Re: FreeBSD and IPMI how-to (was Re: su problem)
Hi, all, Am 15.06.2012 um 03:27 schrieb Matthew X. Economou: Daniel Braniss writes: just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. Did you kldload ipmi ? What's the output of dmesg kldstat after loading the module? With the module loaded, you should be able to get something like this: devel# ipmitool sensor Ambient | 23.500 | degrees C | ok| na| 1.000 | 6.000 | 37.000| 42.000| na Systemboard | 32.000 | degrees C | ok| na| na| na | 60.000| 65.000| na CPU1 | 49.000 | degrees C | ok| na| na| na | 93.000| 97.000| na CPU2 | 48.000 | degrees C | ok| na| na| na | 93.000| 97.000| na ... FAN1 SYS | 6120.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN2 SYS | 6480.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN3 SYS | 6000.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN4 SYS | 6480.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN5 SYS | 6120.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN6 SYS | 6480.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN7 SYS | 6120.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN8 SYS | 6480.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN9 SYS | 6240.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN10 SYS| 6720.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN11 SYS| 6240.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN12 SYS| 6720.000 | RPM| ok| na| 1920.000 | na | na| na| na PSU1 Power | 100.000| Watts | ok| na| na| na | na| na| na PSU2 Power | 96.000 | Watts | ok| na| na| na | na| na| na Total Power | 196.000| Watts | ok| na| na| na | na| na| na Total Power Out | 172.000| Watts | ok| na| na| na | na| na| na ... Kind regards, Patrickj -- punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe Tel. 0721 9109 0 * Fax 0721 9109 100 i...@punkt.de http://www.punkt.de Gf: Jürgen Egeling AG Mannheim 108285 ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD and IPMI how-to (was Re: su problem)
Hi, On 15 Jun 2012, at 02:27, Matthew X. Economou wrote: Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. To get things like remote management and serial over LAN working, the config has to be right on both the OS and the platform. Others have addressed the FreeBSD end; configuration of the platform is documented here: http://support.dell.com/support/edocs/software/smbmcmu but you'll have to figure out which version is applicable to your box. When you have ipmitool working, the output of `ipmitool mc info' may help with that. Also, it seems like your box implements IPMI v1.5, which is rather less friendly than v2. -- Bob Bishop r...@gid.co.uk ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD and IPMI how-to (was Re: su problem)
Daniel Braniss writes: Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. http://blog.multiplay.co.uk/2011/06/ipmi-under-freebsd-is-easy/ Regards Steve This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to postmas...@multiplay.co.uk. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD and IPMI how-to (was Re: su problem)
i want two things from ipmi, reset and kva console. freebsd ipmitool gives me the first, and i already had an apc controlled power bar. randy ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD and IPMI how-to (was Re: su problem)
Hi, all, Am 15.06.2012 um 03:27 schrieb Matthew X. Economou: Daniel Braniss writes: just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. Did you kldload ipmi ? What's the output of dmesg kldstat after loading the module? With the module loaded, you should be able to get something like this: devel# ipmitool sensor Ambient | 23.500 | degrees C | ok| na| 1.000 = | 6.000 | 37.000| 42.000| na Systemboard | 32.000 | degrees C | ok| na| na = | na| 60.000| 65.000| na CPU1 | 49.000 | degrees C | ok| na| na = | na| 93.000| 97.000| na CPU2 | 48.000 | degrees C | ok| na| na = | na| 93.000| 97.000| na ... [...] the ipmi kernel module allows interfacing/communicating with the 'local system', which is nice, unless the kernel went bonkers. You can - after some configuring(*) - connect from another host via something like: ipmitool -A MD5 -H remote-host-ipmi-module-ip-address -U root -I lanplus sol activate and get the remote host console, or do a power cycle: ipmitool -A MD5 -H remote-host-ipmi-module-ip-address -U root power cycle danny *: you need configure/enable the bios/drac. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD and IPMI how-to (was Re: su problem)
On Thu, Jun 14, 2012 at 6:27 PM, Matthew X. Economou xenop...@irtnog.org wrote: ... Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. We have HP boxes here with IPMI (mostly v1.5), and by and large, there isn't much FreeBSD configuration. The set of things I do for serial over LAN are the same as for a regular serial console: 1) create /boot.config with the line -D -S115200 2) create /boot/loader.conf with the lines boot_multicons=YES comconsole_speed=115200 console=comconsole,vidconsole 3) change /etc/ttys to allow a login over the console. something similar to ttyu0 /usr/libexec/getty std.115200 vt100 on secure The rest of the configuration is in the BIOS and tends to be vendor specific. Once this is configured, you can use something like ipmitool to control power (chassis power on, chassis power reset, ...) and get a serial console (sol activate). HTH. ---chuck ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On 6/10/12 1:52 PM, Daniel Braniss wrote: Sami Halabi sodyn...@gmail.com wrote: Hi Oliver, I saw you had similar problem for console on 2010 http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stab=le-8-td3950684.html No, I don't think that the problem is related. My problem was with the serial console, while you don't have a serial console attached at all (at least you didn't mention it). but the thread wasn't ended by recommendation or conclusions by you. did you solve that problem then? No, I came to the conclusion that the serial console support in FreeBSD 8 was broken somehow. So I removed the console cable; it's running with an old VGA CRT as the console for now. Fortunately I require console access very seldom, so I don't have to drive to that machine often. It's still annoying, but I didn't find a better solution; downgrading to 7.x isn't an option. just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) WARNING: control access to these devices, specialy since root can login on the console! danny Daniel, would you kindly elaborate on the DRAC console redirection thingy ? We're using Dells here and I loathe having to use their web interface and the java app to get a console shell. you need the drac module - sometimes it's optional, but if you can access it via the web you probably have it. you will have to: set the bios to allow serial over ethernet, I can't remember off heart at the moment. configure /boot/loader.conf: console=comconsole,vidconsole comconsole_speed=38400-- the speed is what you set it in the bios configure /boot/device.hints: hint.uart.0.flags=0x10-- or .1. depending on the bios settings install from ports sysutils/ipmitools connect the ethernet port and finaly: ipmitool -A MD5 -H c hostname.drac -U root -I lanplus sol activate danny ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
