Date: Fri, 31 Aug 2001 10:53:07 +0100 From: Tony McCrory <tony@mgn.co.uk> To: Glen Hollings <GHollings@admin.gil.com.au> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Broken SU Message-ID: <Pine.BSF.4.21.0108311052200.28410-100000@vodka.tmg-ireland> In-Reply-To: <B9C04FEB4B4EA74696488AE05045588728D27C@postal.admin.gil.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Are you in the wheel goup? Tony On Fri, 31 Aug 2001, Glen Hollings wrote: > > Has anyone ever experenced a broken SU command? > > I cant seem to SU to root when logged in as any 'normal' user.... > > eg > > normuser@bsdbox normuser]$su -m > Password: > > (stalls after this) > > > Or if I put in the wrong password > > normuser@bsdbox normuser]$su -m > Password: > Sorry > > (stalls after this) > > > it does this... > > putting sshd into debug mode doesnt seem to reveal anything of use.. > > > > Here is an strace output of an attempted su: > > $strace su > execve("/usr/bin/su", ["su"], [/* 20 vars */]) = 0 > __sysctl([hw.pagesize], 2, "\0\20\0\0", [4], NULL, 0) = 0 > mmap(0, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANON, -1, 0) = > 0x4005e000 > geteuid(0xbfbffc1c) = 0 > getuid() = 1002 (euid 0) > open("/var/run/ld-elf.so.hints", O_RDONLY) = 3 > read(3, "Ehnt\1\0\0\0\200\0\0\0(\0\0\0\0\0\0\0\'\0\0\0\0\0\0\0\0"..., 128) = > 128 > lseek(3, 128, SEEK_SET) = 128 > read(3, "/usr/lib:/usr/lib/compat:/usr/lo"..., 40) = 40 > close(3) = 0 > access("/usr/lib/libutil.so.3", F_OK) = 0 > open("/usr/lib/libutil.so.3", O_RDONLY) = 3 > fstat(3, {st_mode=S_IFREG|0444, st_size=32848, ...}) = 0 > read(3, "\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0h#\0\000"..., 4096) = > 4096 > mmap(0, 36864, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40066000 > mmap(0x4006e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, > 0x7000) = 0x4006e000 > close(3) = 0 > access("/usr/lib/libskey.so.2", F_OK) = 0 > open("/usr/lib/libskey.so.2", O_RDONLY) = 3 > fstat(3, {st_mode=S_IFREG|0444, st_size=24252, ...}) = 0 > read(3, "\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0008\23\0"..., 4096) = > 4096 > mmap(0, 28672, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4006f000 > mmap(0x40073000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, > 0x3000) = 0x40073000 > close(3) = 0 > access("/usr/lib/libmd.so.2", F_OK) = 0 > open("/usr/lib/libmd.so.2", O_RDONLY) = 3 > fstat(3, {st_mode=S_IFREG|0444, st_size=34272, ...}) = 0 > read(3, "\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\17\0\000"..., 4096) > = 4096 > mmap(0, 36864, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40076000 > mmap(0x4007e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, > 0x7000) = 0x4007e000 > close(3) = 0 > access("/usr/lib/libcrypt.so.2", F_OK) = 0 > open("/usr/lib/libcrypt.so.2", O_RDONLY) = 3 > fstat(3, {st_mode=S_IFREG|0444, st_size=28588, ...}) = 0 > read(3, "\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220\16"..., 4096) = > 4096 > mmap(0, 102400, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4007f000 > mmap(0x40086000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, > 0x6000) = 0x40086000 > mmap(0x40087000, 69632, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANON, > -1, 0) = 0x40087000 > close(3) = 0 > access("/usr/lib/libc.so.4", F_OK) = 0 > open("/usr/lib/libc.so.4", O_RDONLY) = 3 > fstat(3, {st_mode=S_IFREG|0444, st_size=572588, ...