I have just encountered a weird message by /bin/su:
master:/tmp# su -c id collector
su: Permission denied
(Ignored)
uid=200(collector) gid=200(collector) groups=200(collector)
root su's to the collector user (pam_rootok allows this), and the
command is executed. But where do the messages come from.
strace says:
[...]
stat64("/root", {st_mode=S_IFDIR|0700, st_size=116, ...}) = 0
stat64(".", 0xbffffa00) = -1 EACCES (Permission denied)
brk(0) = 0x80ec000
brk(0x80ee000) = 0x80ee000
getcwd("/root", 4096) = 6
getpid() = 15728
getppid() = 15727
stat64(".", 0xbffffa30) = -1 EACCES (Permission denied)
stat64("/usr/local/bin/bash", 0xbffff960) = -1 ENOENT (No such file or directory)
stat64("/usr/bin/bash", 0xbffff960) = -1 ENOENT (No such file or directory)
stat64("/bin/bash", {st_mode=S_IFREG|0755, st_size=628684, ...}) = 0
getgroups32(32, [200]) = 1
stat64("/bin/bash", {st_mode=S_IFREG|0755, st_size=628684, ...}) = 0
getpgrp() = 15727
[...]
23159 write(2, "su: Permission denied\n(Ignored)\n", 32) = 32
The failing call seems to be a stat of the CWD, which is /tmp, which
is rwx all. Kinda weird, huh?
I could not find the solution in a cursory search of the Web. Have
you seen this before?
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft <madduck@debian.org>
: :' : proud Debian developer, admin, user, and author
`. `'`
`- Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
Attachment:
signature.asc
Description: Digital signature