FreeBSD and IPMI how-to (was Re: su problem)
Daniel Braniss writes: just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. Best wishes, Matthew -- I FIGHT FOR THE USERS smime.p7s Description: S/MIME cryptographic signature
Re: FreeBSD and IPMI how-to (was Re: su problem)
On Thu, 2012-06-14 at 18:27 -0700, Matthew X. Economou wrote: Daniel Braniss writes: just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. Best wishes, Matthew I would start with installing the ipmitool port. Other may suggest freeipmi and openipmi for great justice. try poking around with sudo ipmitool shell and see if you can figure out what's going on. Sean ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On Mon, 11 Jun 2012 15:53:34 +0200, Sami Halabi sodyn...@gmail.com wrote: Hi, I opened 2 terminals with user sody. in first i hit su -, and supplied password, it was stcuked. in the other I did: %ps xau | grep su sody 39830 0.0 0.0 9124 1500 0 S+4:51PM 0:00.00 grep su root 39812 0.0 0.0 21732 2088 1 I 4:49PM 0:00.00 su - root 39813 0.0 0.0 21732 2108 1 I+4:49PM 0:00.00 su - %procstat -kk 39812 PIDTID COMM TDNAME KSTACK %procstat -kk 39813 PIDTID COMM TDNAME KSTACK % Mmmm, I'm out of options than. Maybe somebody else has a good idea. Ronald. Sami On Mon, Jun 11, 2012 at 11:14 AM, Ronald Klop ronald-freeb...@klop.yi.orgwrote: On Sat, 09 Jun 2012 18:42:27 +0200, Eugene Grosbein egrosb...@rdtc.ru wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein Can you see what su is doing with procstat -kk pid? __**_ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/**mailman/listinfo/freebsd-**stablehttp://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscribe@**freebsd.orgfreebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
truss, ktrace the sody user is member of wheel? On 6/12/12, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Mon, 11 Jun 2012 15:53:34 +0200, Sami Halabi sodyn...@gmail.com wrote: Hi, I opened 2 terminals with user sody. in first i hit su -, and supplied password, it was stcuked. in the other I did: %ps xau | grep su sody 39830 0.0 0.0 9124 1500 0 S+4:51PM 0:00.00 grep su root 39812 0.0 0.0 21732 2088 1 I 4:49PM 0:00.00 su - root 39813 0.0 0.0 21732 2108 1 I+4:49PM 0:00.00 su - %procstat -kk 39812 PIDTID COMM TDNAME KSTACK %procstat -kk 39813 PIDTID COMM TDNAME KSTACK % Mmmm, I'm out of options than. Maybe somebody else has a good idea. Ronald. Sami On Mon, Jun 11, 2012 at 11:14 AM, Ronald Klop ronald-freeb...@klop.yi.orgwrote: On Sat, 09 Jun 2012 18:42:27 +0200, Eugene Grosbein egrosb...@rdtc.ru wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein Can you see what su is doing with procstat -kk pid? __**_ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/**mailman/listinfo/freebsd-**stablehttp://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscribe@**freebsd.orgfreebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On 6/10/12 1:52 PM, Daniel Braniss wrote: Sami Halabi sodyn...@gmail.com wrote: Hi Oliver, I saw you had similar problem for console on 2010 http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stab=le-8-td3950684.html No, I don't think that the problem is related. My problem was with the serial console, while you don't have a serial console attached at all (at least you didn't mention it). but the thread wasn't ended by recommendation or conclusions by you. did you solve that problem then? No, I came to the conclusion that the serial console support in FreeBSD 8 was broken somehow. So I removed the console cable; it's running with an old VGA CRT as the console for now. Fortunately I require console access very seldom, so I don't have to drive to that machine often. It's still annoying, but I didn't find a better solution; downgrading to 7.x isn't an option. just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) WARNING: control access to these devices, specialy since root can login on the console! danny Daniel, would you kindly elaborate on the DRAC console redirection thingy ? We're using Dells here and I loathe having to use their web interface and the java app to get a console shell. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On 6/9/12 9:55 AM, Sami Halabi wrote: Hi, I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2. once done, i created regular accounts, in wheel group. first all was okay, but suddenly i found my self blocked out, because i can't ssh as root, and i can't su either, when i su i get this: %su - Password: and it stuck in that state whitout givving me root shell #. any ideas how to solve this problem? the system is in the servers farm and i need to drive 3 hours each direction, so if there is remote solution i would appreciate it. %more /etc/group # $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith Exp $ # wheel:*:0:root,sody . . . sody:*:1001: Thanks in advance, Ok so, I've read all the replies so far and I'm a bit perplexed. Sami, before you drive 3 hours to and 3 hours fro, kindly log in as sody over SSH, then try login to connect *locally* as the root user. If that works, you'll at least have recovered root access and will be able to install sudo, which should help you a great deal. Of course there's still the matter of finding what's wrong with your machine, afterwards. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Damien Fleuriot m...@my.gd wrote: Ok so, I've read all the replies so far and I'm a bit perplexed. Sami, before you drive 3 hours to and 3 hours fro, kindly log in as sody over SSH, then try login to connect *locally* as the root user. That won't work. Unless you've disabled the securetty check in /etc/pam.d/login, but it is there for a reason. Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd It combines all the worst aspects of C and Lisp: a billion different sublanguages in one monolithic executable. It combines the power of C with the readability of PostScript. -- Jamie Zawinski, when asked: What's wrong with perl? ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On 6/12/12 3:00 PM, Oliver Fromme wrote: Damien Fleuriot m...@my.gd wrote: Ok so, I've read all the replies so far and I'm a bit perplexed. Sami, before you drive 3 hours to and 3 hours fro, kindly log in as sody over SSH, then try login to connect *locally* as the root user. That won't work. Unless you've disabled the securetty check in /etc/pam.d/login, but it is there for a reason. Best regards Oliver Aw :( With a bit of luck, anything that would just start a command without trying for an actual shell ? Perhaps su -m root -c 'cd /etc/ssh/ sed -i .bak -e s/PermitRootLogin no/PermitRootLogin yes/' ? That way he could toggle remote root logins. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
