View previous topic :: View next topic |
Author |
Message |
lolita_daydream n00b
Joined: 23 Sep 2002 Posts: 5
|
Posted: Mon Sep 23, 2002 12:43 am Post subject: belong to wheel group, but can't su to root. |
|
|
greetings.
as the subject line says, i can't su to root, even though i belong to the wheel group. i checked /etc/group, and it confirms this.
any help would be greatly appreciated. |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20067
|
Posted: Mon Sep 23, 2002 12:59 am Post subject: |
|
|
Have you logged out since the user was added to the group? Does running 'groups' verify membership? _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
rac Bodhisattva
Joined: 30 May 2002 Posts: 6553 Location: Japanifornia
|
Posted: Mon Sep 23, 2002 1:32 am Post subject: |
|
|
"newgrp -" should be sufficient if you don't want to log out. _________________ For every higher wall, there is a taller ladder |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20067
|
Posted: Mon Sep 23, 2002 1:34 am Post subject: |
|
|
I thought there was an easier way, just couldn't recall what it was. _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
lolita_daydream n00b
Joined: 23 Sep 2002 Posts: 5
|
Posted: Mon Sep 23, 2002 3:32 am Post subject: |
|
|
Quote: | Have you logged out since the user was added to the group? |
i've done so many times. this has been a problem for about a week now, since i reinstalled to upgrade to gentoo 1.4
i'm presently running as root fulltime. |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20067
|
Posted: Mon Sep 23, 2002 3:44 am Post subject: |
|
|
What is in /etc/suauth and /etc/pam.d/su? _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
rac Bodhisattva
Joined: 30 May 2002 Posts: 6553 Location: Japanifornia
|
Posted: Mon Sep 23, 2002 4:01 am Post subject: |
|
|
...and what does su give you as a reason for failure? Can root su to ordinary users? _________________ For every higher wall, there is a taller ladder |
|
Back to top |
|
|
mikegr n00b
Joined: 20 Aug 2002 Posts: 11 Location: Linz, Austria
|
Posted: Mon Sep 23, 2002 8:36 pm Post subject: |
|
|
I have the same problem, I got the message:
su: Authentication failure
I can login as the user and as root. The user is in the wheel group. I can sudo without password, but cannot when a password is required.(Uncomment the line in /etc/sudoers)
I 've no /etc/suauth and the /etc/pam.d/su looks like this:
#%PAM-1.0
auth sufficient /lib/security/pam_rootok.so
auth required /lib/security/pam_wheel.so use_uid
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_xauth.so
Maybe this information helps someone, getting an answer. |
|
Back to top |
|
|
lolita_daydream n00b
Joined: 23 Sep 2002 Posts: 5
|
Posted: Mon Sep 23, 2002 10:35 pm Post subject: |
|
|
its the same for me as for mikegr, above.
my su also fails with the message:
su: Authentication failure
i have no /etc/suauth either, and my /etc/pam.d/su is exactly the same. |
|
Back to top |
|
|
rac Bodhisattva
Joined: 30 May 2002 Posts: 6553 Location: Japanifornia
|
Posted: Mon Sep 23, 2002 11:12 pm Post subject: |
|
|
Attention! The following question may be extremely stupid. Reading this question may cause you to laugh at the questioner, or get angry with them for insulting your intelligence. You have been warned.
People having problems: are you typing your user's password at the Password: prompt instead of root's password? _________________ For every higher wall, there is a taller ladder |
|
Back to top |
|
|
Logik n00b
Joined: 15 Aug 2002 Posts: 9 Location: Michigan
|
Posted: Mon Sep 23, 2002 11:54 pm Post subject: |
|
|
Quote: |
People having problems: are you typing your user's password at the Password: prompt instead of root's password? |
LOL, that is hilarious... i am almost willing to bet that's the problem too.. clever... for some reason i would've never thought about that... _________________ Kyle |
|
Back to top |
|
|
lolita_daydream n00b
Joined: 23 Sep 2002 Posts: 5
|
Posted: Tue Sep 24, 2002 3:27 am Post subject: |
|
|
Quote: | People having problems: are you typing your user's password at the Password: prompt instead of root's password? |
that is funny.
