Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
su: Cannot fork user shell
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Off the Wall
View previous topic :: View next topic  
Author Message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Tue Jul 02, 2013 8:07 am    Post subject: su: Cannot fork user shell Reply with quote

I'm trying
Code:
su - foo


In /var/log/messages/
Code:
Jul  2 13:35:27 localhost su[12662]: Successful su for foo by root
Jul  2 13:35:27 localhost su[12662]: + /dev/pts/0 root:foo
Jul  2 13:35:27 localhost su[12662]: pam_unix(su:session): session opened for user foo by root(uid=0)
Jul  2 13:35:27 localhost su[12662]: Cannot execute /bin/bash


I recently did a 'emerge -Duv xorg-server' and it's been happening since.

Pointers, anyone?
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
wildhorse
Tux's lil' helper
Tux's lil' helper


Joined: 16 Mar 2006
Posts: 148
Location: Estados Unidos De América

PostPosted: Tue Jul 02, 2013 8:40 am    Post subject: Reply with quote

Check
Code:
ls -la /lib/*.so
and see if ld-*.so and the other usual suspects are set to "-rwxr-xr-x" or something that grants foo executable and read rights.
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Tue Jul 02, 2013 8:48 am    Post subject: Reply with quote

It does.

Now, here's something interesting. When I'm logging into the server using nxserver, with foo's credentials, not only does gnome not work (all I get is the wallpaper and nothing else) I'm unable to use "su - foo" .

Otherwise it does.

Issues with tty/pts?
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Tue Jul 02, 2013 8:51 am    Post subject: Reply with quote

Something to do with xserver, gnome etc. When I log-off X, I'm able to switch users.
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
wildhorse
Tux's lil' helper
Tux's lil' helper


Joined: 16 Mar 2006
Posts: 148
Location: Estados Unidos De América

PostPosted: Tue Jul 02, 2013 9:05 am    Post subject: Reply with quote

Code:
man strace
Good luck! :P
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Tue Jul 02, 2013 9:08 am    Post subject: Reply with quote

:(
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Tue Jul 02, 2013 9:15 am    Post subject: Reply with quote

Aha! I made progress!

Now I get this while switching user
Code:
Cannot execute /bin/bash: Resource temporarily unavailable


And these in /var/log/messages

Code:

Jul  2 14:43:29 localhost kernel: traps: nautilus[22778] trap int3 ip:7fc85ad4e5ad sp:7fff3bc40bd0 error:0
Jul  2 14:43:29 localhost kernel: traps: nautilus[22779] trap int3 ip:7f5e6ae2c5ad sp:7fff30ab6230 error:0
Jul  2 14:43:29 localhost kernel: traps: nautilus[22780] trap int3 ip:7f51c728f5ad sp:7fffd71004a0 error:0
Jul  2 14:43:29 localhost kernel: traps: nautilus[22781] trap int3 ip:7fa8e99ab5ad sp:7fffea901b60 error:0
Jul  2 14:43:29 localhost kernel: traps: nautilus[22782] trap int3 ip:7f4c83ad15ad sp:7fff0141a170 error:0
Jul  2 14:43:29 localhost kernel: traps: nautilus[22783] trap int3 ip:7f5b421c95ad sp:7fffd910e690 error:0
Jul  2 14:43:31 localhost gnome-session[20527]: WARNING: Child process 22811 was already dead.
Jul  2 14:43:33 localhost gnome-session[20527]: WARNING: Child process 22837 was already dead.
Jul  2 14:43:34 localhost kernel: do_trap: 51 callbacks suppressed

_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Tue Jul 02, 2013 1:46 pm    Post subject: Reply with quote

Code:
Jul  2 19:08:49 localhost sshd[17861]: pam_unix(sshd:session): session opened for user foo by (uid=0)
Jul  2 19:09:03 localhost gnome-session[21031]: WARNING: GSIdleMonitor: IDLETIME counter not found
Jul  2 19:09:03 localhost gnome-keyring-daemon[21056]: The GPG agent was already initialized
Jul  2 19:09:03 localhost gnome-keyring-daemon[21056]: The Secret Service was already initialized
Jul  2 19:09:03 localhost gnome-keyring-daemon[21056]: The SSH agent was already initialized
Jul  2 19:09:03 localhost gnome-keyring-daemon[21056]: The PKCS#11 component was already initialized
Jul  2 19:09:03 localhost seahorse-daemon[21064]: unsupported key server uri scheme: ldap
Jul  2 19:09:03 localhost seahorse-daemon[21064]: init gpgme version 1.3.2
Jul  2 19:09:04 localhost gnome-session[21031]: WARNING: Child process 21082 was already dead.
Jul  2 19:09:04 localhost gnome-session[21031]: WARNING: Could not launch application 'libcanberra-login-sound.desktop': Unable to start application: Failed to fork (Resource temporarily unavailable)
Jul  2 19:09:04 localhost gnome-session[21031]: WARNING: Could not launch application 'gdu-notification-daemon.desktop': Unable to start application: Failed to fork (Resource temporarily unavailable)
Jul  2 19:09:04 localhost gnome-session[21031]: WARNING: Could not launch application 'gnome-screensaver.desktop': Unable to start application: Failed to fork (Resource temporarily unavailable)
Jul  2 19:09:04 localhost gnome-session[21031]: WARNING: Could not launch application 'evolution-alarm-notify.desktop': Unable to start application: Failed to fork (Resource temporarily unavailable)
Jul  2 19:09:04 localhost gnome-session[21031]: WARNING: Could not launch application 'polkit-gnome-authentication-agent-1.desktop': Unable to start application: Failed to fork (Resource temporarily unavailable)
Jul  2 19:09:04 localhost gnome-session[21031]: WARNING: Could not launch application 'gnome-power-manager.desktop': Unable to start application: Failed to fork (Resource temporarily unavailable)
Jul  2 19:09:04 localhost gnome-session[21031]: WARNING: Could not launch application 'kerneloops-applet.desktop': Unable to start application: Failed to fork (Resource temporarily unavailable)
Jul  2 19:09:04 localhost gnome-session[21031]: WARNING: Could not launch application 'gnome-volume-manager.desktop': Unable to start application: Failed to fork (Resource temporarily unavailable)
Jul  2 19:09:05 localhost dbus[807]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.13" (uid=1000 pid=21094 comm="nautilus ") interface="org.freedesktop.DBus.Properties" member="GetAll" error name="(unset)" requested_reply="0" destination=":1.1" (uid=0 pid=1666 comm="/usr/sbin/console-kit-daemon --no-daemon ")