%su -m root -c 'cd /etc/ssh/ sed -i .bak -e s/PermitRootLogin no/PermitRootLogin yes/' Password: load: 0.00 cmd: su 42619 [ttydcd] 3.20r 0.00u 0.00s 0% 2088k :( I think there is no good solution but driving to the machine itself... Sami On Tue, Jun 12, 2012 at 4:10 PM, Damien Fleuriot m...@my.gd wrote: On 6/12/12 3:00 PM, Oliver Fromme wrote: Damien Fleuriot m...@my.gd wrote: Ok so, I've read all the replies so far and I'm a bit perplexed. Sami, before you drive 3 hours to and 3 hours fro, kindly log in as sody over SSH, then try login to connect *locally* as the root user. That won't work. Unless you've disabled the securetty check in /etc/pam.d/login, but it is there for a reason. Best regards Oliver Aw :( With a bit of luck, anything that would just start a command without trying for an actual shell ? Perhaps su -m root -c 'cd /etc/ssh/ sed -i .bak -e s/PermitRootLogin no/PermitRootLogin yes/' ? That way he could toggle remote root logins. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On Sat, 09 Jun 2012 18:42:27 +0200, Eugene Grosbein egrosb...@rdtc.ru wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein Can you see what su is doing with procstat -kk pid? ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Hi, I opened 2 terminals with user sody. in first i hit su -, and supplied password, it was stcuked. in the other I did: %ps xau | grep su sody 39830 0.0 0.0 9124 1500 0 S+4:51PM 0:00.00 grep su root 39812 0.0 0.0 21732 2088 1 I 4:49PM 0:00.00 su - root 39813 0.0 0.0 21732 2108 1 I+4:49PM 0:00.00 su - %procstat -kk 39812 PIDTID COMM TDNAME KSTACK %procstat -kk 39813 PIDTID COMM TDNAME KSTACK % Sami On Mon, Jun 11, 2012 at 11:14 AM, Ronald Klop ronald-freeb...@klop.yi.orgwrote: On Sat, 09 Jun 2012 18:42:27 +0200, Eugene Grosbein egrosb...@rdtc.ru wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein Can you see what su is doing with procstat -kk pid? __**_ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/**mailman/listinfo/freebsd-**stablehttp://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscribe@**freebsd.orgfreebsd-stable-unsubscr...@freebsd.org -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Hi Oliver, I saw you had similar problem for console on 2010 http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stable-8-td3950684.html but the thread wasn't ended by recommendation or conclusions by you. did you solve that problem then? it seems i have something similr. look at the logs: %tail /var/log/messages Jun 7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a Jun 7 19:54:36 vps16 kernel: bge0: link state changed to UP Jun 7 20:18:04 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 Jun 7 20:18:04 vps16 kernel: ukbd0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:18:04 vps16 kernel: kbd2 at ukbd0 Jun 7 20:18:05 vps16 kernel: uhid0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1 Jun 7 20:21:19 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 (disconnected) Jun 7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected) Jun 7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected) i had a keyboard attached but then removed after the system went up. Thanks in advance, Sami On Sat, Jun 9, 2012 at 5:43 PM, wrote: Sami Halabi sodyn...@gmail.com wrote: %id uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel) % i have another account also id 1002 - sody2, also in group wheel. i can ssh using user sody/sody2, however su doesn't work if i do: su sody2, when i logged in with user sody. it seems that su is broken somehow Something is definitely broken. Maybe the suid-root bit was accidentally removed from the su binary? What is the output from ls -l /usr/bin/su? Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd If you think C++ is not overly complicated, just what is a protected abstract virtual base pure virtual private destructor, and when was the last time you needed one? -- Tom Cargil, C++ Journal -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Sami Halabi sodyn...@gmail.com wrote: Hi Oliver, I saw you had similar problem for console on 2010 http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stable-8-td3950684.html No, I don't think that the problem is related. My problem was with the serial console, while you don't have a serial console attached at all (at least you didn't mention it). but the thread wasn't ended by recommendation or conclusions by you. did you solve that problem then? No, I came to the conclusion that the serial console support in FreeBSD 8 was broken somehow. So I removed the console cable; it's running with an old VGA CRT as the console for now. Fortunately I require console access very seldom, so I don't have to drive to that machine often. It's still annoying, but I didn't find a better solution; downgrading to 7.x isn't an option. Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd ... there are two ways of constructing a software design: One way is to make it so simple that there are _obviously_ no deficiencies and the other way is to make it so complicated that there are no _obvious_ deficiencies.-- C.A.R. Hoare, ACM Turing Award Lecture, 1980 ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Sami Halabi sodyn...@gmail.com wrote: Hi Oliver, I saw you had similar problem for console on 2010 http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stab=le-8-td3950684.html No, I don't think that the problem is related. My problem was with the serial console, while you don't have a serial console attached at all (at least you didn't mention it). but the thread wasn't ended by recommendation or conclusions by you. did you solve that problem then? No, I came to the conclusion that the serial console support in FreeBSD 8 was broken somehow. So I removed the console cable; it's running with an old VGA CRT as the console for now. Fortunately I require console access very seldom, so I don't have to drive to that machine often. It's still annoying, but I didn't find a better solution; downgrading to 7.x isn't an option. just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) WARNING: control access to these devices, specialy since root can login on the console! danny ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Well,in8.1 8.2it worked fine for me, in 8.3 i got this problem. On Sun, Jun 10, 2012 at 2:52 PM, Daniel Braniss da...