PDA

View Full Version : SU fails after install



cr8dle2grave
08-19-2003, 12:52 AM
Sorry if this question has been asked before, but I searched and found nothing. I ran the knoppix-installer script from the 2003-07-25 knoppix CD. Unfortunately the user account created durring the install is unable to issue the su command (authentication failed). I added the created user to the adm, root, and staff groups, but no luck. Am I missing the obvious?

aaronforjesus
08-19-2003, 04:09 AM
You may need to boot up the Knoppix CD, acess the harddrive (be sure it is set as writable) /mnt/hda?/etc/shadow file and delete the root password (between the first two colons). Then logout of the CD and restart and login as root with a blank password. Your can then reset the password typing passwd and giving a new password.

Dave_Bechtel
08-19-2003, 07:00 AM
NONONO, editing the shadow password file directly is definitely NOT recommended. Too many things can go wrong.

--First of all, are you typing the ROOT password when you try to su? There's a difference in behavior from the ' sudo ' command. With sudo, you type the *USER'S* password, and the userid has to have an entry in /etc/sudoers.

--If you need to reset the root password for whatever reason, I would boot from CD and ' chroot ' to the root partition, then ' passwd root ' rather than editing the shadow file directly.


You may need to boot up the Knoppix CD, acess the harddrive (be sure it is set as writable) /mnt/hda?/etc/shadow file and delete the root password (between the first two colons). Then logout of the CD and restart and login as root with a blank password. Your can then reset the password typing passwd and giving a new password.

aaronforjesus
08-19-2003, 07:28 AM
Sounds a lot safer. Thanks for the tip!

cr8dle2grave
08-19-2003, 04:33 PM
Thanks for the help guys, but let me clarify a bit. The root password works just fine when logging in as root, but when, as a normal user, I issue the su command and enter the root password I get an error telling me that authentication failed.

Dave_Bechtel
08-19-2003, 10:13 PM
--Try adding the username to /etc/sudoers; if that doesn't help with the ' su ' command then at least you can still ' sudo bash ' and get to root.



# User privilege specification
root ALL=(ALL) ALL
your-user ALL=(ALL) ALL



Thanks for the help guys, but let me clarify a bit. The root password works just fine when logging in as root, but when, as a normal user, I issue the su command and enter the root password I get an error telling me that authentication failed.

cr8dle2grave
08-20-2003, 06:55 PM
I found a fix for my problem:

I found my answer by reading through the Linux Pam Administrator Guide (http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam.html)
I edited /etc/pam.d/su and uncommented the following line:
auth required pam_wheel.so

This line sets the configuration so that a user must be a member of the "root" group in order to issue the "su" command. I'm not sure why I had to do this as with the line commented it should allow all users to issue the "su" command. Anyhow, it works now.