| View previous topic :: View next topic |
| Author |
Message |
hackjoe
n00b
Joined: 14 Jan 2003
Posts: 9
Location: Calgary
|
 Posted: Tue Jan 14, 2003 2:34 am Post subject: root only login problem |
 |
|
The problem is I can only login as root at the console. If I login as a regular user it just goes back the login prompt.
This is in the auth.log.
gentoo login(pam_unix)[20547]: session opened for user robin by (uid=0)
If I put in the wrong password I get this.
gentoo login(pam_unix)[20548]: authentication failure; logname= uid=0 euid=0 tty=/dev/vc/1 ruser= rhost= user=robin
I can ssh in as any user without any problems.
I can su to any user without any problems. As any user I can open any shell.
I have created a new user with a different shell with the same problem.
Emerge -u bash, shadow, pam with no change.
I have checked passwd, group, shadow, security/access.conf and pam.d/login, home directory permissions. All seem OK.
I have searched the forums and found a few things but nothing that has solved this problem.
Here is an strace of a failed login.
close(3) = 0
munmap(0x40014000, 4096) = 0
open("/etc/security/console.perms", O_RDONLY) = 3
brk(0x805c000) = 0x805c000
ioctl(3, SNDCTL_TMR_TIMEBASE, 0xbfffb290) = -1 ENOTTY (Inappropriate ioctl for device)
read(3, "# /etc/security/console.perms\n#\n"..., 8192) = 2894
--- SIGILL (Illegal instruction) ---
Last edited by hackjoe on Tue Jan 14, 2003 3:38 am; edited 2 times in total |
|
| Back to top |
|
 |
pjp
Administrator
Joined: 16 Apr 2002
Posts: 20067
|
| Posted: Tue Jan 14, 2003 2:50 am Post subject: |
|
|
What are your permissions on /tmp?
_________________
Quis separabit? Quo animo? |
|
| Back to top |
|
|
hackjoe
n00b
Joined: 14 Jan 2003
Posts: 9
Location: Calgary
|
| Posted: Tue Jan 14, 2003 2:55 am Post subject: |
|
|
| drwxrwxrwx |
|
| Back to top |
|
|
rac
Bodhisattva
Joined: 30 May 2002
Posts: 6553
Location: Japanifornia
|
| Posted: Tue Jan 14, 2003 6:20 am Post subject: |
|
|
SIGILL is rather unusual. What is your CPU and what is your CHOST in /etc/make.conf?
_________________
For every higher wall, there is a taller ladder |
|
| Back to top |
|
|
hackjoe
n00b
Joined: 14 Jan 2003
Posts: 9
Location: Calgary
|
| Posted: Tue Jan 14, 2003 7:47 pm Post subject: |
|
|
the cpu setup is complicated. 2x PIII 700Mhz for initial load. 1xPIII 700Mhz for a couple of weeks. currently 2xPII 350Mhz.
the compiler flags are the generic i686 ones. will post them when i get back home. |
|
| Back to top |
|
|
rac
Bodhisattva
Joined: 30 May 2002
Posts: 6553
Location: Japanifornia
|
| Posted: Tue Jan 14, 2003 8:01 pm Post subject: |
|
|
If they're all Pentium II+, then don't worry about CHOST. I was hoping for the outside chance of a K6 with an i686 CHOST. Which (if any) grsecurity settings are enabled in your kernel?
_________________
For every higher wall, there is a taller ladder |
|
| Back to top |
|
|
hackjoe
n00b
Joined: 14 Jan 2003
Posts: 9
Location: Calgary
|
| Posted: Tue Jan 14, 2003 9:22 pm Post subject: |
|
|
no grsecurity.
the only thing extra is openmosix. but that has been running for a while now, meaning before the login problem. |
|
| Back to top |
|
|
hackjoe
n00b
Joined: 14 Jan 2003
Posts: 9
Location: Calgary
|
| Posted: Thu Jan 16, 2003 12:56 am Post subject: fixed |
|
|
got it sorted out. not surprisingly it was self inflicted. put in a p3 cpu and everything is fine.
i lied when i said that my make.conf was generic i686 flags. i was not at the computer so i could not check it until i got back home.
CFLAGS="-march=pentium3 -O3 -pipe"
seeing that got me thinking about the difference of a p2 vs p3 cpu. the sse extensions are the obvious choice. that leads to a couple of questions. why would it allow root to login but no one else and what part of the login/pam sequence is using sse, if that is the problem, since i changed the flag last night and compiled all of the suspect programs again last night.
i do not think this will affect to many people since almost no one will be downgrading their processors.
thanks for all your help. |
|
| Back to top |
|
|
|
Other Things Gentoo
