I cant su into root on my own box

I know the password is correct but when i try to su into root, it wont work.
the user is in group wheel.

auth.log looks like this when i try to su

Oct 14 14:24:51 genpn unix_chkpwd[22501]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: check pass; user unknown
Oct 14 14:24:54 genpn unix_chkpwd[22502]: password check failed for user (root)
Oct 14 14:24:54 genpn su[22500]: pam_unix(su:auth): authentication failure; logname=n1tsua uid=1000 euid=1000 tty=tty2 ruser=n1tsua rhost=  user=root
Oct 14 14:24:56 genpn su[22500]: pam_authenticate: Authentication failure
Oct 14 14:24:56 genpn su[22500]: FAILED su for root by n1tsua
Oct 14 14:24:56 genpn su[22500]: - tty2 n1tsua:root
austinemserAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
TintinConnect With a Mentor Commented:
Sorry, didn't see the Gentoo tags in your post.

Check the perms on

/sbin/unix_chkpwd
/etc/shadow
0
 
TintinCommented:
Is the root account locked?
Were you able to su to root previously?
Do you have a 'root' group on your system and if so, is your user in it?
0
 
austinemserAuthor Commented:
i have a root group and no my user isnt in it becuase i dont want that user to be root, i just want to su into root as the user.

i have a wheel group which the user is in

and i can log into root, just not through other users, so i dont think its locked.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
TintinCommented:
Is this on Debian?  I've seen a few references to a bug in lib-pam modules.
0
 
austinemserAuthor Commented:
gentoo using the hardened kernel
0
 
ibu1Commented:
vu /etc/ssh/sshd_config

PermitRootLogin yes

May need to restart ssh.
0
 
TintinCommented:
ssh has nothing to do with being able to su to root.
0
 
ibu1Commented:
0
 
austinemserAuthor Commented:
ssh has permitroot login and that shouldnt stop me from su'ing while in ssh
0
 
austinemserAuthor Commented:
-rw------- /etc/shadow
-rws--x--x /etc/sbin/unix_chkpwd
0
 
TintinCommented:
I'm not 100% sure if the perms for /etc/shadow are correct for Gentoo systems (don't have one I can reference).  I think older versions had group of 'shadow' and perms of 640.
0
 
edster9999Connect With a Mentor Commented:
-rw-------
is correct for shadow - do not change that.


I had a similar problem on a machine where it had lots of failed su's and had locked out the user in the pam accounting area.

Normally this is not done for 'root' but the hardened version may do it.

try
pam_tally --user root

This will tell you if it is keeping a tally on that user.

pam_tally --reset -user root
resets it and will re enable su login if this was the problem/
0
 
austinemserAuthor Commented:
after doing the tally and reseting it, it has 0,

then i tried to su in got a message that says 'authentication failure' and it still says
it "has 0"
0
 
edster9999Commented:
Is that a different message to what you had before ?
Make sure you do have the right password.
Make sure you are in the right groups to get access to 'su'
make sure the account isn't locked out.  (Normally root doesn't get locked out but maybe the hardened version does a 15 mins lock out or something)

Log in as root on the real console and check the logs
0
 
austinemserAuthor Commented:
Checked logs same thing as before, root pw is right, user is in the wheel group, account isnt locked out, same error message.

I think it is a problem with unix_chkpwd, but im not sure.
0
All Courses

From novice to tech pro — start learning today.