@cs.huji.ac.il wrote: Sami Halabi sodyn...@gmail.com wrote: Hi Oliver, I saw you had similar problem for console on 2010 http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stab=le-8-td3950684.html No, I don't think that the problem is related. My problem was with the serial console, while you don't have a serial console attached at all (at least you didn't mention it). but the thread wasn't ended by recommendation or conclusions by you. did you solve that problem then? No, I came to the conclusion that the serial console support in FreeBSD 8 was broken somehow. So I removed the console cable; it's running with an old VGA CRT as the console for now. Fortunately I require console access very seldom, so I don't have to drive to that machine often. It's still annoying, but I didn't find a better solution; downgrading to 7.x isn't an option. just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) WARNING: control access to these devices, specialy since root can login on the console! danny -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
10.06.2012 01:45, Sami Halabi пишет: Hi, %sysctl kern.console kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom, %tail /var/log/messages Jun 7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a Jun 7 19:54:36 vps16 kernel: bge0: link state changed to UP Jun 7 20:18:04 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 Jun 7 20:18:04 vps16 kernel: ukbd0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:18:04 vps16 kernel: kbd2 at ukbd0 Jun 7 20:18:05 vps16 kernel: uhid0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1 Jun 7 20:21:19 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 (disconnected) Jun 7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected) Jun 7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected) % the system was loaded with keyboard and disconnected later if i understand the logs... New ideas are appreciated, and thanks in advance, Sami I still believe your problem concerns serial console: su writes to it, indirectly - it notes root login through syslogd that writes the message to /dev/console and locks in your case, locking su. Eugene Grosbein ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
But how do I solve the problem? On Sun, Jun 10, 2012 at 7:17 PM, Eugene Grosbein egrosb...@rdtc.ru wrote: 10.06.2012 01:45, Sami Halabi пишет: Hi, %sysctl kern.console kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom, %tail /var/log/messages Jun 7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a Jun 7 19:54:36 vps16 kernel: bge0: link state changed to UP Jun 7 20:18:04 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 Jun 7 20:18:04 vps16 kernel: ukbd0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:18:04 vps16 kernel: kbd2 at ukbd0 Jun 7 20:18:05 vps16 kernel: uhid0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1 Jun 7 20:21:19 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 (disconnected) Jun 7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected) Jun 7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected) % the system was loaded with keyboard and disconnected later if i understand the logs... New ideas are appreciated, and thanks in advance, Sami I still believe your problem concerns serial console: su writes to it, indirectly - it notes root login through syslogd that writes the message to /dev/console and locks in your case, locking su. Eugene Grosbein -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
11.06.2012 00:28, Sami Halabi пишет: But how do I solve the problem? First you know for sure if it's true. Please show output of grep console /etc/syslog.conf and kenv | grep console. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Hi, %grep console /etc/syslog.conf *.err;kern.warning;auth.notice;mail.crit/dev/console # uncomment this to log all writes to /dev/console to /var/log/console.log #console.info /var/log/console.log % %kenv | grep console comconsole_speed=9600 console=vidconsole % does this makes us sure with the problem? Sami On Sun, Jun 10, 2012 at 8:58 PM, Eugene Grosbein egrosb...@rdtc.ru wrote: 11.06.2012 00:28, Sami Halabi пишет: But how do I solve the problem? First you know for sure if it's true. Please show output of grep console /etc/syslog.conf and kenv | grep console. -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
11.06.2012 01:21, Sami Halabi пишет: Hi, %grep console /etc/syslog.conf *.err;kern.warning;auth.notice;mail.crit/dev/console # uncomment this to log all writes to /dev/console to /var/log/console.log #console.info http://console.info /var/log/console.log % %kenv | grep console comconsole_speed=9600 console=vidconsole % does this makes us sure with the problem? No, this is against my proposition: console=vidconsole states that /dev/console is not serial port but VGA output that cannot lock... Sorry, no other thoughts yet... ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
10.06.2012 18:57, Sami Halabi пишет: Well,in8.1 8.2it worked fine for me, in 8.3 i got this problem. Have you asked someone to power cycle the box? The problem may go away if it was caused by unusual actions at boot... Eugene Grosbein ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
I'll try to reboot the machine when I go to the farm during this week, and i'll report. Thanks for all who tried to help. Sami On Sun, Jun 10, 2012 at 9:29 PM, Eugene Grosbein egrosb...@rdtc.ru wrote: 10.06.2012 18:57, Sami Halabi пишет: Well,in8.1 8.2it worked fine for me, in 8.3 i got this problem. Have you asked someone to power cycle the box? The problem may go away if it was caused by unusual actions at boot... Eugene Grosbein -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Anything in the /var/log files give you a clue? On Jun 10, 2012 10:29 AM, Sami Halabi sodyn...@gmail.com wrote: But how do I solve the problem? On Sun, Jun 10, 2012 at 7:17 PM, Eugene Grosbein egrosb...@rdtc.ru wrote: 10.06.2012 01:45, Sami Halabi пишет: Hi, %sysctl kern.console kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom, %tail /var/log/messages Jun 7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a Jun 7 19:54:36 vps16 kernel: bge0: link state changed to UP Jun 7 20:18:04 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 Jun 7 20:18:04 vps16 kernel: ukbd0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:18:04 vps16 kernel: kbd2 at ukbd0 Jun 7 20:18:05 vps16 kernel: uhid0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1 Jun 7 20:21:19 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 (disconnected) Jun 7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected) Jun 7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected) % the system was loaded with keyboard and disconnected later if i understand the logs... New ideas are appreciated, and thanks in advance, Sami I still believe your problem concerns serial console: su writes to it, indirectly - it notes root login through syslogd that writes the message to /dev/console and locks in your case, locking su. Eugene Grosbein -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
