Solved

Cannot su root!

Posted on 2007-03-26
8
862 Views
Last Modified: 2013-12-04
I had another question/problem posted earlier after I accidentally did chmod -R 660 / instead of for the one directory I was dealing with.

What I ended up doing was using getacl on a clean installation and setacl back on the original box. This seems to have cleared up some problems but now I have at least one new one:

I cannot su to root! I get = incorrect password. The password is correct b/c I can login as root with it. Here is what I have done so far:

a) userdel -r myuser

b) useradd myuser

c) googled around and saw add user to wheel and root

d) still cannot!


Thanks for any help!

0
Comment
Question by:techwhore
8 Comments
 
LVL 12

Expert Comment

by:ibu1
ID: 18791462
Try su -
0
 
LVL 9

Expert Comment

by:kfullarton
ID: 18792230
It probably has something to do with /etc/pam.d/su.  Depending on what is configured there will determine what's required for an account to be able to su.
0
 
LVL 4

Expert Comment

by:mjutras
ID: 18792312
You should use sudo <command> instead of su because its more secure but if you need to log as root check that your distrib allow you! kubuntu generally doesnt allow su but you can fix it with those following commands:

sudo su -
passwd
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:techwhore
ID: 18793553
No luck with su - either!

I got "Sorry, sudo must be setuid root" I googled this error and fixed it by chmod 4111 on sudo and that got rid of the error but cannot su - still rejects root password.

Guys keep in mind this is a problem resulting from chmoding the whole system to 660 then trying to repair it with setacl with a dump from a clean system.... obviously I screwed something up with permissions. Could su root before no problem. Thanks!


0
 
LVL 9

Expert Comment

by:kfullarton
ID: 18793844
What distribution is this?  On RedHat and the like, check permissions on /etc/pam.d/su, should be 644......can you also post the contents here?
0
 

Author Comment

by:techwhore
ID: 18793892
So digging a bit deeper I see that SUID/SGID have been replaced by my setacl... Does anyone have a suggestion how I can set these back to the way they should be? Thanks!
0
 
LVL 11

Expert Comment

by:kblack05
ID: 18801035
Also check the contents of the file /etc/sudoers:

[root@server1 ~]# cat /etc/sudoers
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

[root@server1 ~]#


Be sure that users and root are in there which need access.
0
 
LVL 1

Accepted Solution

by:
crovaxy earned 500 total points
ID: 18822219
Is /bin/su with 4755 permissions? (or 4111).
/bin/su does not complain about the setuid bit as sudo does. try fixing it with: chmod 4755 /bin/su
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question