From owner-freebsd-current Sun Dec 15 12: 1: 8 2002 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EFF5D37B401 for ; Sun, 15 Dec 2002 12:01:06 -0800 (PST) Received: from pump3.york.ac.uk (pump3.york.ac.uk [144.32.128.131]) by mx1.FreeBSD.org (Postfix) with ESMTP id D1EEA43E4A for ; Sun, 15 Dec 2002 12:01:05 -0800 (PST) (envelope-from gavin@ury.york.ac.uk) Received: from ury.york.ac.uk (ury.york.ac.uk [144.32.108.81]) by pump3.york.ac.uk (8.10.2/8.10.2) with ESMTP id gBFK0un28666; Sun, 15 Dec 2002 20:00:56 GMT Received: from ury.york.ac.uk (localhost.york.ac.uk [127.0.0.1]) by ury.york.ac.uk (8.12.6/8.12.6) with ESMTP id gBFK0uTI067120; Sun, 15 Dec 2002 20:00:56 GMT (envelope-from gavin@ury.york.ac.uk) Received: from localhost (gavin@localhost) by ury.york.ac.uk (8.12.6/8.12.6/Submit) with ESMTP id gBFK0tf1067117; Sun, 15 Dec 2002 20:00:56 GMT Date: Sun, 15 Dec 2002 20:00:55 +0000 (GMT) From: Gavin Atkinson To: Craig Boston Cc: current@FreeBSD.ORG Subject: Re: su(1) problem on -current In-Reply-To: <1039973731.751.11.camel@darth-laptop> Message-ID: <20021215195157.H58191-100000@ury.york.ac.uk> References: <1039973731.751.11.camel@darth-laptop> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 15 Dec 2002, Craig Boston wrote: > On a laptop running current, I have a problem using the su program > multiple times (nested). > > (log in as auser) > $ id > uid=1002(auser) gid=1002(auser) groups=1002(auser) > $ su - buser > Password: > $ id > uid=1001(buser) gid=1001(buser) groups=1001(buser), 0(wheel) > $ su - > su: Sorry > $ > > So, even though I'm in the wheel group after the first su, it won't let > me su to root (doesn't even prompt for password). It seems to make no > difference whether I use the -l option to su or not. Is this PAM > related? Confirmed. in su.c it seems that pam_authenticate is returning PAM_AUTH_ERR, when it presumably should not be doing so. that's about all I can figure out, PAM is not an area I'm familiar with. 4.x does not have this problem. Gavin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message