From owner-freebsd-questions@FreeBSD.ORG Sun May 27 23:17:20 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9A1E816A41F for ; Sun, 27 May 2007 23:17:20 +0000 (UTC) (envelope-from schiz0phrenic21@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.180]) by mx1.freebsd.org (Postfix) with ESMTP id 77F7713C48C for ; Sun, 27 May 2007 23:17:20 +0000 (UTC) (envelope-from schiz0phrenic21@gmail.com) Received: by wa-out-1112.google.com with SMTP id m33so658248wag for ; Sun, 27 May 2007 16:17:20 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=XFTsHDY349X3sHd06yT8dDljIohxTrOnq5VUBM3kYr4K52W2ZbNtGV7BmzpYpM8wuFWAA6BygYWspZY1ejzYyHWe7KENkA96tehhxtP4ydtFGgyeqYoP4aJslhClczIdk7prHh7zHTvWG5IFHyL7n9aJ8+05oir2jqiOMZvECwc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=uot8viZu1KSBTAOXUlGiSK2iR3CWF4PjcYN4AyDv6j1Gd7asYQDh1+uurAP5P/bWCzTXPBmVVWus2IRiQIV/irqgy/lehrYIhKmDthwFZ3s3otR12XC1KEhds/hkX9BoEy8SvTKA6WVN8jA7JFMo3m1UGQJKyGIhqTf/GXKt0CI= Received: by 10.115.79.1 with SMTP id g1mr2632917wal.1180307840240; Sun, 27 May 2007 16:17:20 -0700 (PDT) Received: by 10.114.37.10 with HTTP; Sun, 27 May 2007 16:17:20 -0700 (PDT) Message-ID: <8d23ec860705271617v60fab47fo264e8aa43120338a@mail.gmail.com> Date: Sun, 27 May 2007 19:17:20 -0400 From: Schiz0 To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Locked Myself Out - Cannot "su" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 May 2007 23:17:20 -0000 This is one of those things where after you realize what you've done, you just want to smack yourself. I've been working on hardening my FreeBSD 6.2-Stable box. I disabled root login from everywhere, including the console (The box isn't physically secure, so I didn't want anyone screwing around). Now, me being stupid, didn't reboot after making all these changes to harden it. So I finally rebooted (With the secure level set to 2) and I found that I can't run "su." I get the following error: $ su - su: not running setuid I can't shutdown since I can't become root, so I pulled the plug and rebooted into single-user mode. I edited /etc/rc.conf and set kern_securelevel_enable="NO" I rebooted again, but for some reason I still get the same error for "su." So basically, I locked myself out of my box completely. I fail :-( su has the following permissions: -r-sr-xr-x 1 root wheel schg 12240 May 13 13:15 su And sudo isn't installed, unfortunately. Any ideas of how to get root back? Thanks!