[solved] su does not work anymore
Am Freitag, 1. Mai 2020, 22:32:58 CEST schrieb Rainer Dorsch:
> Hello,
>
> I had an accidential / in a
>
> # chown -R install-user /xyz/dfak /
>
> command. Changing the ownership / recursively is certainly not a good idea.
>
> I did revert this by
>
> #chown -R root /etc /bin /usr ...
>
> (all directories why were owned by install-user).
>
> That was certainly overdone, so I used
>
> find . \! -user root -print
>
> on another system with a similar package list to get a list of files which
> are not owned by root.
>
> What still does not work is "su -".
>
> The log in /var/log/auth.log is given by
>
> May 1 22:07:46 h370 unix_chkpwd[12768]: check pass; user unknown
> May 1 22:07:46 h370 unix_chkpwd[12768]: password check failed for user
> (root) May 1 22:07:46 h370 su: pam_unix(su-l:auth): authentication
> failure; logname=rd uid=2809 euid=2809 tty=pts/0 ruser=rd rhost= user=root
> May 1 22:07:48 h370 su: FAILED SU (to root) rd on pts/0
>
> root login on a console works.
>
> Any suggestion to find out what goes wrong (and avoid reinstallation) is
> welcome :-)
https://www.linuxquestions.org/questions/linux-security-4/unix-chkpwd-problem-with-linux-pam-1-1-1-trying-to-run-su-from-shadow-4-1-4-2-a-826418/
had the answer: su has an s flag for the user.
It seems this got lost by a chown.
# find / -perm /4000 -user root
seems to be my friend now to identify other files which have a similar issue
:-/
Rainer
--
Rainer Dorsch
Beatus-Widmann-Str. 5
72138 Kirchentellinsfurt
07157/734133
Reply to: