Solved

Suse 9.1 Pro su password stopped working

Posted on 2004-10-19
7
674 Views
Last Modified: 2008-02-01
Just installed the system and su password worked the first few times and then just stopped working.  I can login as root and password works, but su password doesn't work under another user.

This has occurred on two different systems and both are 9.1 Pro.  Any ideas how I can fix this - I'm relatively new to linux.

I appreciate the help.
0
Comment
Question by:neundorf
7 Comments
 
LVL 6

Expert Comment

by:de2Zotjes
ID: 12361259
su password ? I don't quite understand why you would do that. you normally type "su" or "su -" and then you are prompted for the root password.
The second argument to su is the username you want to become.
0
 

Author Comment

by:neundorf
ID: 12361863
Thanks for responding - I did not explain myself very well.  The root password does not work when entering the root password after 'su' in a terminal window.  I get a 'incorrect password' message.  I can log into root with the same password without any issues.

The problem is trying to get 'su' to work in terminal window when logged in as another user - the rott password under 'su' doesn't work.

It isn't the sticky bit causing the problem either.  It's not a keyboard issue either.  The password is being typed correctly.

I'm stumped so far.
0
 
LVL 2

Expert Comment

by:mmartha
ID: 12362045
In FreeBSD you must add the users to the "wheel" group in order to allow them to access the su function (they can execute it, but doesn't recognize them as root even if they input the correct password)... even though Linux != FreeBSD... just a thought :P hehe sorry if I'm disturbing here :S


MMarts
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 6

Expert Comment

by:de2Zotjes
ID: 12362182
su uses pam to hanble passwords and stuff. Check the file /etc/pam.d/su for weirdness.

I am not running any suse machines so I do not have a sample of a suse box but on my Gentoo it reads as follows: (users in group wheel can su from any terminal)

auth       sufficient   /lib/security/pam_rootok.so
# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth       required     /lib/security/pam_wheel.so use_uid
auth       required     /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_xauth.so
0
 
LVL 2

Expert Comment

by:ITG-SSNA
ID: 12364436
Is the sticky bit set on SU?

[root@charlene log]# ls -lF /bin/su
-rwsr-xr-x    1 root     root        19132 Oct 19  2004 /bin/su*

The 's' in the permissions is for the sticky bit. This means that the command is run with the privileges from the user owning the command, not the privileges of the user executing the command. Change the settings of the sticky bit with chmod.

0
 
LVL 6

Accepted Solution

by:
de2Zotjes earned 500 total points
ID: 12367342
Please refer to the setuid-bit as the setuid-bit. The sticky bit is an entirely different beast and its function is not related to changing userid's.

But even worse, the guy who asked the question allready said that it isn't the "sticky" bit. Read the comments first...
0
 
LVL 2

Expert Comment

by:ITG-SSNA
ID: 12371977
Touchy! Why are you worried so much about me instead of him?

Regardless, it's what fixed my problem like this in the past, if that's not the problem, then you likely have one of a few things.
You aren't in the SU ables file, you can modify the user account properties with some of the onboard tools, and set to allow SU. There is also a config file called 'suable' in some cases.

Please post the output of this command if you haven't fixed it yet:

tail -f /var/log/messages

Then in another terminal window try to su, and watch the logs.

Thanks

~KB
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question