Solved

I cant su into root on my own box

Posted on 2008-10-14
15
1,218 Views
Last Modified: 2013-12-06
I know the password is correct but when i try to su into root, it wont work.
the user is in group wheel.

auth.log looks like this when i try to su

Oct 14 14:24:51 genpn unix_chkpwd[22501]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: password check failed for user (root)
Oct 14 14:24:54 genpn su[22500]: pam_unix(su:auth): authentication failure; logname=n1tsua uid=1000 euid=1000 tty=tty2 ruser=n1tsua rhost=  user=root
Oct 14 14:24:56 genpn su[22500]: pam_authenticate: Authentication failure
Oct 14 14:24:56 genpn su[22500]: FAILED su for root by n1tsua
Oct 14 14:24:56 genpn su[22500]: - tty2 n1tsua:root
0
Comment
Question by:austinemser
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 2
  • +1
15 Comments
 
LVL 48

Expert Comment

by:Tintin
ID: 22718186
Is the root account locked?
Were you able to su to root previously?
Do you have a 'root' group on your system and if so, is your user in it?
0
 

Author Comment

by:austinemser
ID: 22718222
i have a root group and no my user isnt in it becuase i dont want that user to be root, i just want to su into root as the user.

i have a wheel group which the user is in

and i can log into root, just not through other users, so i dont think its locked.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22718245
Is this on Debian?  I've seen a few references to a bug in lib-pam modules.
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 

Author Comment

by:austinemser
ID: 22718256
gentoo using the hardened kernel
0
 
LVL 48

Accepted Solution

by:
Tintin earned 250 total points
ID: 22718258
Sorry, didn't see the Gentoo tags in your post.

Check the perms on

/sbin/unix_chkpwd
/etc/shadow
0
 
LVL 12

Expert Comment

by:ibu1
ID: 22718282
vu /etc/ssh/sshd_config

PermitRootLogin yes

May need to restart ssh.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22718288
ssh has nothing to do with being able to su to root.
0
 
LVL 12

Expert Comment

by:ibu1
ID: 22718300
0
 

Author Comment

by:austinemser
ID: 22718380
ssh has permitroot login and that shouldnt stop me from su'ing while in ssh
0
 

Author Comment

by:austinemser
ID: 22718389
-rw------- /etc/shadow
-rws--x--x /etc/sbin/unix_chkpwd
0
 
LVL 48

Expert Comment

by:Tintin
ID: 22718619
I'm not 100% sure if the perms for /etc/shadow are correct for Gentoo systems (don't have one I can reference).  I think older versions had group of 'shadow' and perms of 640.
0
 
LVL 20

Assisted Solution

by:edster9999
edster9999 earned 250 total points
ID: 22759096
-rw-------
is correct for shadow - do not change that.


I had a similar problem on a machine where it had lots of failed su's and had locked out the user in the pam accounting area.

Normally this is not done for 'root' but the hardened version may do it.

try
pam_tally --user root

This will tell you if it is keeping a tally on that user.

pam_tally --reset -user root
resets it and will re enable su login if this was the problem/
0
 

Author Comment

by:austinemser
ID: 22759794
after doing the tally and reseting it, it has 0,

then i tried to su in got a message that says 'authentication failure' and it still says
it "has 0"
0
 
LVL 20

Expert Comment

by:edster9999
ID: 22760403
Is that a different message to what you had before ?
Make sure you do have the right password.
Make sure you are in the right groups to get access to 'su'
make sure the account isn't locked out.  (Normally root doesn't get locked out but maybe the hardened version does a 15 mins lock out or something)

Log in as root on the real console and check the logs
0
 

Author Comment

by:austinemser
ID: 22774011
Checked logs same thing as before, root pw is right, user is in the wheel group, account isnt locked out, same error message.

I think it is a problem with unix_chkpwd, but im not sure.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Upgraded from Debian 7 to 8.7 and got black screen 20 121
pvcreate issue 5 97
phpmyadmin memory error 55 92
Bitcoin mining - Is it possible? 6 92
The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question