Date: Mon, 17 Jan 2005 19:59:39 +0000 (GMT) From: Robert Watson <rwatson@freebsd.org> To: Ivan Voras <ivoras@fer.hr> Cc: stable@freebsd.org Subject: Re: cannot su? Message-ID: <Pine.NEB.3.96L.1050117195804.50371W-100000@fledge.watson.org> In-Reply-To: <41EBD155.7040309@fer.hr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 Jan 2005, Ivan Voras wrote: > >>I have a user that's in wheel group. Logging in as root works on the > >>console, but su-ing from the user just writes 'Sorry', like the > >>password's wrong. There are no clues in log files. > > > > Make sure /usr/sbin/su is suid root (and /usr isn't mounted nosuid). > > It's stupid of me not to have checked that, but this is a very good > candidate for more information/verbosity - failure mode was just like > password/credentials were invalid. I've modified the su(1) source in HEAD to print a message if su(1) is executed without an effective uid of 0 (i.e., as root, or setuid as another user). Hopefully this error message will be more suggestive than "sorry": paprika:~/freebsd/commit/src/usr.bin/su> ./su su: not running setuid Assuming I didn't shoot any feet, I'll MFC this to RELENG_5 in a couple of weeks. Robert N M Watson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1050117195804.50371W-100000>