[opensuse] ARGH! Suddenly, I can't su to root! (fwd)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi: cer@nimrodel:~> su - Password: Permissions on the password database may be too restrictive. su: incorrect password cer@nimrodel:~> - -rw-r--r-- 1 root root 2591 2007-02-16 20:34 /etc/passwd - -rw-r----- 1 root shadow 1767 2007-02-16 18:19 /etc/shadow - -rw-r----- 1 root shadow 922 2005-10-07 02:49 /etc/shadow- Other symptoms: Postfix: Mar 1 12:15:23 nimrodel postfix/postdrop[17373]: warning: mail_queue_enter: create file maildrop/61413.17373: Permission denied hundreds of them! As a temporary hack, I do: chmod a+w+x+r /var/spool/postfix/maildrop/ What did I do before this happened? I had a look in Yast at users / local security and User management, changed nothing. I also tried "CA Management" to create a CA. Tried to create a "common server certificate", which failed to find the newly created CA. Exited Yast, tried to enter again... failed. Can't enter again. Then I noticed I can no longer "su" to root! In /etc/pam.d there are some files dated today, but half an hour ago: common-account-pc common-auth-pc common-password-pc common-session-pc contents: common-account-pc: account required pam_unix2.so common-auth-pc auth required pam_env.so auth required pam_unix2.so common-password-pc: password requisite pam_pwcheck.so nullok cracklib minlen=7 password required pam_unix2.so nullok use_authtok common-session-pc: session required pam_limits.so session required pam_unix2.so session optional pam_umask.so AppArmour: one log entry: prof usr/bin/mdnsd capability sys_tty_config severity 8 which I have enabled to see if that was it. No good. Nothing in the log: Mar 1 11:20:48 nimrodel su: (to fido) root on /dev/pts/15 Mar 1 11:20:48 nimrodel su: (to fido) root on /dev/pts/15 Mar 1 11:26:28 nimrodel zmd: Daemon (WARN): Not starting remote web server Mar 1 11:30:01 nimrodel /usr/sbin/cron[16243]: (cer) CMD (/home/cer/bin/avisar_hablando time > /dev/null) Mar 1 11:30:08 nimrodel init: Re-reading inittab Mar 1 11:48:53 nimrodel su: FAILED SU (to root) cer on /dev/pts/14 Mar 1 11:49:04 nimrodel su: FAILED SU (to root) cer on /dev/pts/14 Mar 1 11:49:13 nimrodel su: FAILED SU (to root) cer on /dev/pts/14 (No, inittab has not changed) - -- Cheers. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFF5r6CtTMYHG2NR9URAhXsAKCHdc70Af1DC8Zwy5btoL/8/oQNswCfVTMs LQaqgkOb+37bQJOyr5FS/ZQ= =Vmik -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Thursday 2007-03-01 at 12:52 +0100, I wrote:
cer@nimrodel:~> su - Password: Permissions on the password database may be too restrictive. su: incorrect password cer@nimrodel:~>
I had inadvertently changed security permissions to paranoid, when looking at the settings :-( I was pointed at a google search of the same problem and found the right hint in seconds. Guess I'm not used to google, I'm spoiled by years of not having cheap internet access... - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFF5sHBtTMYHG2NR9URAp8yAJ9SKxQeAnc2WfF/SaWRH/u19VnGdgCfe9ah VQjtSfIX62ln6sKstb9EGws= =z240 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (1)
-
Carlos E. R.