PAM/su problem of incorrect UID<->username mappings

To: debian-user@lists.debian.org
Subject: PAM/su problem of incorrect UID<->username mappings
From: Brian Thomas <cinnamon@pft.com>
Date: Tue, 15 Jan 2002 11:49:09 -0800
Message-id: <[🔎] 20020115114909.C15812@pft.com>

Ok, this is a new one. I almost had a heart attack when I saw this pop up
in my logcheck mail this morning:

Jan 15 11:30:07 malchus su[15767]: + pts/7 foo-root
Jan 15 11:30:07 malchus PAM_unix[15767]: (su) session opened for user root by bar(uid=15)
Jan 15 11:44:23 malchus su[15881]: + pts/2 foo-root
Jan 15 11:44:23 malchus PAM_unix[15881]: (su) session opened for user root by foo(uid=15)

User 'foo' has UID 15. Note the discrepency however; in the first line
it seems to think user 'bar' (UID=5012) opened the su session. 

However, bar isn't logged in, doesn't have the root password, and most 
importantly is obviously not UID 15.

This is new. I had been running my own compiled 2.4.2 kernel, this started
only after I upgraded to 2.4.17. I've not made any other major changes
to the system that could account for this, and I'm not sure how to make 
it go away. Google searches haven't turned up anything on this.

Anyone else seen this, or have anything they can point me to?

Reply to:

Prev by Date: Re: Abiword and TrueType
Next by Date: Re: persistent keyboard problems
Previous by thread: Re: Speeding up apt-get security updates
Next by thread: Setting up a home LAN
Index(es):
- Date
- Thread