Annorax
17.06.04, 20:30
Seit fast einer Woche sitze ich am Problem, dass ich von user auf root mit "su" nicht wechseln kann. (Gentoo Linux). Googlen, Newsgroups, und diverse Foren konnten mir nicht helfen. Offensichtlich, Alle Lösungen, die ich gefunden habe, und offensichtlich bei anderen Usern geholen haben, haben bei mir nicht geholfen. Ich bekomme immer die Meldung: su: Authentication failure. Ich fange mal damit an, was ich alles ausprobiert habe.
Es liegt kein Tippfehler vor, sowie CAPS Lock is auch nie aktiviert.
/var/log/messages ergibt:
Jun 17 20:34:10 linux unix_chkpwd[19561]: check pass; user unknown
Jun 17 20:34:10 linux su(pam_unix)[19560]: authentication failure; logname= uid=1000 euid=1000 tty=pts/16 ruser=markus rhost= user=root
Jun 17 20:34:13 linux su[19560]: pam_authenticate: Authentication failure
Jun 17 20:34:15 linux su(pam_unix)[19556]: session closed for user markus
Jun 17 20:51:33 linux su(pam_unix)[15169]: session closed for user root
Jun 17 21:04:04 linux su(pam_unix)[19641]: session opened for user markus by (uid=0)
Jun 17 21:04:10 linux unix_chkpwd[19646]: check pass; user unknown
Jun 17 21:04:10 linux su(pam_unix)[19645]: authentication failure; logname= uid=1000 euid=1000 tty=pts/17 ruser=markus rhost= user=root
Jun 17 21:04:13 linux su[19645]: pam_authenticate: Authentication failure
Jun 17 21:04:16 linux su(pam_unix)[19641]: session closed for user markus
ls -al /bin/su ergibt:
-rwsr-xr-x 1 root root 24312 Jun 7 16:36 /bin/su
ls -al /bin/ps ergibt:
-r-xr-xr-x 1 root root 66356 Jun 7 16:42 /bin/ps
User muss dafür nicht zur Gruppe root gehören, sondern es gibt eine Gruppe "wheel", die für das Wechseln sorgt.
user ist natürlich bei der Gruppe "wheel".
/etc/group bestätigt das:
root::0:root
bin::1:root,bin,daemon
daemon::2:root,bin,daemon
sys::3:root,bin,adm
adm::4:root,adm,daemon,markus
tty::5:
disk::6:root,adm
lp::7:lp
mem::8:
kmem::9:
wheel::10:root,markus
floppy::11:root
mail::12:mail
news::13:news
uucp::14:uucp
man::15:man
cron::16:cron
console::17:
audio::18:markus
User wurde auch zur Gruppe "adm" hinzugefügt. (was auch immer das sein mag, aber in einem anderen Forum soll es jmd. geholfen haben), aber bei mir kein Erfolg.
User wurde zur Gruppe root hinzugefügt. Kein Erfolg.
User wurde gelöscht, neu angelegt, wieder gelöscht, ein anderer User erstellt. Überall das gleiche Problem: su: Authentication failure (nachdem das Passwort nach "su" eingegeben wurde)
Vielleicht hilfreiche Dateien: /etc/pam.d/system-auth:
#%PAM-1.0
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3
password sufficient /lib/security/pam_unix.so nullok md5 shadow use_authtok
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
oder
/etc/pam.d/su:
#%PAM-1.0
auth sufficient /lib/security/pam_rootok.so
# If you want to restrict users begin allowed to su even more,
# create /etc/security/suauth.allow (or to that matter) that is only
# writable by root, and add users that are allowed to su to that
# file, one per line.
#auth required /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow
# Uncomment this to allow users in the wheel group to su without
# entering a passwd.
#auth sufficient /lib/security/pam_wheel.so use_uid trust
# Alternatively to above, you can implement a list of users that do
# not need to supply a passwd with a list.
#auth sufficient /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass
# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth required /lib/security/pam_wheel.so use_uid
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_xauth.so
Hier habe ich übrigens versucht die letzten 6 Zeilen zu kommentieren. Wenn ich das tue, bekomme ich immerhin ein su: Permission denied anstatt su: Authentication failure.
usermod -G wheel,users,audio,adm markus im Nachhinein hilft auch nichts.
