You are not logged in.
Pages: 1
The su command has quit working for me. It tells me that the password I entered is wrong. I've tried su'ing to multiple accounts and it says incorrect password. The thing is, I know that I AM entering the password properly. This all used to work the last time I tried it (and the 20 times before that). Is there something that could be wrong?
PS: I can log into the accounts directly just not through SU anymore.
Offline
First, the user who is using su must be in the wheel group.
grep wheel /etc/group
should include your username.
Secondly, you enter the root password when using su, not your user password (which you enter for sudo).
Offline
First, the user who is using su must be in the wheel group.
grep wheel /etc/group
should include your username.
Hmmm no one but root is in my wheel group. This is strange because I've been using su to become root for a long time and I've never set any accounts to be in the wheel group. I don't know if they used to be and aren't now or if su didn't used to require wheel. This would have happened within the last week or two because I used su then. This somewhat worries me because I'm the only one that should be messing around with root on the machine so if something changed it had better be because of an arch upgrade!
Secondly, you enter the root password when using su, not your user password (which you enter for sudo).
Yeah, I know. I believe that technically you use the password of the user whose privileges you'd like to assume. So if I want to become bob (su -l bob) then I enter bob's password.
Offline
Adding my account to wheel doesn't make it work either... I just tried it.
Running 'id' tells me that I am indeed in the wheel group but still no dice.
Offline
Aaaaand, to continue to reply to myself here...
Here is the output from auth.log when I try to use su to login (names have been changed to protect the innocent):
Jul 27 15:58:11 xxMyMachxx su(pam_unix)[12956]: authentication failure; logname= uid=1000 euid=1000 tty=pts/0 ruser=xxMExx rhost= user=root
That doesn't really tell me much. I hope it tells someone else what needs to be done.
Offline
Adding my account to wheel doesn't make it work either... I just tried it.
Running 'id' tells me that I am indeed in the wheel group but still no dice.
Sorry, I should have clarified. You need to be in the wheel group to su to root. I didn't realize you were trying to su to other users.
Offline
adderd wrote:Adding my account to wheel doesn't make it work either... I just tried it.
Running 'id' tells me that I am indeed in the wheel group but still no dice.
Sorry, I should have clarified. You need to be in the wheel group to su to root. I didn't realize you were trying to su to other users.
Well, to clarify, I'm trying to su *period*. The only reason I am trying different users is to see if it's a problem just with su'ing to root. But, it is a case of not being able to su at all. I've even tried it locally (normally I try it through SSH) and it doesn't work locally either. I'm really at a loss as to what is going on.
Offline
looks like it has something to do with PAM.
Offline
Sorry, I should have clarified. You need to be in the wheel group to su to root. I didn't realize you were trying to su to other users.
No you don't have to be in any group to use su.
I would check the permissions of /bin/su and the PAM settings.
Offline
allucid wrote:Sorry, I should have clarified. You need to be in the wheel group to su to root. I didn't realize you were trying to su to other users.
No you don't have to be in any group to use su.
I would check the permissions of /bin/su and the PAM settings.
But you need to be in wheel to su to root...
Or at least that is how things used to work.
Offline
But you need to be in wheel to su to root...
I don't remember it ever being that way.
Offline
It's a PAM setting.
There's a long story about how RMS got mad because he didn't get the root passwd, but the moral is that the wheel group thing is just a default setting on most distros now adays to have a user need to be a member of wheel to su root; however, It's not the default in arch.
/etc/pam.d/su:
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required pam_wheel.so use_uid
auth required pam_unix.so
account required pam_unix.so
session required pam_unix.so
Offline
allucid wrote:But you need to be in wheel to su to root...
I don't remember it ever being that way.
What is the purpose of the wheel group, then?
[Edit]
Crap. I just saw this on wikipedia:
Great care must be taken by a system administrator to choose a suitable password for the root account, to prevent any possible takeover by a low level user running su. Some Unix-like systems have a wheel group of users, and only allow these users to su to root. This may or may not mitigate these security concerns, since an intruder might first simply break into one of those accounts. GNU su, however, does not support a wheel group; this was done for philosophical reasons.
Offline
The whole wheel thing is beside the point for me however. Something is terribly broken. Even if I uncomment the line to explicitly trust users in the wheel group (which makes it so that you do NOT need to even enter the root PW to get root) it still does not work. Even then it tells me that the password is wrong. The password, however, cannot be wrong if I dont need to enter it. Something got REALLY messed up and I dont know what.
Offline
I finally fixed it. I first downloaded sudo and tried that and it worked fine. Then I reinstalled coreutils to get a fresh copy of su and now it works again. Looks like a case of a corrupted file. Though, that still isn't very good...
Offline
Pages: 1