Re: Odd problem with SU command

Tue, 10 Oct 2006 15:52:47 -0700 

Post, Mark K wrote:

Marcy,

Your syntax is suspect to me.  According to the man page, -c specifies a
command to be executed, not a userid.


Whatcha smokin, man? id is a command:
[EMAIL PROTECTED] ~]$ su root -c id
Password:
uid=0(root) gid=0(root)
groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
context=root:system_r:unconfined_t
[EMAIL PROTECTED] ~]$


This, of course, us how Marcy should have shown is what works, what
doesn't;-)





Mark Post

-----Original Message-----
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of
Marcy Cortes
Sent: Tuesday, October 10, 2006 3:24 PM
To: [email protected]
Subject: Odd problem with SU command

Running Sles9x, SP3.

We have sw installed that authenticates users against Active Directory
using pam.d stuff (Vintela VAS).  Those users don't have to be in
/etc/passwd at all.

In trying to install db2, we needed to create a local userid.  Fine, no
problem this is supported.

But the su command returns rc 1 if the user is local and rc 0 if the
user is VAS.   This makes the db2icrt script fail.

Was wondering if someone out there is also using an off server
authentication method could check and see if it fails for them too?

From root:
        su (localuser) -c id
        echo $?
        su (non-localuser) -c id
        echo $?

Return code 1 is supposed to mean su failed, but su doesn't fail - we do
get the results of the command properly.

The RH Intel Linux servers don't have this problem and removing the VAS
calls from /etc/pam.d/su didn't seem to make a difference either.

We're reporting it to support, but was hoping to narrow it down to whose
support :)


Marcy Cortes

----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390




--

Cheers
John

-- spambait
[EMAIL PROTECTED]  [EMAIL PROTECTED]
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/

Please do not reply off-list

----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390

Reply via email to