What could be the reasons for "su root" to not work? I have a user that's in wheel group. Logging in as root works on the console, but su-ing from the user just writes 'Sorry', like the password's wrong. There are no clues in log files. /etc/pam.d/su is identical to another machine where everything works ok.
On Sun, Jan 16, 2005 at 01:07:07AM +0100, Ivan Voras wrote:> What could be the reasons for "su root" to not work? > > I have a user that's in wheel group. Logging in as root works on the > console, but su-ing from the user just writes 'Sorry', like the > password's wrong. There are no clues in log files. > > /etc/pam.d/su is identical to another machine where everything works ok.You forgot to mention what version (4.x doesn't use /etc/pam.d) Kris -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20050115/03fb7804/attachment.bin
On Sun, Jan 16, 2005 at 01:15:34AM +0100, Ivan Voras wrote:> Kris Kennaway wrote: > >On Sun, Jan 16, 2005 at 01:07:07AM +0100, Ivan Voras wrote: > > >>/etc/pam.d/su is identical to another machine where everything works ok. > > > > > >You forgot to mention what version (4.x doesn't use /etc/pam.d) > > oops. 5.3-release.OK. /etc/pam.d/su on 5.3 includes /etc/pam.d/system, so also make sure they're in sync. Kris -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20050115/72a2129e/attachment.bin
I have a similar problem, but only after I use X. I can su perfectly fine before using X, and I can su perfectly fine while using X (and a terminal window), but after exiting X, if I want to su, I have to reboot. Ivan Voras wrote:> What could be the reasons for "su root" to not work? > > I have a user that's in wheel group. Logging in as root works on the > console, but su-ing from the user just writes 'Sorry', like the > password's wrong. There are no clues in log files. > > /etc/pam.d/su is identical to another machine where everything works ok. > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >
On Sat, Jan 15, 2005 at 10:46:03PM -0500, Robert William Vesterman wrote:> I have a similar problem, but only after I use X. I can su perfectly > fine before using X, and I can su perfectly fine while using X (and a > terminal window), but after exiting X, if I want to su, I have to reboot.You might want to try the following C program to check that getlogin is returning the right name at each stage. David. 10:18:gonzo 17% cat printlogin.c #include <stdio.h> #include <unistd.h> int main(void) { puts(getlogin()); } 10:18:gonzo 18% gcc -o printlogin printlogin.c 10:18:gonzo 19% ./printlogin dwmalone
On Sunday, 16. January 2005 01:07, Ivan Voras wrote:> What could be the reasons for "su root" to not work? > > I have a user that's in wheel group. Logging in as root works on the > console, but su-ing from the user just writes 'Sorry', like the > password's wrong. There are no clues in log files.Make sure /usr/sbin/su is suid root (and /usr isn't mounted nosuid). -- ,_, | Michael Nottebrock | lofi@freebsd.org (/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org \u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20050116/bb672191/attachment.bin
On Sun, Jan 16, 2005 at 01:07:07AM +0100, Ivan Voras wrote:> What could be the reasons for "su root" to not work? > > I have a user that's in wheel group. Logging in as root works on the > console, but su-ing from the user just writes 'Sorry', like the > password's wrong. There are no clues in log files. > > /etc/pam.d/su is identical to another machine where everything works ok.Are you using NIS? I've had issues where the machine tries to look up the root password using NIS because of improperly placed + and - commands in /etc/passwd. -- -- Skylar Thompson (skylar@cs.earlham.edu) -- http://www.cs.earlham.edu/~skylar/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20050116/89c8cb30/attachment.bin