View previous topic :: View next topic |
Author |
Message |
dilandau Guru
Joined: 24 May 2003 Posts: 485 Location: germany
|
Posted: Sun Dec 05, 2004 3:03 pm Post subject: trouble with su command in xterm [solved] |
|
|
when i enter su in xterm and the password nothing happens until i press CTRL-C. it worked yesterday and teh password still works when loggin in as root from annother console. only the xterm refuses to work. _________________ gentoo linux - amd duron stalebred 1600 - elsa gladiac 311 (nvidia) - elitegroup k7s5a (sis, lan) - 256mb ram - wintv pci fm - airstar2 dvb-t pci - ide cdwriter - hp psc 1110
Last edited by dilandau on Sun Dec 05, 2004 7:36 pm; edited 1 time in total |
|
Back to top |
|
|
jkt Retired Dev
Joined: 06 Feb 2004 Posts: 1250 Location: Prague, Czech republic, EU
|
Posted: Sun Dec 05, 2004 4:42 pm Post subject: |
|
|
does it say anything into syslog? (/var/log/auth.log or /var/log/messages,...) |
|
Back to top |
|
|
dilandau Guru
Joined: 24 May 2003 Posts: 485 Location: germany
|
Posted: Sun Dec 05, 2004 4:52 pm Post subject: |
|
|
interestingly i have neither of these two logfiles, though metalog is running.
in /valr/log/everything/current i found at last (when trying the su from xterm):
Dec 5 18:14:04 [su] PAM pam_putenv: delete non-existent entry; REMOTEHOST
Dec 5 18:14:04 [PAM-env] Unknown PAM_ITEM: <XAUTHORITY>
Dec 5 18:14:04 [su] PAM pam_putenv: delete non-existent entry; XAUTHORITY
Dec 5 18:14:04 [su(pam_unix)] session opened for user root by (uid=1000)
Dec 5 18:14:04 [su] PAM pam_putenv: delete non-existent entry; REMOTEHOST
Dec 5 18:14:04 [PAM-env] Unknown PAM_ITEM: <XAUTHORITY>
Dec 5 18:14:04 [su] PAM pam_putenv: delete non-existent entry; XAUTHORITY
after this time the su works. so if i wait teh two minutes, it works.
(login as root from console still works in instant time) _________________ gentoo linux - amd duron stalebred 1600 - elsa gladiac 311 (nvidia) - elitegroup k7s5a (sis, lan) - 256mb ram - wintv pci fm - airstar2 dvb-t pci - ide cdwriter - hp psc 1110 |
|
Back to top |
|
|
jkt Retired Dev
Joined: 06 Feb 2004 Posts: 1250 Location: Prague, Czech republic, EU
|
Posted: Sun Dec 05, 2004 5:01 pm Post subject: |
|
|
yeah, exact locations depend on your setup.
so it has a delay of two minutes? |
|
Back to top |
|
|
dilandau Guru
Joined: 24 May 2003 Posts: 485 Location: germany
|
Posted: Sun Dec 05, 2004 5:04 pm Post subject: |
|
|
i find these locations uncommon. is there an easy way to change them to a more "standard" (if such exists)?
yeah, su takes some time. i can switch console sometimes and display a long textfile on annother console until the prompt in the xterm is ready. it probably has to do domething with pam and xauthority. i never underdtood what that means. _________________ gentoo linux - amd duron stalebred 1600 - elsa gladiac 311 (nvidia) - elitegroup k7s5a (sis, lan) - 256mb ram - wintv pci fm - airstar2 dvb-t pci - ide cdwriter - hp psc 1110 |
|
Back to top |
|
|
jkt Retired Dev
Joined: 06 Feb 2004 Posts: 1250 Location: Prague, Czech republic, EU
|
Posted: Sun Dec 05, 2004 5:13 pm Post subject: |
|
|
dilandau wrote: | i find these locations uncommon. is there an easy way to change them to a more "standard" (if such exists)?
