[vox-tech] Not able to log into root.

ME vox-tech@lists.lugod.org
Tue, 23 Apr 2002 16:06:39 -0700 (PDT) 

Perhaps a suid-checking script was poorly configured and chmodded the suid
bit out?

Did you install any security software recently?


Coming into the picture recently (SOrry, did not read all of the other
posts yet) some questions:
Does a "normal" login from the console as root work?
Is the only fault in when you su?

The original message makes it sound like you cannot login or su. If that 
is the case, then there are other things to check beyond just su.

-ME

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++ 
L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ !PGP
t@-(++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z?
------END GEEK CODE BLOCK------
decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html

On Tue, 23 Apr 2002, Shawn P. Neugebauer wrote:
> sounds good peter, but why would it change??  i'd be worried...
> 
> i tried a little experiment (don't try this at home boys and girls).  as a 
> backup, i opened a root shell.  then, in another shell, i changed the
> permissions on /bin/su to 755.  when i try to su to root, i just get
> "incorrect password" (this is RH 7.x).  i tried several combinations of
> permissions (4755, 6755, 755), owner, and group, and all either work or
> return "incorrect password."  
> 
> so, changing the permissions may indeed correct the problem, but i'd
> wonder how it got that way.  do you have any way to know that the
> machine has not been rooted??
> 
> shawn.
> 
> On Tuesday 23 April 2002 12:01 pm, you wrote:
> > hi rusty,
> >
> > off the top of my head, i would say that your su needs to be setuid
> > root and it's not.  you should have a permission of 4755 (rwsr-xr-x) on
> > su.
> >
> > to verify this, i went to google groups:
> >
> > 	http://groups.google.com/advanced_group_search
> >
> > in "with all of the words" i typed:
> >
> > 	su "cannot set groups"
> >
> > the first item reads:
> >
> > 	su problem: su: cannot set groups: Operation not permitted
> >
> > i click on it, then click on complete thread.  here's the URL:
> >
> > 	http://groups.google.com/groups?hl=en&th=4dec5a92aba3e0&rnum=1
> >
> > it looks like all the responses to this question point to the permission
> > problem.   :-)
> >
> > hth,
> > pete
> >
> >
> > begin Rusty Minden <clownsinc@attbi.com>
> >
> > > I am not able too loginto root and when I try to su into root I get this
> > > error below any ideas?
> > >
> > > rdm@cc668999-a:~> su
> > > Password:
> > > su: cannot set groups: Operation not permitted