|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: su doesn't work "Authentication failure"
From: Dennis G. Wicks <wix(at)eskimo.com>
Date: Fri Feb 01 2008 - 00:10:28 EST
>
> [ . . . ]
>
>
> The "euid=1000" should read "euid=0": your "su" is running as the
> invoking user, so it fails for non-root users. The most likely
> explanation is that "/bin/su" doesn't have the setuid flag set, so
> that would be the first thing to check. (If the setuid bit *is* set,
> the problem may be that your root partition has been mounted with the
> "nosuid" mount flag or something.)
>
> If you have a logical explanation for the missing bit, great,
> otherwise good security practice would suggest that you give a little
> thought before restoring setuid bits on files where it has
> mysteriously disappeared. If your version of the "login" package is
> the latest official Etch version 1:4.0.18.1-7, then "md5sum /bin/su"
Date: Fri Feb 01 2008 - 00:10:28 EST
Kevin Buhr wrote the following on 01/31/2008 12:50 PM:
> paul <google@pcwehle.de> writes:
>> It is possible to do 'su someuser' from root but it's not possible to >> get back to root then using just 'su' or change from a normal user to >> another user account.
>
> [ . . . ]
>
>> Jan 31 15:44:18 myserver su[27729]: (pam_unix) authentication failure; >> logname= uid=1000 euid=1000 tty=pts/4 ruser=myuser rhost= user=root
>
> The "euid=1000" should read "euid=0": your "su" is running as the
> invoking user, so it fails for non-root users. The most likely
> explanation is that "/bin/su" doesn't have the setuid flag set, so
> that would be the first thing to check. (If the setuid bit *is* set,
> the problem may be that your root partition has been mounted with the
> "nosuid" mount flag or something.)
>
> If you have a logical explanation for the missing bit, great,
> otherwise good security practice would suggest that you give a little
> thought before restoring setuid bits on files where it has
> mysteriously disappeared. If your version of the "login" package is
> the latest official Etch version 1:4.0.18.1-7, then "md5sum /bin/su"
From aptitude show login ==>> 1:4.0.18.1-7 <<==
> should give:
>
> 1381ae1ac77b512258657b096522bb6a /bin/su
c80fc747e24fa8bfa099cbef0bfb926f /bin/su <<== from md5sum /bin/su
> If your Etch version matches mine but the md5 doesn't, you might start
> to get pretty worried.
>
What should I be worried about and start looking for? BTW, nobody can get access to my system unless they break into my house, and that hasn't happened. I even did a reinstall of the login package just to make sure the above was right!
Regards,
Dennis
-- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.orgReceived on Fri Feb 1 00:11:05 2008
This archive was generated by hypermail 2.1.8 : Fri Mar 07 2008 - 00:21:26 EST
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |