Re: Newbie question: su root?

Subject: Re: Newbie question: su root?
From: Keary Suska (hierophant@pcisys.net)
Date: Tue Jan 15 2002 - 15:38:43 MST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Iain Stevenson: "Re: Newbie question: su root?"
• Previous message: Avinash Gupta: "Re: Newbie question: su root?"
• In reply to: ke Svensson: "Re: Newbie question: su root?"
• Next in thread: ke Svensson: "Re: Newbie question: su root?"
• Reply: Keary Suska: "Re: Newbie question: su root?"

Since you can't su root at the console either, it is not an issue with
telnetd. Since there aren't any means to restrict who can su on Linux that I
know of, I would lean towards a PAM misconfiguration issue. I would make
sure your PAM config files are correct (/etc/pam.d)--mostly that they all
agree abut the use of shadowed passwords (if used) and encryption algorithm
(such as if you are using MD5). You can ignore the files that relate to
services (such as ftp or telnet). You may also want to check out
/etc/pwdb.conf.

While testing and checking things out, you should work at the system console
from a shell, and *not* a windowing environment. That way you are
eliminating as many other possible interfering factors as well.

For the heck of it, does the root user have a valid shell defined?

Keary Suska
Esoteritech, Inc.
"Leveraging Open Source for a better Internet"

> From: Åke Svensson <aakesve@algonet.se>
> Reply-To: yellowdog-general@lists.yellowdoglinux.com
> Date: Tue, 15 Jan 2002 23:15:02 +0200
> To: <yellowdog-general@lists.yellowdoglinux.com>
> Subject: Re: Newbie question: su root?
>
>
> Keary Suska wrote:
>
> "That's strange--the default functionality should not prevent this. I am
> assuming that you can successfully log in as root at the console? Can you
> log in as a normal user at the console and su root? What do your log files
> say about what's going on?"
>
> Yes, I can log in as root and as a normal user at the console, but not do
> 'su root' as a normal user ('incorrect password') at the console.
>
> Good tip about the logfiles! My '/var/log/messages' says: 'PAM-unix[1070]:
> authentication failure; "my_normal_user_id"(uid=1001 -> root for su
> service'.
>
> I understand that authentication doesn't succeed but I've tried to expand
> the permissions of 'my_normal_user_id' in KDE's User Manager but it didn't
> help.
>
> I've also read the man page for 'telnetd' but found no config options there.
>
> Best Regards,
>
> Ake Svensson
>

• Next message: Iain Stevenson: "Re: Newbie question: su root?"
• Previous message: Avinash Gupta: "Re: Newbie question: su root?"
• In reply to: ke Svensson: "Re: Newbie question: su root?"
• Next in thread: ke Svensson: "Re: Newbie question: su root?"
• Reply: Keary Suska: "Re: Newbie question: su root?"

This archive was generated by hypermail 2a24 : Tue Jan 15 2002 - 15:54:00 MST