Still no go. Why would something like this happen?
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.


Last edited by notageek on Wed Jul 03, 2013 4:19 am; edited 1 time in total
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Tue Jul 02, 2013 2:16 pm    Post subject: Reply with quote

Changing the limit on number of processes in /etc/security/limits.conf, made the problem go away. Weird.

I recall "emerge -Duv xorg-server" pulled in some dependencies that required pam.
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 16116
Location: Colorado

PostPosted: Tue Jul 02, 2013 8:38 pm    Post subject: Reply with quote

notageek wrote:
Changing the limit on number of processes in /etc/security/limits.conf, made the problem go away. Weird.

I recall "emerge -Duv xorg-server" pulled in some dependencies that required pam.
Do you recall the old value? What was it, and how much did you have to increase it?
_________________
lolgov. 'cause where we're going, you don't have civil liberties.

In Loving Memory
1787 - 2008
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Wed Jul 03, 2013 1:30 am    Post subject: Reply with quote

Yes, I do. As a matter of fact, I was going to post that, because the values seem odd.

The max number of processes were 30. I changed it to soft limit of 1024 and hard limit of 2048. I also changed the max number of opened files from 1024 to soft limit 8192 and hard limit 16384.

Excessive?

I think the problem is not resolved. This is just a work-around.

I'm using 3.8.blah kernel.
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 16116
Location: Colorado

PostPosted: Wed Jul 03, 2013 2:58 am    Post subject: Reply with quote

Actually, with 30 processes, that isn't too shocking. Especially once you start the GUI.

Settings would depend on usage, especially with the files. I can't imagine most desktop type scenarios needing that high a limit on open files, though I've never monitored it.

Did you come across anything that provides current usage? I've seen it on Solaris an HP-UX, but have never needed to look on Linux.

Thanks for the info.
_________________
lolgov. 'cause where we're going, you don't have civil liberties.

In Loving Memory
1787 - 2008
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Wed Jul 03, 2013 4:13 am    Post subject: Reply with quote

This is my personal desktop. The usage is pretty low.

I boot up. I go to NX client (to my desktop) and this happens.
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 16116
Location: Colorado

PostPosted: Wed Jul 03, 2013 8:48 pm    Post subject: Reply with quote

If you want to just be done with it, you should be fine. But you could probably set processes to 100 - 200 and still be fine. But you might have to keep that in mind if you encountered the problem again. I think I've seen db systems with a lot of activity have lower max file limits.

One option might be to look at some security / hardening docs / tools to see if they recommend anything.
_________________
lolgov. 'cause where we're going, you don't have civil liberties.

In Loving Memory
1787 - 2008
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Thu Jul 04, 2013 12:47 am    Post subject: Reply with quote

I started with 50 and gradually went up to 100, 200. Didn't help.

I don't want to troubleshoot anymore, because I don't know what's going on and don't know where to look. I'll get back to this problem later.
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 16116
Location: Colorado

PostPosted: Thu Jul 04, 2013 4:51 am    Post subject: Reply with quote

I'm probably remembering numbers from servers without a GUI.

This random website has some info. I'd forgotten how the soft / hard limits work, so that'd be a good place to start. "low" soft limit, then manually increase it to find out the usable low end.
_________________
lolgov. 'cause where we're going, you don't have civil liberties.

In Loving Memory
1787 - 2008
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Thu Jul 04, 2013 4:08 pm    Post subject: Reply with quote

Apparently, this was the root cause. The default limit was 30 max processes and when I was loging into the box throu NX, I was easily hitting 30 quite easily.

I've made the soft limit 50 and hard limit 250 for the user.
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 16116
Location: Colorado

PostPosted: Thu Jul 04, 2013 5:56 pm    Post subject: Reply with quote

notageek wrote:
I started with 50 and gradually went up to 100, 200. Didn't help.
Interesting. Well, glad you finally got it worked out :)
_________________
lolgov. 'cause where we're going, you don't have civil liberties.

In Loving Memory
1787 - 2008
Back to top
View user's profile Send private message
notageek
Tux's lil' helper
Tux's lil' helper


Joined: 05 Jun 2008
Posts: 120
Location: Bangalore, India

PostPosted: Thu Jul 04, 2013 6:03 pm    Post subject: Reply with quote

I'm not sure why it didn't work then. Maybe I was impatient.
_________________
The problem is not the problem. The problem is your attitude about the problem. Do you understand? --Capt Jack Sparrow.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Off the Wall All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum