Solved

Cannot su root!

Posted on 2007-03-26
8
856 Views
Last Modified: 2013-12-04
I had another question/problem posted earlier after I accidentally did chmod -R 660 / instead of for the one directory I was dealing with.

What I ended up doing was using getacl on a clean installation and setacl back on the original box. This seems to have cleared up some problems but now I have at least one new one:

I cannot su to root! I get = incorrect password. The password is correct b/c I can login as root with it. Here is what I have done so far:

a) userdel -r myuser

b) useradd myuser

c) googled around and saw add user to wheel and root

d) still cannot!


Thanks for any help!

0
Comment
Question by:techwhore
8 Comments
 
LVL 12

Expert Comment

by:ibu1
ID: 18791462
Try su -
0
 
LVL 9

Expert Comment

by:kfullarton
ID: 18792230
It probably has something to do with /etc/pam.d/su.  Depending on what is configured there will determine what's required for an account to be able to su.
0
 
LVL 4

Expert Comment

by:mjutras
ID: 18792312
You should use sudo <command> instead of su because its more secure but if you need to log as root check that your distrib allow you! kubuntu generally doesnt allow su but you can fix it with those following commands:

sudo su -
passwd
0
 

Author Comment

by:techwhore
ID: 18793553
No luck with su - either!

I got "Sorry, sudo must be setuid root" I googled this error and fixed it by chmod 4111 on sudo and that got rid of the error but cannot su - still rejects root password.

Guys keep in mind this is a problem resulting from chmoding the whole system to 660 then trying to repair it with setacl with a dump from a clean system.... obviously I screwed something up with permissions. Could su root before no problem. Thanks!


0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 9

Expert Comment

by:kfullarton
ID: 18793844
What distribution is this?  On RedHat and the like, check permissions on /etc/pam.d/su, should be 644......can you also post the contents here?
0
 

Author Comment

by:techwhore
ID: 18793892
So digging a bit deeper I see that SUID/SGID have been replaced by my setacl... Does anyone have a suggestion how I can set these back to the way they should be? Thanks!
0
 
LVL 11

Expert Comment

by:kblack05
ID: 18801035
Also check the contents of the file /etc/sudoers:

[root@server1 ~]# cat /etc/sudoers
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

[root@server1 ~]#


Be sure that users and root are in there which need access.
0
 
LVL 1

Accepted Solution

by:
crovaxy earned 500 total points
ID: 18822219
Is /bin/su with 4755 permissions? (or 4111).
/bin/su does not complain about the setuid bit as sudo does. try fixing it with: chmod 4755 /bin/su
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 10 4 39
linux copy files from usb to folder on system 14 58
AD LDAP LDS 3 47
add some character at the end of line in vi 7 59
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now