Re: [SLE] Root password corrupt?
On Monday 30 May 2005 05:22, george wrote:
I have two users...using the (only) KDE GUI. Both work fine. When I go to control center, either user tries to make changes that require a su login (admin or root password), the password doesn't work. It has worked fine for the past few months. In the past, I did a google for changing the password didn't find much that I could do (somewhat CLI challenged, but I'm in therapy) ;) Anyway, I just did a reinstall... My boot drive isn't the shared drives, so it isn't that big a deal. The first time I just figured I forgot it or something. (I really didn't think so, but...) Then the second install, I made it something easy. That worked for a few months, then the same thing as now. I did a reinstall. This time I wrote the password down ON the box. (still simple) this worked for a few months, till now. I don¹t' remember if I could ssh in via my OSX box with this latest build or not. (but yes, in the past I could)
Hm. So you haven't actually tried logging in normally with root, it's just with 'su'? When this happens, try logging in as root from the login prompt. If that works, I guess 'su' has lost its suid bit. If you do ls -l /bin/su do you get -rwsr-xr-x 1 root root 23296 2005-03-19 21:28 /bin/su (the relevant bit is the s in rws at the beginning) Do you perhaps set your security level up? The thing is, if /bin/su loses its suid bit, it will always tell you the password is wrong, because it simply can't check if it's right or not. A normal login from the login prompt should still work though, so you can log in and reset the suid bit with chmod u+s /bin/su if this really is the problem. And if it is, the question is why it happens. My money is on the security level. If it's set too high (paranoid), the suid bits will be stripped off everything If this isn't the problem, and you can't even log in from the login screen, then I'm at a loss. The first thing then would be to reset the root password the way others have described, and then investigate what has happened to the original root password.
On 5/29/05 11:35 PM, "Anders Johansson" <andjoh@rydsbo.net> wrote:
On Monday 30 May 2005 05:22, george wrote:
I have two users...using the (only) KDE GUI. Both work fine. When I go to control center, either user tries to make changes that require a su login (admin or root password), the password doesn't work. It has worked fine for the past few months. In the past, I did a google for changing the password didn't find much that I could do (somewhat CLI challenged, but I'm in therapy) ;) Anyway, I just did a reinstall... My boot drive isn't the shared drives, so it isn't that big a deal. The first time I just figured I forgot it or something. (I really didn't think so, but...) Then the second install, I made it something easy. That worked for a few months, then the same thing as now. I did a reinstall. This time I wrote the password down ON the box. (still simple) this worked for a few months, till now. I don¹t' remember if I could ssh in via my OSX box with this latest build or not. (but yes, in the past I could)
Hm. So you haven't actually tried logging in normally with root, it's just with 'su'?
Just tried with root via ssh. No go.
When this happens, try logging in as root from the login prompt. If that works, I guess 'su' has lost its suid bit. If you do
ls -l /bin/su
do you get
-rwsr-xr-x 1 root root 23296 2005-03-19 21:28 /bin/su
(the relevant bit is the s in rws at the beginning)
Will try this-
Do you perhaps set your security level up?
Have not touched anything like that...
The thing is, if /bin/su loses its suid bit, it will always tell you the password is wrong, because it simply can't check if it's right or not.
A normal login from the login prompt should still work though, so you can log in and reset the suid bit with
chmod u+s /bin/su
if this really is the problem. And if it is, the question is why it happens. My money is on the security level. If it's set too high (paranoid), the suid bits will be stripped off everything
If this isn't the problem, and you can't even log in from the login screen, then I'm at a loss. The first thing then would be to reset the root password the way others have described, and then investigate what has happened to the original root password.
Can do - will do. OK, I just noticed something - worse(?) I can log in via samba with anything! any word and password. (yep, anything. Just for S&G, I typed in fart and fart and I got the two shared drives! ahhhh!) Are all passwords kept in the same directory? The question I have to ask now is have I been hacked? I'm behind a (Verizon DSL) Westell 2200 box they gave me...I'm thinking of adding another layer of protection now. Hate to do a knee jerk response right now- -- Thanks, George "If the automobile had followed the same development cycle as the computer, a Rolls-Royce would today cost $100, get a million miles per gallon, and explode once a year, killing everyone inside." ~Robert X. Cringely
On Monday 30 May 2005 07:46, suse_gasjr4wd@mac.com wrote:
OK, I just noticed something - worse(?) I can log in via samba with anything! any word and password. (yep, anything. Just for S&G, I typed in fart and fart and I got the two shared drives! ahhhh!) Are all passwords kept in the same directory?
No, but you probably have "guest access OK" set to "yes" on the share, meaning you can get in as any user, or even as no user. If you don't like that, go back to the samba configuration and disable it, set it to "no"
participants (2)
-
Anders Johansson -
suse_gasjr4wd@mac.com