Hab auch mal die letzten Zeilen von "strace ps" herauskopiert. Vielleicht sagt es jemanden etwas:
read(6, "19711 (su) S 19698 19711 19698 3"..., 1023) = 203
close(6) = 0
open("/proc/19711/status", O_RDONLY) = 6
read(6, "Name:\tsu\nState:\tS (sleeping)\nSle"..., 1023) = 516
close(6) = 0
fstat64(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x401ee000
write(1, " PID TTY TIME CMD\n", 28 PID TTY TIME CMD
) = 28
open("/proc/tty/drivers", O_RDONLY) = 6
read(6, "/dev/tty /dev/tty "..., 9999) = 585
close(6) = 0
stat64("/dev/pts18", 0xbfffeb6c) = -1 ENOENT (No such file or directory)
stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
readlink("/proc/19711/fd/2", 0x4002f200, 4095) = -1 EACCES (Permission denied)
stat64("/dev/pts/18", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
write(1, "19711 pts/18 00:00:00 su\n", 2719711 pts/18 00:00:00 su
) = 27
stat64("/proc/19712", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/19712/stat", O_RDONLY) = 6
read(6, "19712 (bash) S 19711 19712 19698"..., 1023) = 211
close(6) = 0
open("/proc/19712/status", O_RDONLY) = 6
read(6, "Name:\tbash\nState:\tS (sleeping)\nS"..., 1023) = 518
close(6) = 0
stat64("/dev/pts18", 0xbfffeb6c) = -1 ENOENT (No such file or directory)
stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
readlink("/proc/19712/fd/2", "/dev/pts/18", 4095) = 11
stat64("/dev/pts/18", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
write(1, "19712 pts/18 00:00:00 bash\n", 2919712 pts/18 00:00:00 bash
) = 29
stat64("/proc/19717", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/19717/stat", O_RDONLY) = 6
read(6, "19717 (strace) R 19712 19717 196"..., 1023) = 197
close(6) = 0
open("/proc/19717/status", O_RDONLY) = 6
read(6, "Name:\tstrace\nState:\tR (running)\n"..., 1023) = 519
close(6) = 0
stat64("/dev/pts18", 0xbfffeb6c) = -1 ENOENT (No such file or directory)
stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
readlink("/proc/19717/fd/2", "/dev/pts/18", 4095) = 11
stat64("/dev/pts/18", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
write(1, "19717 pts/18 00:00:00 strace\n", 3119717 pts/18 00:00:00 strace
) = 31
stat64("/proc/19718", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/19718/stat", O_RDONLY) = 6
read(6, "19718 (ps) R 19717 19717 19698 3"..., 1023) = 188
close(6) = 0
open("/proc/19718/status", O_RDONLY) = 6
read(6, "Name:\tps\nState:\tR (running)\nSlee"..., 1023) = 519
close(6) = 0
stat64("/dev/pts18", 0xbfffeb6c) = -1 ENOENT (No such file or directory)
stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
readlink("/proc/19718/fd/2", "/dev/pts/18", 4095) = 11
stat64("/dev/pts/18", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
write(1, "19718 pts/18 00:00:00 ps\n", 2719718 pts/18 00:00:00 ps
) = 27
getdents64(5, /* 0 entries */, 1024) = 0
close(5) = 0
munmap(0x401ee000, 4096) = 0
exit_group(0) = ?
Derjenige, der dieses Problem lösen kann, hat meinen größten Respekt.
Es liegt kein Tippfehler vor, sowie CAPS Lock is auch nie aktiviert.
/var/log/messages ergibt:
Jun 17 20:34:10 linux unix_chkpwd[19561]: check pass; user unknown
Jun 17 20:34:10 linux su(pam_unix)[19560]: authentication failure; logname= uid=1000 euid=1000 tty=pts/16 ruser=markus rhost= user=root
Jun 17 20:34:13 linux su[19560]: pam_authenticate: Authentication failure
Jun 17 20:34:15 linux su(pam_unix)[19556]: session closed for user markus
Jun 17 20:51:33 linux su(pam_unix)[15169]: session closed for user root
Jun 17 21:04:04 linux su(pam_unix)[19641]: session opened for user markus by (uid=0)
Jun 17 21:04:10 linux unix_chkpwd[19646]: check pass; user unknown
Jun 17 21:04:10 linux su(pam_unix)[19645]: authentication failure; logname= uid=1000 euid=1000 tty=pts/17 ruser=markus rhost= user=root
Jun 17 21:04:13 linux su[19645]: pam_authenticate: Authentication failure
Jun 17 21:04:16 linux su(pam_unix)[19641]: session closed for user markus
ls -al /bin/su ergibt:
-rwsr-xr-x 1 root root 24312 Jun 7 16:36 /bin/su
ls -al /bin/ps ergibt:
-r-xr-xr-x 1 root root 66356 Jun 7 16:42 /bin/ps
User muss dafür nicht zur Gruppe root gehören, sondern es gibt eine Gruppe "wheel", die für das Wechseln sorgt.
user ist natürlich bei der Gruppe "wheel".
/etc/group bestätigt das:
root::0:root
bin::1:root,bin,daemon
daemon::2:root,bin,daemon
sys::3:root,bin,adm
adm::4:root,adm,daemon,markus
tty::5:
disk::6:root,adm
lp::7:lp
mem::8:
kmem::9:
wheel::10:root,markus
floppy::11:root
mail::12:mail
news::13:news
uucp::14:uucp
man::15:man
cron::16:cron
console::17:
audio::18:markus
User wurde auch zur Gruppe "adm" hinzugefügt. (was auch immer das sein mag, aber in einem anderen Forum soll es jmd. geholfen haben), aber bei mir kein Erfolg.
