From owner-freebsd-questions Wed Mar 21 22:48:49 2001 Delivered-To: freebsd-questions@freebsd.org Received: from glatton.cnchost.com (glatton.cnchost.com [207.155.248.47]) by hub.freebsd.org (Postfix) with ESMTP id C523637B718 for ; Wed, 21 Mar 2001 22:48:46 -0800 (PST) (envelope-from praxis@techpraxis.com) Received: from [64.221.116.130] (w130.z064221116.sea-wa.dsl.cnc.net [64.221.116.130]) by glatton.cnchost.com id BAA10792; Thu, 22 Mar 2001 01:48:46 -0500 (EST) [ConcentricHost SMTP Relay 1.10] User-Agent: Microsoft-Entourage/9.0.2509 Date: Wed, 21 Mar 2001 22:48:44 -0800 Subject: Re: 4.3-BETA won't su to root in X terminal From: Forrest To: FreeBSD Questions Message-ID: In-Reply-To: <20010322060905.3135.qmail@web13202.mail.yahoo.com> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 3/21/01 10:09 PM, "Larry Librettez" is said to have spake: > After upgrading to 4.3-BETA, I find I cannot su to > root in a terminal window (rxvt, xterm) in X > (XFree86-3.3.6 with either GNOME or KDE). Even if I > enter the correct password, the su login gets rejected > (and yes, user is member of wheel group). The logs > report `BAD SU LIPSHITZ to root on ttyp0`. However, > in a plain terminal (not in X), I CAN su to root as a > regular user. Prior to upgrading to 4.3-BETA (kernel > + userland), I was able to su to root in X in > 4.2-STABLE. I tried adding `secure? after the ttyp > entries in /etc/ttys but that didn?t help. I did both > mergemaster and MAKEDEV all during my rebuild. I > specifically re-made the ttyp* devices. I even typed > out the su password on the terminal to make sure it > shows correctly and it does. On a separate box using > 4.2-STABLE I upgraded only the kernel to 4.3-BETA > (same 4.2-STABLE userland), and the problem still > occurred - couldn?t su to root in an X terminal. > > Is the problem in the kernel? A bug? A DoS? I > cvsup?d 5 times and rebuilded 5 times (I am now up to > 4.3-RC) with no change in this problem. > > How do I fix this? > Larry, after I updated to 4.3-BETA a few weeks ago, I had major problems with all situations where PAM was called -- first in starting X at all (see my posts at that time on this list) and then later in su-ing in an xterm, getting ssh to work-- I knew that in the mergemaster operation, I might have merged incorrectly and damaged my /etc/pam.conf file. My advice to you: You might try looking on your machine for all the pam.conf files (there should be more than one, with one in /usr/src/etc/pam.conf if you've got your sources handy). Do a diff on the two files /etc/pam.conf and /usr/src/etc/pam.conf. When I did this I discovered big differences between them, and when I replaced my damaged pam.conf file with the one in /usr/src/etc/pam.conf (I had to add entries to make sshd work though), all my authentication problems went away. Maybe this will help... Cheers, Forrest Hawes To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message