and, no im not. |
|
Back to top |
|
|
McManus Apprentice
Joined: 10 Apr 2002 Posts: 176 Location: Austin, TX
|
Posted: Tue Sep 24, 2002 4:49 am Post subject: |
|
|
I guessed it might have been an issue with pam, so I re-emerged with -march=athlon-mp -O2 -pipe but still no go. What is the dealy-o?
(and ha, I _wish_ it was as simple as typing in the wrong password; I actually checked to make sure I was typing it in correctly ) _________________ McManus
----
Linux user #267375 - http://counter.li.org |
|
Back to top |
|
|
rac Bodhisattva
Joined: 30 May 2002 Posts: 6553 Location: Japanifornia
|
Posted: Tue Sep 24, 2002 5:29 am Post subject: |
|
|
Anybody affected have permissions on /var/run/utmp that are different from 664 root.utmp? Also, does anybody have grsecurity (or any other security-related things) enabled in their kernels? _________________ For every higher wall, there is a taller ladder |
|
Back to top |
|
|
pilla Bodhisattva
Joined: 07 Aug 2002 Posts: 7729 Location: Underworld
|
Posted: Tue Sep 24, 2002 1:02 pm Post subject: |
|
|
Same as me, but it works.
I barelly remember... I think I had to make something about it the first time I installed gentoo.
lolita_daydream wrote: | its the same for me as for mikegr, above.
my su also fails with the message:
su: Authentication failure
i have no /etc/suauth either, and my /etc/pam.d/su is exactly the same. |
|
|
Back to top |
|
|
HogRider Apprentice
Joined: 29 May 2002 Posts: 160
|
Posted: Tue Sep 24, 2002 1:16 pm Post subject: |
|
|
Just to clarify:
Are you typing in your user password for sudo?
And your root password for su?
Perhaps it would help to post your /etc/groups....
usermod's -g & -G are sometimes troublesome _________________ Mike
"Computers are like air conditioners, they stop working properly if you open Windows"
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);' |
|
Back to top |
|
|
lolita_daydream n00b
Joined: 23 Sep 2002 Posts: 5
|
Posted: Tue Sep 24, 2002 1:29 pm Post subject: |
|
|
Quote: | Anybody affected have permissions on /var/run/utmp that are different from 664 root.utmp? Also, does anybody have grsecurity (or any other security-related things) enabled in their kernels? |
my permissions are also 664 root.utmp.
and i do not have grsecurity enabled in my kernel.
Quote: | Perhaps it would help to post your /etc/groups.... |
my /etc/group:
root::0:root
bin::1:root,bin,daemon
daemon::2:root,bin,daemon
sys::3:root,bin,adm
adm::4:root,adm,daemon
tty::5:
disk::6:root,adm
lp::7:lp
mem::8:
kmem::9:
wheel::10:root,lolita
floppy::11:root
mail::12:mail
news::13:news
uucp::14:uucp
man::15:man
cron::16:cron
console::17:
audio::18:
cdrom::19:
dialout::20:root
ftp::21:
sshd::22:
at::25:at
tape::26:root
video::27:root
squid::31:squid
gdm::32:gdm
xfs::33:xfs
games::35:
named::40:named
mysql:x:60:
postgres::70:
cdrw::80:
apache::81:
nut::84:
usb::85:
vpopmail:x:89:
users::100:games,lolita
nofiles:x:200:
qmail:x:201:
postfix:x:207:
postdrop:x:208:
utmp:x:406:
nogroup::65533:
nobody::65534: |
|
Back to top |
|
|
Roptaty Apprentice
Joined: 12 May 2002 Posts: 184 Location: Norway
|
Posted: Tue Sep 24, 2002 4:21 pm Post subject: |
|
|
Have you looked at the logs? |
|
Back to top |
|
|
McManus Apprentice
Joined: 10 Apr 2002 Posts: 176 Location: Austin, TX
|
Posted: Wed Oct 02, 2002 12:16 am Post subject: |
|
|
Did any of y'all fix this on your system, yet? I just did a complete re-install, and it still doesn't work. Should I file it as a bug? Did I miss something really simple? Am I just retarded? Let me know, please! _________________ McManus
----
Linux user #267375 - http://counter.li.org |
|
Back to top |
|
|
HogRider Apprentice
Joined: 29 May 2002 Posts: 160
|
Posted: Wed Oct 02, 2002 12:57 pm Post subject: |
|
|
Wait a minute......