su problem
Hi, I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2. once done, i created regular accounts, in wheel group. first all was okay, but suddenly i found my self blocked out, because i can't ssh as root, and i can't su either, when i su i get this: %su - Password: and it stuck in that state whitout givving me root shell #. any ideas how to solve this problem? the system is in the servers farm and i need to drive 3 hours each direction, so if there is remote solution i would appreciate it. %more /etc/group # $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith Exp $ # wheel:*:0:root,sody . . . sody:*:1001: Thanks in advance, -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Sami Halabi sodyn...@gmail.com wrote: I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2. once done, i created regular accounts, in wheel group. first all was okay, but suddenly i found my self blocked out, because i can't ssh as root, and i can't su either, when i su i get this: %su - Password: and it stuck in that state whitout givving me root shell #. What's the output from id? Does it include 0(wheel)? And are you 100% sure that you know the correct root password? If you don't, you will have to drive to the machine and fix it from the console, I'm afraid. There's no other way, unless you discover a yet-unknown local root exploit. ;-) Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd With Perl you can manipulate text, interact with programs, talk over networks, drive Web pages, perform arbitrary precision arithmetic, and write programs that look like Snoopy swearing. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On Sat, Jun 9, 2012 at 3:35 AM, Oliver Fromme o...@lurza.secnetix.dewrote: Sami Halabi sodyn...@gmail.com wrote: I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2. once done, i created regular accounts, in wheel group. first all was okay, but suddenly i found my self blocked out, because i can't ssh as root, and i can't su either, when i su i get this: %su - Password: and it stuck in that state whitout givving me root shell #. What's the output from id? Does it include 0(wheel)? And are you 100% sure that you know the correct root password? If you don't, you will have to drive to the machine and fix it from the console, I'm afraid. There's no other way, unless you discover a yet-unknown local root exploit. ;-) Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd With Perl you can manipulate text, interact with programs, talk over networks, drive Web pages, perform arbitrary precision arithmetic, and write programs that look like Snoopy swearing. Please see , http://www.freebsd.org/cgi/man.cgi?query=login.accesssektion=5apropos=0manpath=FreeBSD+9.0-RELEASE http://www.freebsd.org/cgi/man.cgi?query=loginapropos=0sektion=0manpath=FreeBSD+9.0-RELEASEarch=defaultformat=html http://www.freebsd.org/cgi/man.cgi?query=telnetdsektion=8apropos=0manpath=FreeBSD+9.0-RELEASE http://www.freebsd.org/cgi/man.cgi?query=login.confsektion=5apropos=0manpath=FreeBSD+9.0-RELEASE and , define remote login capability , otherwise the system will not permit remote root login because of it has dangerous security vulnerability . Thank you very much . Mehmet Erol Sanliturk ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Hi, %id uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel) % i have another account also id 1002 - sody2, also in group wheel. i can ssh using user sody/sody2, however su doesn't work if i do: su sody2, when i logged in with user sody. it seems that su is broken somehow any ideas? Thanks, Sami On Sat, Jun 9, 2012 at 2:07 PM, Mehmet Erol Sanliturk m.e.sanlit...@gmail.com wrote: On Sat, Jun 9, 2012 at 3:35 AM, Oliver Fromme o...@lurza.secnetix.dewrote: Sami Halabi sodyn...@gmail.com wrote: I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2. once done, i created regular accounts, in wheel group. first all was okay, but suddenly i found my self blocked out, because i can't ssh as root, and i can't su either, when i su i get this: %su - Password: and it stuck in that state whitout givving me root shell #. What's the output from id? Does it include 0(wheel)? And are you 100% sure that you know the correct root password? If you don't, you will have to drive to the machine and fix it from the console, I'm afraid. There's no other way, unless you discover a yet-unknown local root exploit. ;-) Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd With Perl you can manipulate text, interact with programs, talk over networks, drive Web pages, perform arbitrary precision arithmetic, and write programs that look like Snoopy swearing. Please see , http://www.freebsd.org/cgi/man.cgi?query=login.accesssektion=5apropos=0manpath=FreeBSD+9.0-RELEASE http://www.freebsd.org/cgi/man.cgi?query=loginapropos=0sektion=0manpath=FreeBSD+9.0-RELEASEarch=defaultformat=html http://www.freebsd.org/cgi/man.cgi?query=telnetdsektion=8apropos=0manpath=FreeBSD+9.0-RELEASE http://www.freebsd.org/cgi/man.cgi?query=login.confsektion=5apropos=0manpath=FreeBSD+9.0-RELEASE and , define remote login capability , otherwise the system will not permit remote root login because of it has dangerous security vulnerability . Thank you very much . Mehmet Erol Sanliturk -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Hmm.. I don't get shell to send any commands, its just go a newline and stuck there until i hit CTRL-C and go back. waiting for long time doesn't work either Sami On Sat, Jun 9, 2012 at 3:24 PM, David Wolfskill da...@catwhisker.orgwrote: On Sat, Jun 09, 2012 at 03:21:29PM +0300, Sami Halabi wrote: Hi, %id uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel) % i have another account also id 1002 - sody2, also in group wheel. i can ssh using user sody/sody2, however su doesn't work if i do: su sody2, when i logged in with user sody. it seems that su is broken somehow any ideas? You might want to check the output of id after you've done that, then. ... Peace, david -- David H. Wolfskill da...@catwhisker.org Depriving a girl or boy of an opportunity for education is evil. See http://www.catwhisker.org/~david/publickey.gpg for my public key. -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