|
I'm using syslog-ng personally, but I'm sure metalog has some way of filtering/moving different facilities/importance into several files. consult it's docs
Quote: |
yeah, su takes some time. i can switch console sometimes and display a long textfile on annother console until the prompt in the xterm is ready. it probably has to do domething with pam and xauthority. i never underdtood what that means. |
you can start with comparing /etc/pam.d/su with /etc/pam.d/login (maybe something else) and trying to temporarily comment-out the differences in su to see what feature is causing troubles. |
|
Back to top |
|
|
dilandau Guru
Joined: 24 May 2003 Posts: 485 Location: germany
|
Posted: Sun Dec 05, 2004 5:22 pm Post subject: |
|
|
these two lines caused the problems:
#session required /lib/security/pam_env.so
#session optional /lib/security/pam_xauth.so
the first one took the most time, teh second only a notably one second.
how can i know what they are for and that my system still works as expectedwith those two lines removed? as i said, the su command worked right yesterday and i didnt change on the system. something else must be the reason. _________________ gentoo linux - amd duron stalebred 1600 - elsa gladiac 311 (nvidia) - elitegroup k7s5a (sis, lan) - 256mb ram - wintv pci fm - airstar2 dvb-t pci - ide cdwriter - hp psc 1110
Last edited by dilandau on Sun Dec 05, 2004 5:31 pm; edited 1 time in total |
|
Back to top |
|
|
jkt Retired Dev
Joined: 06 Feb 2004 Posts: 1250 Location: Prague, Czech republic, EU
|
Posted: Sun Dec 05, 2004 5:30 pm Post subject: |
|
|
dilandau wrote: | these two lines caused the problems:
#session required /lib/security/pam_env.so
|
have a look at /etc/security/pam_env.conf
Quote: |
#session optional /lib/security/pam_xauth.so
|
this should be ok. uncomment it. |
|
Back to top |
|
|
dilandau Guru
Joined: 24 May 2003 Posts: 485 Location: germany
|
Posted: Sun Dec 05, 2004 5:33 pm Post subject: |
|
|
not ok. the second line really makes the longest wait. you say it shouldnt... _________________ gentoo linux - amd duron stalebred 1600 - elsa gladiac 311 (nvidia) - elitegroup k7s5a (sis, lan) - 256mb ram - wintv pci fm - airstar2 dvb-t pci - ide cdwriter - hp psc 1110
Last edited by dilandau on Sun Dec 05, 2004 5:41 pm; edited 2 times in total |
|
Back to top |
|
|
jkt Retired Dev
Joined: 06 Feb 2004 Posts: 1250 Location: Prague, Czech republic, EU
|
Posted: Sun Dec 05, 2004 5:39 pm Post subject: |
|
|
dilandau wrote: | not ok. the second line really makes the longest wait. you say it shouldnt... |
Quote: | the first one took the most time, teh second only a notably one second. |
I'm confused... |
|
Back to top |
|
|
dilandau Guru
Joined: 24 May 2003 Posts: 485 Location: germany
|
Posted: Sun Dec 05, 2004 5:41 pm Post subject: |
|
|
i commented out two lines. both produce errors. teh first one produces a delay of two seconds, the second one produces a delay of ~30 seconds. the conf file looks ok. i added two times a seemingly missing "" after an = though that didnt change anything. maybe the "" were not needed at all to indicate an empty string. its just annoterh configuration script that sets some variables. expecially the xauthority variable and the display variable are the ones that appeared in the logfile. could there be something with the devices not right? i have no idea. _________________ gentoo linux - amd duron stalebred 1600 - elsa gladiac 311 (nvidia) - elitegroup k7s5a (sis, lan) - 256mb ram - wintv pci fm - airstar2 dvb-t pci - ide cdwriter - hp psc 1110 |
|
Back to top |
|
|
jkt Retired Dev
Joined: 06 Feb 2004 Posts: 1250 Location: Prague, Czech republic, EU
|
Posted: Sun Dec 05, 2004 5:54 pm Post subject: |
|
|
dilandau wrote: | i commented out two lines. both produce errors. teh first one produces a delay of two seconds, the second one produces a delay of ~30 seconds. |
so pam_env delays for about 2 secs and pam_xauth for half a minute?
