
0
Comment
Question by:neundorf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 6

Expert Comment

by:de2Zotjes
ID: 12361259
su password ? I don't quite understand why you would do that. you normally type "su" or "su -" and then you are prompted for the root password.
The second argument to su is the username you want to become.
0
 

Author Comment

by:neundorf
ID: 12361863
Thanks for responding - I did not explain myself very well.  The root password does not work when entering the root password after 'su' in a terminal window.  I get a 'incorrect password' message.  I can log into root with the same password without any issues.

The problem is trying to get 'su' to work in terminal window when logged in as another user - the rott password under 'su' doesn't work.

It isn't the sticky bit causing the problem either.  It's not a keyboard issue either.  The password is being typed correctly.

I'm stumped so far.
0
 
LVL 2

Expert Comment

by:mmartha
ID: 12362045
In FreeBSD you must add the users to the "wheel" group in order to allow them to access the su function (they can execute it, but doesn't recognize them as root even if they input the correct password)... even though Linux != FreeBSD... just a thought :P hehe sorry if I'm disturbing here :S


MMarts
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 6

Expert Comment

by:de2Zotjes
ID: 12362182
su uses pam to hanble passwords and stuff. Check the file /etc/pam.d/su for weirdness.

I am not running any suse machines so I do not have a sample of a suse box but on my Gentoo it reads as follows: (users in group wheel can su from any terminal)

auth       sufficient   /lib/security/pam_rootok.so
# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth       required     /lib/security/pam_wheel.so use_uid
auth       required     /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_xauth.so
0
 
LVL 2

Expert Comment

by:ITG-SSNA
ID: 12364436
Is the sticky bit set on SU?

[root@charlene log]# ls -lF /bin/su
-rwsr-xr-x    1 root     root        19132 Oct 19  2004 /bin/su*

The 's' in the permissions is for the sticky bit. This means that the command is run with the privileges from the user owning the command, not the privileges of the user executing the command. Change the settings of the sticky bit with chmod.

0
 
LVL 6

Accepted Solution

by:
de2Zotjes earned 500 total points
ID: 12367342
Please refer to the setuid-bit as the setuid-bit. The sticky bit is an entirely different beast and its function is not related to changing userid's.

But even worse, the guy who asked the question allready said that it isn't the "sticky" bit. Read the comments first...
0
 
LVL 2

Expert Comment

by:ITG-SSNA
ID: 12371977
Touchy! Why are you worried so much about me instead of him?

Regardless, it's what fixed my problem like this in the past, if that's not the problem, then you likely have one of a few things.
You aren't in the SU ables file, you can modify the user account properties with some of the onboard tools, and set to allow SU. There is also a config file called 'suable' in some cases.

Please post the output of this command if you haven't fixed it yet:

tail -f /var/log/messages

Then in another terminal window try to su, and watch the logs.

Thanks

~KB
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Fine Tune your automatic Updates for Ubuntu / Debian
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question