su doesn`t work anymore

[Flexman]

Since yesterday I got some problems with my su command:

Everytime I type su to become root the return is:

[flexi@blockbuster]$ su
su: Authentication failure

It doesn`t even ask me for a password. If I try to become a different user (su xyz) it is the same. The Problem appears with each user on the machine (no user can use su). When I am logged in as root on tty1 or so I can become a different user with su.

/var/log/messages says:

su pam_authenticate: authentication_failure.

Here ist my /etc/pam.d/system-auth

#%PAM-1.0

auth required pam_env.so
auth sufficient pam_unix.so likeauth nullok
auth required pam_deny.so

account required pam_unix.so

password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
password sufficient pam_unix.so nullok md5 shadow use_authtok
password required pam_deny.so

session required pam_limits.so
session required pam_unix.so


and /etc/pam.d/su


#%PAM-1.0

#auth sufficient pam_rootok.so

# If you want to restrict users begin allowed to su even more,
# create /etc/security/suauth.allow (or to that matter) that is only
# writable by root, and add users that are allowed to su to that
# file, one per line.
#auth required pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow

# Uncomment this to allow users in the wheel group to su without
# entering a passwd.
auth sufficient pam_wheel.so use_uid trust

# Alternatively to above, you can implement a list of users that do
# not need to supply a passwd with a list.
#auth sufficient pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass

# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth required pam_wheel.so use_uid

auth include system-auth

account include system-auth

password include system-auth

session include system-auth
session required pam_env.so
session optional pam_xauth.so



/bin/su has following rights:

-rws--s--x root root


Thanks for help,

Flexman

[tukachinchila]

What does your /etc/securetty file look like?

[Flexman]

/etc/securetty looks like this:


# /etc/securetty: list of terminals on which root is allowed to login.
# See securetty(5) and login(1).
vc/0
vc/1
vc/2
vc/3
vc/4
vc/5
vc/6
vc/7
vc/8
vc/9
vc/10
vc/11
vc/12
tty0
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11
tty12

tts/0
ttyS0

[JRV]

[Flexman]

Thanks for the answers. But they didn`t solve the problem. Ich figured out that when I lock my Display (kde3.5.0) I can`t unlock it anymore. It alway says authentication failure. So I have to reboot and log in again. Maybe this also has something to do with it.

/var/log/messages says something like authentication failure (invoked by uid 500)

Flexman

[Tommy Vercetti]

I've got the very same problem, including the locking problem with kde
And I don't know whether it's about the same problem, but KDE just seems to ignore ctrl+alt+F(1-6) so I can't go to a tty
It's a fresh new instalation on another machine
I installed with GCC 4.0.2, an unofficial patchset for glibc and xorg 6.9.0 but ~x86 only for some packages, not all. Mostly KDE and other non-essential stuff (not being able to su on a tty doesn't seem to be a kde problem)
_________________
AMD Athlon 64 3200+ 939
ASUS A8V Deluxe
1GB Corsair Dual Channel
ATI Radeon 9600 XT 128MB Gigabyte 500/600
120GB Maxtor
200GB WD

[anonybosh]

Have you guys seen this thread?
It's about an incorrect SETUID bit.
---
EDIT: Ooops, sorry, didn't read the full post!

[Flexman]

Hi Guys,

I just figured out what the problem was. The problem is with /etc/fstab. I had exec and users set. I changed it to defaults and now it works proberly. At Last.