Quote: | the conf file looks ok. i added two times a seemingly missing "" after an = though that didnt change anything. maybe the "" were not needed at all to indicate an empty string. its just annoterh configuration script that sets some variables. expecially the xauthority variable and the display variable are the ones that appeared in the logfile. could there be something with the devices not right? i have no idea. |
what "" are you talking about? |
|
Back to top |
|
|
dilandau Guru
Joined: 24 May 2003 Posts: 485 Location: germany
|
Posted: Sun Dec 05, 2004 5:58 pm Post subject: |
|
|
you mentioned /etc/security/pam_env.conf
there was
REMOTEHOST DEFAULT= OVERRIDE=@{PAM_RHOST}
#
# Set the DISPLAY variable if it seems reasonable
DISPLAY DEFAULT="" OVERRIDE=${DISPLAY}
#
# Set the XAUTHORITY variable if pam_xauth is used
XAUTHORITY DEFAULT= OVERRIDE=@{XAUTHORITY}
and i changed it to
REMOTEHOST DEFAULT="" OVERRIDE=@{PAM_RHOST}
#
# Set the DISPLAY variable if it seems reasonable
DISPLAY DEFAULT="" OVERRIDE=${DISPLAY}
#
# Set the XAUTHORITY variable if pam_xauth is used
XAUTHORITY DEFAULT="" OVERRIDE=@{XAUTHORITY}
the problem is still there. _________________ gentoo linux - amd duron stalebred 1600 - elsa gladiac 311 (nvidia) - elitegroup k7s5a (sis, lan) - 256mb ram - wintv pci fm - airstar2 dvb-t pci - ide cdwriter - hp psc 1110 |
|
Back to top |
|
|
jkt Retired Dev
Joined: 06 Feb 2004 Posts: 1250 Location: Prague, Czech republic, EU
|
Posted: Sun Dec 05, 2004 6:08 pm Post subject: |
|
|
my is (after separation fo some comments):
Code: |
# First, some special variables
#
# Set the REMOTEHOST variable for any hosts that are remote, default
# to "localhost" rather than not being set at all
# Note: Rather set default to "", as DISPLAY=localhost:0.0 do not work
# here at least.
REMOTEHOST DEFAULT= OVERRIDE=@{PAM_RHOST}
#
# Set the DISPLAY variable if it seems reasonable
DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
#
# Set the XAUTHORITY variable if pam_xauth is used
XAUTHORITY DEFAULT= OVERRIDE=@{XAUTHORITY}
|
|
|
Back to top |
|
|
dilandau Guru
Joined: 24 May 2003 Posts: 485 Location: germany
|
Posted: Sun Dec 05, 2004 6:51 pm Post subject: |
|
|
i took your line. problem still present. _________________ gentoo linux - amd duron stalebred 1600 - elsa gladiac 311 (nvidia) - elitegroup k7s5a (sis, lan) - 256mb ram - wintv pci fm - airstar2 dvb-t pci - ide cdwriter - hp psc 1110 |
|
Back to top |
|
|
jkt Retired Dev
Joined: 06 Feb 2004 Posts: 1250 Location: Prague, Czech republic, EU
|
Posted: Sun Dec 05, 2004 6:59 pm Post subject: |
|
|
weird . `set`? |
|
Back to top |
|
|
dilandau Guru
Joined: 24 May 2003 Posts: 485 Location: germany
|
Posted: Sun Dec 05, 2004 7:36 pm Post subject: |
|
|
solution:
some autologin hack (?) made the homedir of the user belonging to root. chown <username> /home/<username> repaired everything. _________________ gentoo linux - amd duron stalebred 1600 - elsa gladiac 311 (nvidia) - elitegroup k7s5a (sis, lan) - 256mb ram - wintv pci fm - airstar2 dvb-t pci - ide cdwriter - hp psc 1110 |
|
Back to top |
|
|
|