On Wed, 26 Sep 2007 18:02:49 -0500
"John D.Baker" <jbaker@cis.sac.accd.edu> wrote:

> I've been updating my machines from (sometimes ancient) netbsd-4
> BETA2 to RC1 (tracking netbsd-4) and on several of them, 'su' is
> claiming authetication failure (pam_unix).
> 
> It seems to occur on those machines where I've been extracting the
> sets (except [x]etc.tgz) in place and then running 'etcupdate'.  I
> answer "y" to the question about rebuilding the password database.
> 
> On the build host itself, I've been using the "install=/" target
> of 'build.sh' and running 'etcupdate' afterwards.
> 
> I can still log in as 'root' on the console of the affected machines
> and use 'su' to become another user, but as an unpriviledged user
> cannot become root, or switch to another unpriviledged user account
> for which I have the password.
> 
> Has anyone else seen anything like this?
> 
> (I have 'sudo' installed previously, so root authority is not a
> problem, but I keep some things owned by another unprivileged
> account and can't 'su' to work with them without vectoring through
> root--'sudo su someuser'.)
> 
What are the permissions on su?  Did you build unprivileged and forget
-U?



		--Steve Bellovin, http://www.cs.columbia.edu/~smb