Solved

Suse 9.1 Pro su password stopped working

Posted on 2004-10-19
7
673 Views
Last Modified: 2008-02-01
Just installed the system and su password worked the first few times and then just stopped working.  I can login as root and password works, but su password doesn't work under another user.

This has occurred on two different systems and both are 9.1 Pro.  Any ideas how I can fix this - I'm relatively new to linux.

I appreciate the help.
0
Comment
Question by:neundorf
7 Comments
 
LVL 6

Expert Comment

by:de2Zotjes
ID: 12361259
su password ? I don't quite understand why you would do that. you normally type "su" or "su -" and then you are prompted for the root password.
The second argument to su is the username you want to become.
0
 

Author Comment

by:neundorf
ID: 12361863
Thanks for responding - I did not explain myself very well.  The root password does not work when entering the root password after 'su' in a terminal window.  I get a 'incorrect password' message.  I can log into root with the same password without any issues.

The problem is trying to get 'su' to work in terminal window when logged in as another user - the rott password under 'su' doesn't work.

It isn't the sticky bit causing the problem either.  It's not a keyboard issue either.  The password is being typed correctly.

I'm stumped so far.
0
 
LVL 2

Expert Comment

by:mmartha
ID: 12362045
In FreeBSD you must add the users to the "wheel" group in order to allow them to access the su function (they can execute it, but doesn't recognize them as root even if they input the correct password)... even though Linux != FreeBSD... just a thought :P hehe sorry if I'm disturbing here :S


MMarts
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 6

Expert Comment

by:de2Zotjes
ID: 12362182
su uses pam to hanble passwords and stuff. Check the file /etc/pam.d/su for weirdness.

I am not running any suse machines so I do not have a sample of a suse box but on my Gentoo it reads as follows: (users in group wheel can su from any terminal)

auth       sufficient   /lib/security/pam_rootok.so
# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth       required     /lib/security/pam_wheel.so use_uid
auth       required     /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_xauth.so
0
 
LVL 2

Expert Comment

by:ITG-SSNA
ID: 12364436
Is the sticky bit set on SU?

[root@charlene log]# ls -lF /bin/su
-rwsr-xr-x    1 root     root        19132 Oct 19  2004 /bin/su*

The 's' in the permissions is for the sticky bit. This means that the command is run with the privileges from the user owning the command, not the privileges of the user executing the command. Change the settings of the sticky bit with chmod.

0
 
LVL 6

Accepted Solution

by:
de2Zotjes earned 500 total points
ID: 12367342
Please refer to the setuid-bit as the setuid-bit. The sticky bit is an entirely different beast and its function is not related to changing userid's.

But even worse, the guy who asked the question allready said that it isn't the "sticky" bit. Read the comments first...
0
 
LVL 2

Expert Comment

by:ITG-SSNA
ID: 12371977
Touchy! Why are you worried so much about me instead of him?

Regardless, it's what fixed my problem like this in the past, if that's not the problem, then you likely have one of a few things.
You aren't in the SU ables file, you can modify the user account properties with some of the onboard tools, and set to allow SU. There is also a config file called 'suable' in some cases.

Please post the output of this command if you haven't fixed it yet:

tail -f /var/log/messages

Then in another terminal window try to su, and watch the logs.

Thanks

~KB
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now