%su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 4.81r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 5.34r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 5.72r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 6.21r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 6.67r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 7.14r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 7.53r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 7.89r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.14r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k Thanks, Sami On Sat, Jun 9, 2012 at 3:36 PM, David Wolfskill da...@catwhisker.orgwrote: On Sat, Jun 09, 2012 at 03:32:44PM +0300, Sami Halabi wrote: Hmm.. I don't get shell to send any commands, its just go a newline and stuck there until i hit CTRL-C and go back. waiting for long time doesn't work either ^T can sometimes provide clues as to the resource for which the process is waiting. Peace, david -- David H. Wolfskill da...@catwhisker.org Depriving a girl or boy of an opportunity for education is evil. See http://www.catwhisker.org/~david/publickey.gpg for my public key. -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On Sat, 09 Jun 2012 09:55:28 +0200, Sami Halabi sodyn...@gmail.com wrote: Hi, I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2. once done, i created regular accounts, in wheel group. first all was okay, but suddenly i found my self blocked out, because i can't ssh as root, and i can't su either, when i su i get this: %su - Password: and it stuck in that state whitout givving me root shell #. any ideas how to solve this problem? the system is in the servers farm and i need to drive 3 hours each direction, so if there is remote solution i would appreciate it. %more /etc/group # $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith Exp $ # wheel:*:0:root,sody . . . sody:*:1001: Thanks in advance, It does not solve your problem now, but if it is a couple of hours away arrange some remote serial console access. Ronald. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
is it possible to set serial console over ip? or i need null cable? On Sat, Jun 9, 2012 at 3:58 PM, Ronald Klop ronald-freeb...@klop.yi.orgwrote: On Sat, 09 Jun 2012 09:55:28 +0200, Sami Halabi sodyn...@gmail.com wrote: Hi, I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2. once done, i created regular accounts, in wheel group. first all was okay, but suddenly i found my self blocked out, because i can't ssh as root, and i can't su either, when i su i get this: %su - Password: and it stuck in that state whitout givving me root shell #. any ideas how to solve this problem? the system is in the servers farm and i need to drive 3 hours each direction, so if there is remote solution i would appreciate it. %more /etc/group # $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith Exp $ # wheel:*:0:root,sody . . . sody:*:1001: Thanks in advance, It does not solve your problem now, but if it is a couple of hours away arrange some remote serial console access. Ronald. __**_ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/**mailman/listinfo/freebsd-**stablehttp://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscribe@**freebsd.orgfreebsd-stable-unsubscr...@freebsd.org -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Hi, /var/log/messages - no new logs %id sody2 uid=1002(sody2) gid=1002(sody2) groups=1002(sody2),0(wheel) % i did top on one session and followed it after I issued su - the only new process issued is su and it stays there even after I supply the password... This is really strange, it never happend to me in earlier releases even su sody2 worked, but stopped after a while... Help me please... Sami On Sat, Jun 9, 2012 at 4:05 PM, David Wolfskill da...@catwhisker.orgwrote: On Sat, Jun 09, 2012 at 03:47:07PM +0300, Sami Halabi wrote: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k ... load: 0.00 cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k ... Well, that wasn't as helpful as it might have been, then -- though it does clearly indicate that the process isn't waiting on (say) keyboard input. Have you checked messages (e.g., /var/log/messages)? Also, while you're logged in as your primary account, the output of id sody2 may be useful. The other thing that comes to mind is that it may be useful for you to login (as sody) twice (i.e., from 2 different xterms, or using a terminal mux program such as tmux(1) (in ports; sysutils/tmux) so from one session, you can try su sody2 and from the other, you can issue commands such as top or ps lwt ttydcd to see what processes are running on the (apparently stalled) session. It's also possible that there's something wrong with the login shell initialization scripts used for sody2. The above commands may help identify that case. Peace, david -- David H. Wolfskill da...@catwhisker.org Depriving a girl or boy of an opportunity for education is evil. See http://www.catwhisker.org/~david/publickey.gpg for my public key. -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On 6/9/2012 20:29, Sami Halabi wrote: Hi, /var/log/messages - no new logs Sorry if this has been asked, anything in dmesg? ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
