?
Solved

Suse 9.1 Pro su password stopped working

Posted on 2004-10-19
7
Medium Priority
?
693 Views
Last Modified: 2008-02-01
Just installed the system and su password worked the first few times and then just stopped working.  I can login as root and password works, but su password doesn't work under another user.

This has occurred on two different systems and both are 9.1 Pro.  Any ideas how I can fix this - I'm relatively new to linux.

I appreciate the help.
0
Comment
Question by:neundorf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 6

Expert Comment

by:de2Zotjes
ID: 12361259
su password ? I don't quite understand why you would do that. you normally type "su" or "su -" and then you are prompted for the root password.
The second argument to su is the username you want to become.
0
 

Author Comment

by:neundorf
ID: 12361863
Thanks for responding - I did not explain myself very well.  The root password does not work when entering the root password after 'su' in a terminal window.  I get a 'incorrect password' message.  I can log into root with the same password without any issues.

The problem is trying to get 'su' to work in terminal window when logged in as another user - the rott password under 'su' doesn't work.

It isn't the sticky bit causing the problem either.  It's not a keyboard issue either.  The password is being typed correctly.

I'm stumped so far.
0
 
LVL 2

Expert Comment

by:mmartha
ID: 12362045
In FreeBSD you must add the users to the "wheel" group in order to allow them to access the su function (they can execute it, but doesn't recognize them as root even if they input the correct password)... even though Linux != FreeBSD... just a thought :P hehe sorry if I'm disturbing here :S


MMarts
0
WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

 
LVL 6

Expert Comment

by:de2Zotjes
ID: 12362182
su uses pam to hanble passwords and stuff. Check the file /etc/pam.d/su for weirdness.

I am not running any suse machines so I do not have a sample of a suse box but on my Gentoo it reads as follows: (users in group wheel can su from any terminal)

auth       sufficient   /lib/security/pam_rootok.so
# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth       required     /lib/security/pam_wheel.so use_uid
auth       required     /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_xauth.so
0
 
LVL 2

Expert Comment

by:ITG-SSNA
ID: 12364436
Is the sticky bit set on SU?

[root@charlene log]# ls -lF /bin/su
-rwsr-xr-x    1 root     root        19132 Oct 19  2004 /bin/su*

The 's' in the permissions is for the sticky bit. This means that the command is run with the privileges from the user owning the command, not the privileges of the user executing the command. Change the settings of the sticky bit with chmod.

0
 
LVL 6

Accepted Solution

by:
de2Zotjes earned 1500 total points
ID: 12367342
Please refer to the setuid-bit as the setuid-bit. The sticky bit is an entirely different beast and its function is not related to changing userid's.

But even worse, the guy who asked the question allready said that it isn't the "sticky" bit. Read the comments first...
0
 
LVL 2

Expert Comment

by:ITG-SSNA
ID: 12371977
Touchy! Why are you worried so much about me instead of him?

Regardless, it's what fixed my problem like this in the past, if that's not the problem, then you likely have one of a few things.
You aren't in the SU ables file, you can modify the user account properties with some of the onboard tools, and set to allow SU. There is also a config file called 'suable' in some cases.

Please post the output of this command if you haven't fixed it yet:

tail -f /var/log/messages

Then in another terminal window try to su, and watch the logs.

Thanks

~KB
0

Featured Post

Certified OpenStack Administrator Course

We just refreshed our COA course based on the Newton exam.  With 14 labs, this course goes over the different OpenStack services that are part of the certification: Dashboard, Identity Service, Image Service, Networking, Compute, Object Storage, Block Storage, and Orchestration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question