Subject: Re: 'su' authentication failure after upgrade from netbsd-4 BETA2
To: None <jdbaker@mylinuxisp.com>
From: Steven M. Bellovin <smb@cs.columbia.edu>
List: current-users
Date: 09/27/2007 02:36:53
On Wed, 26 Sep 2007 18:02:49 -0500
"John D.Baker" <jbaker@cis.sac.accd.edu> wrote:
> I've been updating my machines from (sometimes ancient) netbsd-4
> BETA2 to RC1 (tracking netbsd-4) and on several of them, 'su' is
> claiming authetication failure (pam_unix).
>
> It seems to occur on those machines where I've been extracting the
> sets (except [x]etc.tgz) in place and then running 'etcupdate'. I
> answer "y" to the question about rebuilding the password database.
>
> On the build host itself, I've been using the "install=/" target
> of 'build.sh' and running 'etcupdate' afterwards.
>
> I can still log in as 'root' on the console of the affected machines
> and use 'su' to become another user, but as an unpriviledged user
> cannot become root, or switch to another unpriviledged user account
> for which I have the password.
>
> Has anyone else seen anything like this?
>
> (I have 'sudo' installed previously, so root authority is not a
> problem, but I keep some things owned by another unprivileged
> account and can't 'su' to work with them without vectoring through
> root--'sudo su someuser'.)
>
What are the permissions on su? Did you build unprivileged and forget
-U?
--Steve Bellovin, http://www.cs.columbia.edu/~smb