Re: Useradd

Fri, 01 Dec 2006 15:11:15 -0800 

On 12/1/06, Geoffrey Thomas <[EMAIL PROTECTED]> wrote:


On Dec 1, 2006, at 3:21 PM, Dan Nicholson wrote:

> On 11/29/06, Geoffrey Thomas <[EMAIL PROTECTED]> wrote:
>>
>> After boot, I get a login request and put in root and password.
>> This logs me in and bash prompt comes up.
>> I added user test13 and changed passwordl
>> The auth.log says says as noted before.
>> I then ran su test13 and got /bin/bash permission denied.
>> Auth.log says  Successful su for test13 by root
>> Command users  returns root only.
>
> I decided to look at the shadow source to find out the source of this
> permission denied error. In src/login.c:
>
>        /*
>         * Allow authentication bypass only if real UID is zero.
>         */
>
>        if ((rflg || fflg || hflg) && !amroot) {
>                fprintf (stderr, _("%s: Permission denied.\n"), Prog);
>                exit (1);
>        }
>
> So, you are apparently going down the "authentication bypass" route.
> Why? Somehow, rflg, fflg or hflg are being set. These correspond to
> the -r, -f or -h switches. I don't recall how login is spawned, but
> something has gone wrong there. I wish you had strace installed.
>
> Which version of shadow did you install? Which version of LFS, for
> that matter?

LFS 6.2
Shadow 4.0.15
I don't seem to be having any problem running as rootl
I'll see if I can install strace.
The interesting thing is the various log files show the correct new
users and
Password changes.


This is a strange error. strace will help nail it down considerably.
You can get strace here:

http://sourceforge.net/projects/strace/

Installation is simple: ./configure --prefix=whatever, make, make install

Then login as root and do "strace -f -o logfile login testuser". It
will log all the system activity to logfile. There's a lot of output.
But the helpful part should be near the end. The "Permission Denied
..." should be in there.


Only other thing I've noticed is the setclock script fails on boot up.
The system runs. Date gives the correct time and date.
Don't know if login uses system time somehow or if this is even related.


Maybe. strace should nail that kind of issue.

--
Dan
--
http://linuxfromscratch.org/mailman/listinfo/lfs-support
FAQ: http://www.linuxfromscratch.org/lfs/faq.html
Unsubscribe: See the above information page





























					Reply via email to