its the same as /var/log/messages On Sat, Jun 9, 2012 at 4:32 PM, Adam Strohl adams-free...@ateamsystems.comwrote: On 6/9/2012 20:29, Sami Halabi wrote: Hi, /var/log/messages - no new logs Sorry if this has been asked, anything in dmesg? -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On 6/9/2012 20:33, Sami Halabi wrote: its the same as /var/log/messages I assume you mean there is nothing there because it's not the same thing (yes dmesg stuff should get logged into syslog but your system obviously isn't working right so ...). Past that I've been skimming this thread since you posted and I can't think of anything here that would resolve this except that it might be worth a try to have someone ctrl-alt-del it (requires no FreeBSD knowledge, passwords, etc by the person doing it and should gracefully reboot the server). Its a total Hail Mary [pass] though [and probably won't work]. It might lock you out entirely, too. P.S. Beyond this incident obviously setting up a remote console is ideal, IPMI is very worth it, but my guess is you'd have it setup if your MB had it. If you don't have an IPMI module and you happen to have another box there cross-patching their serial consoles to each other so if one goes down you can serial via the other one (ie; server1's com1 to server2's com2, and server2's com1 to server1's com2). You need to set this up as root though so no help now. -- Adam Strohl http://www.ateamsystems.com/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Sami Halabi sodyn...@gmail.com wrote: %id uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel) % i have another account also id 1002 - sody2, also in group wheel. i can ssh using user sody/sody2, however su doesn't work if i do: su sody2, when i logged in with user sody. it seems that su is broken somehow Something is definitely broken. Maybe the suid-root bit was accidentally removed from the su binary? What is the output from ls -l /usr/bin/su? Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd If you think C++ is not overly complicated, just what is a protected abstract virtual base pure virtual private destructor, and when was the last time you needed one? -- Tom Cargil, C++ Journal ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Hi, %ls -l /usr/bin/su -r-sr-xr-x 1 root wheel 16944 Jun 7 19:47 /usr/bin/su % I don't think this realtred to suid bit, because if so it would give permission denied error... Sami On Sat, Jun 9, 2012 at 5:43 PM, Oliver Fromme o...@lurza.secnetix.dewrote: Sami Halabi sodyn...@gmail.com wrote: %id uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel) % i have another account also id 1002 - sody2, also in group wheel. i can ssh using user sody/sody2, however su doesn't work if i do: su sody2, when i logged in with user sody. it seems that su is broken somehow Something is definitely broken. Maybe the suid-root bit was accidentally removed from the su binary? What is the output from ls -l /usr/bin/su? Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd If you think C++ is not overly complicated, just what is a protected abstract virtual base pure virtual private destructor, and when was the last time you needed one? -- Tom Cargil, C++ Journal -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On Sat, 2012-06-09 at 15:47 +0300, Sami Halabi wrote: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 4.81r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 5.34r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 5.72r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 6.21r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 6.67r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 7.14r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 7.53r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 7.89r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.14r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k Thanks, Sami Since the wait is ttydcd, try stty clocal before doing the su command. I don't know why su would be waiting for dcd (modem carrier) but setting clocal mode should eliminate that wait. -- Ian ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
%stty clocal %su - Password: load: 0.00 cmd: su 34023 [ttydcd] 0.72r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 34023 [ttydcd] 0.99r 0.00u 0.00s 0% 2092k I tried stty -clocal also but didn't work :( any other ideas? On Sat, Jun 9, 2012 at 6:43 PM, Ian Lepore free...@damnhippie.dyndns.orgwrote: On Sat, 2012-06-09 at 15:47 +0300, Sami Halabi wrote: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 4.81r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 5.34r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 5.72r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 6.21r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 6.67r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 7.14r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 7.53r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 7.89r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.14r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k load: 0.00 cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k Thanks, Sami Since the wait is ttydcd, try stty clocal before doing the su command. I don't know why su would be waiting for dcd (modem carrier) but setting clocal mode should eliminate that wait. -- Ian -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
Hi, %sysctl kern.console kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom, %tail /var/log/messages Jun 7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a Jun 7 19:54:36 vps16 kernel: bge0: link state changed to UP Jun 7 20:18:04 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 Jun 7 20:18:04 vps16 kernel: ukbd0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:18:04 vps16 kernel: kbd2 at ukbd0 Jun 7 20:18:05 vps16 kernel: uhid0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1 Jun 7 20:21:19 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 (disconnected) Jun 7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected) Jun 7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected) % the system was loaded with keyboard and disconnected later if i understand the logs... New ideas are appreciated, and thanks in advance, Sami On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein egrosb...@rdtc.ru wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On Jun 9, 2012, at 2:45 PM, Sami Halabi sodyn...@gmail.com wrote: Hi, %sysctl kern.console kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom, %tail /var/log/messages Jun 7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a Jun 7 19:54:36 vps16 kernel: bge0: link state changed to UP Jun 7 20:18:04 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 Jun 7 20:18:04 vps16 kernel: ukbd0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:18:04 vps16 kernel: kbd2 at ukbd0 Jun 7 20:18:05 vps16 kernel: uhid0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1 Jun 7 20:21:19 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 (disconnected) Jun 7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected) Jun 7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected) % the system was loaded with keyboard and disconnected later if i understand the logs... New ideas are appreciated, and thanks in advance, Sami On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein egrosb...@rdtc.ru wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org Check the permissions on the su binary it could be missing the suid but. --- Mark saad | mark.s...@longcount.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
