Hi Otto, >>I would like to see the output of userinfo pyiu. Added to that, the >>output of getcap -f /etc/login.conf class, where class is the login >>class of teh user, as reported by userinfo.
login pyiu passwd WhatEverWasHere uid 1002 groups users wheel change NEVER class gecos Paul Yiu dir /home/pyiu shell /usr/local/bin/bash expire NEVER pyiu do not assign to any class as shown above. -bash-3.00# getcap -f /etc/login.conf default default: :path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin: :umask=022: :datasize-max=256M: :datasize-cur=75M: :maxproc-max=128: :maxproc-cur=64: :openfiles-cur=64: :stacksize-cur=4M: :localcipher=blowfish,6: :ypcipher=old: :auth=passwd,skey: :auth-ftp=passwd: >>Also, we need to see the exact command line used and errors reported. >>Not just some vague description. I use ssh.com client 3.2.9 to login as pyiu and type su to su as root and what has been capture in /var/log/authlog is Nov 21 11:27:02 openbsd1 su: BAD SU pyiu to root on /dev/ttyp0 I can provide more details if necessery. -- Regards, Paul Yiu Senior Systems & Network Administrator Max eCommerce Pty Ltd. http: www.maxecommerce.com Ph: +61 02 9651 3422 Fax: +61 02 9651 4622 Email: [EMAIL PROTECTED] This email and any attachments are confidential and may be subject to copyright, legal or some other professional privilege. They are intended solely for the attention and use of the named addressee(s). They may only be copied, distributed or disclosed with the consent of the copyright owner. If you have received this email by mistake or by breach of the confidentiality clause, please notify the sender immediately by return email and delete or destroy all copies of the email. Any confidentiality, privilege or copyright is not waived or lost because this email has been sent to you by mistake. Otto Moerbeek wrote: >On Mon, 21 Nov 2005, Lars Hansson wrote: > > > >>On Mon, 21 Nov 2005 14:02:17 +1100 >>Paul Yiu <[EMAIL PROTECTED]> wrote: >> >> >>>/etc/passwd >>>pyiu:*:1002:10:P Yiu:/home/pyiu:/usr/local/bin/bash >>> >>>/etc/group >>>wheel:*:0:root,pyiu >>> >>> >>10 != 0 >> >> > >Indeed, but what does that have to do with the problem? You do not >have to have wheel as primary group to be able to use su(1). > >I would like to see the output of userinfo pyiu. Added to that, the >output of getcap -f /etc/login.conf class, where class is the login >class of teh user, as reported by userinfo. > >Also, we need to see the exact command line used and errors reported. >Not just some vague description. > > -Otto