User wurde zur Gruppe root hinzugefügt. Kein Erfolg.
User wurde gelöscht, neu angelegt, wieder gelöscht, ein anderer User erstellt. Überall das gleiche Problem: su: Authentication failure (nachdem das Passwort nach "su" eingegeben wurde)
Vielleicht hilfreiche Dateien: /etc/pam.d/system-auth:
#%PAM-1.0
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3
password sufficient /lib/security/pam_unix.so nullok md5 shadow use_authtok
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
oder
/etc/pam.d/su:
#%PAM-1.0
auth sufficient /lib/security/pam_rootok.so
# If you want to restrict users begin allowed to su even more,
# create /etc/security/suauth.allow (or to that matter) that is only
# writable by root, and add users that are allowed to su to that
# file, one per line.
#auth required /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow
# Uncomment this to allow users in the wheel group to su without
# entering a passwd.
#auth sufficient /lib/security/pam_wheel.so use_uid trust
# Alternatively to above, you can implement a list of users that do
# not need to supply a passwd with a list.
#auth sufficient /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass
# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth required /lib/security/pam_wheel.so use_uid
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_xauth.so
Hier habe ich übrigens versucht die letzten 6 Zeilen zu kommentieren. Wenn ich das tue, bekomme ich immerhin ein su: Permission denied anstatt su: Authentication failure.
usermod -G wheel,users,audio,adm markus im Nachhinein hilft auch nichts.
Hab auch mal die letzten Zeilen von "strace ps" herauskopiert. Vielleicht sagt es jemanden etwas:
read(6, "19711 (su) S 19698 19711 19698 3"..., 1023) = 203
close(6) = 0
open("/proc/19711/status", O_RDONLY) = 6
read(6, "Name:\tsu\nState:\tS (sleeping)\nSle"..., 1023) = 516
close(6) = 0
fstat64(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x401ee000
write(1, " PID TTY TIME CMD\n", 28 PID TTY TIME CMD
) = 28
open("/proc/tty/drivers", O_RDONLY) = 6
read(6, "/dev/tty /dev/tty "..., 9999) = 585
close(6) = 0
stat64("/dev/pts18", 0xbfffeb6c) = -1 ENOENT (No such file or directory)
stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
readlink("/proc/19711/fd/2", 0x4002f200, 4095) = -1 EACCES (Permission denied)
stat64("/dev/pts/18", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
write(1, "19711 pts/18 00:00:00 su\n", 2719711 pts/18 00:00:00 su
) = 27
stat64("/proc/19712", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/19712/stat", O_RDONLY) = 6
read(6, "19712 (bash) S 19711 19712 19698"..., 1023) = 211
close(6) = 0
open("/proc/19712/status", O_RDONLY) = 6
read(6, "Name:\tbash\nState:\tS (sleeping)\nS"..., 1023) = 518
close(6) = 0
stat64("/dev/pts18", 0xbfffeb6c) = -1 ENOENT (No such file or directory)
stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
readlink("/proc/19712/fd/2", "/dev/pts/18", 4095) = 11
stat64("/dev/pts/18", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
write(1, "19712 pts/18 00:00:00 bash\n", 2919712 pts/18 00:00:00 bash
) = 29
stat64("/proc/19717", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/19717/stat", O_RDONLY) = 6
read(6, "19717 (strace) R 19712 19717 196"..., 1023) = 197
close(6) = 0
open("/proc/19717/status", O_RDONLY) = 6
read(6, "Name:\tstrace\nState:\tR (running)\n"..., 1023) = 519
close(6) = 0
stat64("/dev/pts18", 0xbfffeb6c) = -1 ENOENT (No such file or directory)
stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
readlink("/proc/19717/fd/2", "/dev/pts/18", 4095) = 11
stat64("/dev/pts/18", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
write(1, "19717 pts/18 00:00:00 strace\n", 3119717 pts/18 00:00:00 strace
) = 31
stat64("/proc/19718", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/19718/stat", O_RDONLY) = 6
read(6, "19718 (ps) R 19717 19717 19698 3"..., 1023) = 188
close(6) = 0
open("/proc/19718/status", O_RDONLY) = 6
read(6, "Name:\tps\nState:\tR (running)\nSlee"..., 1023) = 519
close(6) = 0
stat64("/dev/pts18", 0xbfffeb6c) = -1 ENOENT (No such file or directory)
stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
readlink("/proc/19718/fd/2", "/dev/pts/18", 4095) = 11
stat64("/dev/pts/18", {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 18), ...}) = 0
write(1, "19718 pts/18 00:00:00 ps\n", 2719718 pts/18 00:00:00 ps
) = 27
getdents64(5, /* 0 entries */, 1024) = 0
close(5) = 0
munmap(0x401ee000, 4096) = 0
exit_group(0) = ?
Derjenige, der dieses Problem lösen kann, hat meinen größten Respekt.