On Wed, Jun 17, 2020 at 09:51:34AM -0600, Flareon Zulu wrote:
> On Wed, Jun 17, 2020, 09:04 Ken Moffat <[email protected]> wrote:
>
> > On Wed, Jun 17, 2020 at 09:26:19AM -0500, Bruce Dubbs wrote:
> > > On 6/17/20 9:19 AM, Ken Moffat wrote:
> > > > I've now completed, and booted, a build of the new-style LFS. I'm
> > > > loggied in (and using ssh to write this post). Both my normal
> > > > users (ken, lfs), as well as root can login - so the passwords are
> > > > correct.
> > > >
> > > > But only root can su, so I'm not going to be able to build anything
> > > > after I've built X and run 'startx'.
> > > >
> > > > If I try to su, either to root or to another user, I get:
> > > >
> > > > ken@plexi /sources/scripts/lfs-dev/git$ su - lfs
> > > > Password:
> > > > su: Authentication failure
> > > > [...]
> > > >
> > > > At this point I don't have PAM installed. 'su' is from shadow-4.8.1.
> > > >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > > > Looking at shadow, I've made two changes since my last successful
> > > > build:
> > > >
> > > > First, I applied the change to make the first user 1000 (until now I
> > > > had omitted that)
> > > >
> > > > sed -i 's/1000/999/' etc/useradd
> > > >
> > > > Second, I changed the sed to force SHA512 to match the book (just
> > > > reformatting) and git shows the following for my change:
> > > >
> > > > -sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \
> > > > - -e 's@/var/spool/mail@/var/mail@' etc/login.defs 2>$KM_LOG
> > > > +sed -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \
> > > > + -e 's@/var/spool/mail@/var/mail@' \
> > > > + -i etc/login.defs 2>$KM_LOG
> > > >
> > > > I'm at a loss to know where I should be looking. Any suggestions,
> > > > please ?
> > >
> > > I'm still a little behind you. I have not built PAM yet, but have you
> > > rebuilt shadow after PAM?
> > >
> > > -- Bruce
> > >
> > Hi Bruce, I have not installed PAM at this point.
> >
> > ĸen
>
> So, can you humor me, and add the pound sign in front of the new encryption
> method? It's been missing for, I don't know, at least 2 years? So the new
> sed would be:
>
>
> sed -e 's@#ENCRYPT_METHOD DES@#ENCRYPT_METHOD SHA512@'
>
>
> Flareon Zulu
>
I don't think so -
first, it works fine without the hash symbol (to me a pound sign is
'£') in 9.1.
second, if you look at /etc/login.defs in view or vim you can see
(from the syntax highlighting, assuming you have that enabled) that
'#' starts a comment. So, you seem to be inviting me to turn off
encryption.
Meanwhile, I tried to strace su - but even on 9.1 with the correct
password that ends up with Authentication failure.
ĸen
--
He died at the console, of hunger and thirst.
Next day he was buried, face-down, nine-edge first.
- the perfect programmer
--
http://lists.linuxfromscratch.org/listinfo/lfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
Do not top post on this list.
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?
http://en.wikipedia.org/wiki/Posting_style
