Re: [gentoo-user] Emerged world, now can't su

Tue, 08 Feb 2005 20:35:08 -0800 

Paul Varner wrote:

On Tue, 2005-02-08 at 19:02 -0800, Mike Payson wrote:


More info... I tried adding a test user & su'ing to that from my main user, and I can't do that either. This suggests that the problem isn't related to becoming root, but that something is corrupt. The user was created successfully, the shadow file looks fine to me, and I can su to other users from root, but clearly somewhere something isn't working right.

This is still not working... The logs don't say much, just:

Feb 8 18:51:18 [su] pam_authenticate: Permission denied



I can't duplicate the Permission denied error, no matter how much I mess
with PAM. However, given that I would verify /etc/pam.d/su is correct.
Here is what mine looks like:


It looks the same to me (mine is below-- am I missing something?). Since I can't even su to another normal user, I'm leaning to something being corrupted rather then misconfigured. If this were windows, I'd assume that something was just corrupt in memory & that rebooting would likely fix it. But since I probably won't be able to login again once I reboot, I'm obviously a bit hesitant to try it...


#%PAM-1.0

auth       sufficient   /lib/security/pam_rootok.so

# If you want to restrict users begin allowed to su even more,
# create /etc/security/suauth.allow (or to that matter) that is only
# writable by root, and add users that are allowed to su to that
# file, one per line.
#auth required /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow

# Uncomment this to allow users in the wheel group to su without
# entering a passwd.
#auth       sufficient   /lib/security/pam_wheel.so use_uid trust

# Alternatively to above, you can implement a list of users that do
# not need to supply a passwd with a list.
#auth sufficient /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass

# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth       required     /lib/security/pam_wheel.so use_uid

auth       required     /lib/security/pam_stack.so service=system-auth

account    required     /lib/security/pam_stack.so service=system-auth

password   required     /lib/security/pam_stack.so service=system-auth

session    required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_env.so
session    optional     /lib/security/pam_xauth.so


--
[email protected] mailing list

Reply via email to