Solved

Cannot su root!

Posted on 2007-03-26
8
867 Views
Last Modified: 2013-12-04
I had another question/problem posted earlier after I accidentally did chmod -R 660 / instead of for the one directory I was dealing with.

What I ended up doing was using getacl on a clean installation and setacl back on the original box. This seems to have cleared up some problems but now I have at least one new one:

I cannot su to root! I get = incorrect password. The password is correct b/c I can login as root with it. Here is what I have done so far:

a) userdel -r myuser

b) useradd myuser

c) googled around and saw add user to wheel and root

d) still cannot!


Thanks for any help!

0
Comment
Question by:techwhore
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 12

Expert Comment

by:ibu1
ID: 18791462
Try su -
0
 
LVL 9

Expert Comment

by:kfullarton
ID: 18792230
It probably has something to do with /etc/pam.d/su.  Depending on what is configured there will determine what's required for an account to be able to su.
0
 
LVL 4

Expert Comment

by:mjutras
ID: 18792312
You should use sudo <command> instead of su because its more secure but if you need to log as root check that your distrib allow you! kubuntu generally doesnt allow su but you can fix it with those following commands:

sudo su -
passwd
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Comment

by:techwhore
ID: 18793553
No luck with su - either!

I got "Sorry, sudo must be setuid root" I googled this error and fixed it by chmod 4111 on sudo and that got rid of the error but cannot su - still rejects root password.

Guys keep in mind this is a problem resulting from chmoding the whole system to 660 then trying to repair it with setacl with a dump from a clean system.... obviously I screwed something up with permissions. Could su root before no problem. Thanks!


0
 
LVL 9

Expert Comment

by:kfullarton
ID: 18793844
What distribution is this?  On RedHat and the like, check permissions on /etc/pam.d/su, should be 644......can you also post the contents here?
0
 

Author Comment

by:techwhore
ID: 18793892
So digging a bit deeper I see that SUID/SGID have been replaced by my setacl... Does anyone have a suggestion how I can set these back to the way they should be? Thanks!
0
 
LVL 11

Expert Comment

by:kblack05
ID: 18801035
Also check the contents of the file /etc/sudoers:

[root@server1 ~]# cat /etc/sudoers
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

[root@server1 ~]#


Be sure that users and root are in there which need access.
0
 
LVL 1

Accepted Solution

by:
crovaxy earned 500 total points
ID: 18822219
Is /bin/su with 4755 permissions? (or 4111).
/bin/su does not complain about the setuid bit as sudo does. try fixing it with: chmod 4755 /bin/su
0

Featured Post

Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question