}) = 0 > read(3, "\177ELF\1\1\1\t\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\314-\1"..., 4096) = > 4096 > mmap(0, 622592, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40098000 > mmap(0x40118000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, > 0x7f000) = 0x40118000 > mmap(0x4011c000, 81920, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANON, > -1, 0) = 0x4011c000 > close(3) = 0 > access("/usr/lib/libcrypt.so.2", F_OK) = 0 > access("/usr/lib/libmd.so.2", F_OK) = 0 > sigaction(SIGILL, {0x4004f0fc, [], 0}, {SIG_DFL}) = 0 > sigprocmask(SIG_BLOCK, NULL, []) = 0 > sigaction(SIGILL, {SIG_DFL}, NULL) = 0 > sigprocmask(SIG_BLOCK, ~[ILL TRAP ABRT EMT FPE BUS SEGV SYS], []) = 0 > sigprocmask(SIG_SETMASK, [], NULL) = 0 > readlink("/etc/malloc.conf", 0xbfbff6f4, 63) = -1 ENOENT (No such file or > directory) > mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANON, -1, 0) = 0x40130000 > break(0x804d000) = 0 > getpriority(PRIO_PROCESS, 0) = 0 > setpriority(PRIO_PROCESS, 0, -2) = 0 > getuid() = 1002 (euid 0) > getlogin(0x401203f8, 0x11) = 0 > geteuid(0x4011b304) = 0 > break(0x804e000) = 0 > stat("/etc/spwd.db", {st_mode=S_IFREG|0600, st_size=40960, ...}) = 0 > open("/etc/spwd.db", O_RDONLY) = 3 > fcntl(3, F_SETFD, FD_CLOEXEC) = 0 > read(3, "\0\6\25a\0\0\0\2\0\0\4\322\0\0\20\0\0\0\0\f\0\0\1\0\0\0"..., 260) = > 260 > break(0x804f000) = 0 > break(0x8050000) = 0 > break(0x8051000) = 0 > lseek(3, 28672, SEEK_SET) = 28672 > read(3, "\30\0\373\17\302\17\275\17r\17l\17$\17\37\17\344\16\337"..., 4096) = > 4096 > break(0x8052000) = 0 > close(3) = 0 > geteuid(0x4011b304) = 0 > stat("/etc/spwd.db", {st_mode=S_IFREG|0600, st_size=40960, ...}) = 0 > open("/etc/spwd.db", O_RDONLY) = 3 > fcntl(3, F_SETFD, FD_CLOEXEC) = 0 > read(3, "\0\6\25a\0\0\0\2\0\0\4\322\0\0\20\0\0\0\0\f\0\0\1\0\0\0"..., 260) = > 260 > break(0x8053000) = 0 > lseek(3, 24576, SEEK_SET) = 24576 > read(3, "\26\0\373\17\301\17\272\17i\17d\17\23\17\n\17\321\16\314"..., 4096) > = 4096 > close(3) = 0 > geteuid(0x4006e3bc) = 0 > getegid(0x4006e3bc) = 1002 > setegid(0Password: > > > > anyone have any ideas?? please! > > Thanks > > ********************************************** > *Glen Hollings | There Cant Be * > *Network Administrator | a Crisis Today,* > *Global Info Links | my schedule is * > *ghollings@admin.gil.com.au | already full. * > ********************************************** > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > IMPORTANT NOTICE The information in this e-mail is confidential and should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Furthermore, the content of this e-mail is the personal view of the sender and does not represent the advice, views or opinion of our company. Accordingly, our company disclaim all responsibility and accept no liability (including in negligence) for the consequences of any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. In particular (but not by way of limitation) our company disclaims all responsibility and accepts no liability for any e-mails which are defamatory, offensive, racist or in any other way are in breach of any third party's rights, including breach of confidence, privacy or other rights. If you have received this e-mail message in error, please notify me immediately by telephone. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. Trinity Mirror plc is the holding company for the Trinity Mirror group of companies and is registered in England No. 82548, with its address at Kingsfield Court, Chester Business Park, Chester CH4 9RE. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0108311052200.28410-100000>