I already posted that: %ls -l /usr/bin/su -r-sr-xr-x 1 root wheel 16944 Jun 7 19:47 /usr/bin/su % Sami On Sat, Jun 9, 2012 at 10:57 PM, Mark Saad nones...@longcount.org wrote: On Jun 9, 2012, at 2:45 PM, Sami Halabi sodyn...@gmail.com wrote: Hi, %sysctl kern.console kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom, %tail /var/log/messages Jun 7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a Jun 7 19:54:36 vps16 kernel: bge0: link state changed to UP Jun 7 20:18:04 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 Jun 7 20:18:04 vps16 kernel: ukbd0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:18:04 vps16 kernel: kbd2 at ukbd0 Jun 7 20:18:05 vps16 kernel: uhid0: vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1 Jun 7 20:21:19 vps16 kernel: ugen0.2: vendor 0x09da at usbus0 (disconnected) Jun 7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected) Jun 7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected) % the system was loaded with keyboard and disconnected later if i understand the logs... New ideas are appreciated, and thanks in advance, Sami On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein egrosb...@rdtc.ru wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org Check the permissions on the su binary it could be missing the suid but. --- Mark saad | mark.s...@longcount.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
On 9-6-2012 18:42, Eugene Grosbein wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Just to get this clear - are you connected via ssh and want to use su? If so, I fail to see why the keyboard would be in play as you need a pty, not a vty. Secondly, your logs mention a kbd2 that is disconnected, so where's kbd1. And finally, why did the person that connected and disconnected the keyboard leave a root login open? -- Mel ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
sudo is not installed? On 6/10/12 12:22 AM, Sami Halabi wrote: I already posted that: %ls -l /usr/bin/su -r-sr-xr-x 1 root wheel 16944 Jun 7 19:47 /usr/bin/su % Sami On Sat, Jun 9, 2012 at 10:57 PM, Mark Saadnones...@longcount.org wrote: On Jun 9, 2012, at 2:45 PM, Sami Halabisodyn...@gmail.com wrote: Hi, %sysctl kern.console kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom, %tail /var/log/messages Jun 7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a Jun 7 19:54:36 vps16 kernel: bge0: link state changed to UP Jun 7 20:18:04 vps16 kernel: ugen0.2:vendor 0x09da at usbus0 Jun 7 20:18:04 vps16 kernel: ukbd0:vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:18:04 vps16 kernel: kbd2 at ukbd0 Jun 7 20:18:05 vps16 kernel: uhid0:vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1 Jun 7 20:21:19 vps16 kernel: ugen0.2:vendor 0x09da at usbus0 (disconnected) Jun 7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected) Jun 7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected) % the system was loaded with keyboard and disconnected later if i understand the logs... New ideas are appreciated, and thanks in advance, Sami On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbeinegrosb...@rdtc.ru wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org Check the permissions on the su binary it could be missing the suid but. --- Mark saad | mark.s...@longcount.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org -- Andrey Zonov ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: su problem
unfortunatlly its not installed by default and i didn't have the chance to install it because i locked out quickly :( Sami On Sun, Jun 10, 2012 at 12:11 AM, Andrey Zonov and...@zonov.org wrote: sudo is not installed? On 6/10/12 12:22 AM, Sami Halabi wrote: I already posted that: %ls -l /usr/bin/su -r-sr-xr-x 1 root wheel 16944 Jun 7 19:47 /usr/bin/su % Sami On Sat, Jun 9, 2012 at 10:57 PM, Mark Saadnones...@longcount.org wrote: On Jun 9, 2012, at 2:45 PM, Sami Halabisodyn...@gmail.com wrote: Hi, %sysctl kern.console kern.console: ttyv0,dcons,/dcons,ttyv0,uart,**ucom, %tail /var/log/messages Jun 7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a Jun 7 19:54:36 vps16 kernel: bge0: link state changed to UP Jun 7 20:18:04 vps16 kernel: ugen0.2:vendor 0x09da at usbus0 Jun 7 20:18:04 vps16 kernel: ukbd0:vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:18:04 vps16 kernel: kbd2 at ukbd0 Jun 7 20:18:05 vps16 kernel: uhid0:vendor 0x09da USB Keyboard, class 0/0, rev 1.10/2.50, addr 2 on usbus0 Jun 7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1 Jun 7 20:21:19 vps16 kernel: ugen0.2:vendor 0x09da at usbus0 (disconnected) Jun 7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected) Jun 7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected) % the system was loaded with keyboard and disconnected later if i understand the logs... New ideas are appreciated, and thanks in advance, Sami On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbeinegrosb...@rdtc.ru wrote: 09.06.2012 19:47, Sami Halabi пишет: %su - Password: load: 0.00 cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k Perpaps, your system had no keyboard attached at boot time; or for some other reason it booted with /dev/console being serial console instead of vidconsole. su locks trying to access serial console that is /dev/ttyd0 by default and has Carrier Detect flag enabled. Hence, it waits for CD on the first serial port (miserably and hopelessly). You can check if it's true with sysctl kern.console command. You could ask someone to boot the system with keyboard attached - no need to type anything, though. The system should detect it and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0. And su won't lock. Eugene Grosbein -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert __**_ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/**mailman/listinfo/freebsd-**stablehttp://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscribe@** freebsd.org freebsd-stable-unsubscr...@freebsd.org Check the permissions on the su binary it could be missing the suid but. --- Mark saad | mark.s...@longcount.org __**_ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/**mailman/listinfo/freebsd-**stablehttp://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscribe@** freebsd.org freebsd-stable-unsubscr...@freebsd.org -- Andrey Zonov -- Sami Halabi Information Systems Engineer NMS Projects Expert FreeBSD SysAdmin Expert ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org