Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

I cant su into root on my own box

Posted on 2008-10-14
15
Medium Priority
?
1,231 Views
Last Modified: 2013-12-06
I know the password is correct but when i try to su into root, it wont work.
the user is in group wheel.

auth.log looks like this when i try to su

Oct 14 14:24:51 genpn unix_chkpwd[22501]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: password check failed for user (root)
Oct 14 14:24:54 genpn su[22500]: pam_unix(su:auth): authentication failure; logname=n1tsua uid=1000 euid=1000 tty=tty2 ruser=n1tsua rhost=  user=root
Oct 14 14:24:56 genpn su[22500]: pam_authenticate: Authentication failure
Oct 14 14:24:56 genpn su[22500]: FAILED su for root by n1tsua
Oct 14 14:24:56 genpn su[22500]: - tty2 n1tsua:root
0
Comment
Question by:austinemser
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 2
  • +1
15 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 22718186
Is the root account locked?
Were you able to su to root previously?
Do you have a 'root' group on your system and if so, is your user in it?
0
 

Author Comment

by:austinemser
ID: 22718222
i have a root group and no my user isnt in it becuase i dont want that user to be root, i just want to su into root as the user.

i have a wheel group which the user is in

and i can log into root, just not through other users, so i dont think its locked.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22718245
Is this on Debian?  I've seen a few references to a bug in lib-pam modules.
0
How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

 

Author Comment

by:austinemser
ID: 22718256
gentoo using the hardened kernel
0
 
LVL 48

Accepted Solution

by:
Tintin earned 750 total points
ID: 22718258
Sorry, didn't see the Gentoo tags in your post.

Check the perms on

/sbin/unix_chkpwd
/etc/shadow
0
 
LVL 12

Expert Comment

by:ibu1
ID: 22718282
vu /etc/ssh/sshd_config

PermitRootLogin yes

May need to restart ssh.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22718288
ssh has nothing to do with being able to su to root.
0
 
LVL 12

Expert Comment

by:ibu1
ID: 22718300
0
 

Author Comment

by:austinemser
ID: 22718380
ssh has permitroot login and that shouldnt stop me from su'ing while in ssh
0
 

Author Comment

by:austinemser
ID: 22718389
-rw------- /etc/shadow
-rws--x--x /etc/sbin/unix_chkpwd
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22718619
I'm not 100% sure if the perms for /etc/shadow are correct for Gentoo systems (don't have one I can reference).  I think older versions had group of 'shadow' and perms of 640.
0
 
LVL 20

Assisted Solution

by:edster9999
edster9999 earned 750 total points
ID: 22759096
-rw-------
is correct for shadow - do not change that.


I had a similar problem on a machine where it had lots of failed su's and had locked out the user in the pam accounting area.

Normally this is not done for 'root' but the hardened version may do it.

try
pam_tally --user root

This will tell you if it is keeping a tally on that user.

pam_tally --reset -user root
resets it and will re enable su login if this was the problem/
0
 

Author Comment

by:austinemser
ID: 22759794
after doing the tally and reseting it, it has 0,

then i tried to su in got a message that says 'authentication failure' and it still says
it "has 0"
0
 
LVL 20

Expert Comment

by:edster9999
ID: 22760403
Is that a different message to what you had before ?
Make sure you do have the right password.
Make sure you are in the right groups to get access to 'su'
make sure the account isn't locked out.  (Normally root doesn't get locked out but maybe the hardened version does a 15 mins lock out or something)

Log in as root on the real console and check the logs
0
 

Author Comment

by:austinemser
ID: 22774011
Checked logs same thing as before, root pw is right, user is in the wheel group, account isnt locked out, same error message.

I think it is a problem with unix_chkpwd, but im not sure.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question