I was reading back through the thread, and realized we're looking at two separate issues.
Quote: | lolita_daydream Posted: Sun Sep 22, 2002 7:43 pm Post subject: belong to wheel group, but can't su to root.
--------------------------------------------------------------------------------
greetings.
as the subject line says, i can't su to root, even though i belong to the wheel group. i checked /etc/group, and it confirms this.
any help would be greatly appreciated.
|
Is questioning su, whereas
Quote: | mikegr Posted: Mon Sep 23, 2002 3:36 pm Post subject:
--------------------------------------------------------------------------------
I have the same problem, I got the message:
su: Authentication failure
I can login as the user and as root. The user is in the wheel group. I can sudo without password, but cannot when a password is required.(Uncomment the line in /etc/sudoers)
I 've no /etc/suauth and the /etc/pam.d/su looks like this:
#%PAM-1.0
auth sufficient /lib/security/pam_rootok.so
auth required /lib/security/pam_wheel.so use_uid
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_xauth.so
Maybe this information helps someone, getting an answer.
|
Relates to sudo.
These are separate issues. su should work if the user is part of the wheel group. sudo should work if the user & specific command are listed in /etc/sudoers.
password for su=%rootpasswd%
password for sudo=%userpasswd%
Let's identify the specific problem, and try to resolve it. _________________ Mike
"Computers are like air conditioners, they stop working properly if you open Windows"
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);' |
|
Back to top |
|
|
McManus Apprentice
Joined: 10 Apr 2002 Posts: 176 Location: Austin, TX
|
Posted: Thu Oct 03, 2002 2:00 am Post subject: |
|
|
Erm, I know that I am having issues with 'su' and that others are having problems with 'su' as well. I know 'su' should work if my users are in the 'wheel' group. Well, they are and it doesn't work. _________________ McManus
----
Linux user #267375 - http://counter.li.org |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20067
|
Posted: Thu Oct 03, 2002 2:14 am Post subject: |
|
|
lolita_daydream: Is your problem with su, or sudo? _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
8230 n00b
Joined: 16 Oct 2002 Posts: 10
|
Posted: Wed Oct 16, 2002 7:50 pm Post subject: |
|
|
I see no one has yet mentioned "visudo". I have users that are not in the "wheel" group and I just used visudo to add
their names to the sudoers file and it works just fine. |
|
Back to top |
|
|
blatch n00b
Joined: 15 Oct 2002 Posts: 59 Location: bloomington, in
|
Posted: Thu Oct 17, 2002 3:06 am Post subject: |
|
|
Code: | bash-2.05a# useradd (username)
bash-2.05a# usermod -g wheel
|
works for me [/code] _________________ blatch.net |
|
Back to top |
|
|
rac Bodhisattva
Joined: 30 May 2002 Posts: 6553 Location: Japanifornia
|
Posted: Thu Oct 17, 2002 4:39 am Post subject: |
|
|
Why do you want to set wheel to be your user's primary group? How is this better than making it a secondary group with the -G option? _________________ For every higher wall, there is a taller ladder |
|
Back to top |
|
|
|