by mail.netbsd.org with SMTP; 5 Sep 2000 03:07:02 -0000
	id 237891F18; Mon,  4 Sep 2000 20:07:00 -0700 (PDT)
Subject: Re: BAD SU
In-Reply-To: <NDBBKLEKDJFPMMCHEIEEGEMJCAAA.seth.vanburen@eserv.com.au> from Seth
 van Buren at "Sep 5, 2000 01:19:04 pm"
To: seth.vanburen@eserv.com.au
Date: Mon, 4 Sep 2000 20:07:00 -0700 (PDT)
Cc: tech-security@netbsd.org
From: Dima Dorfman <dima@unixfreak.org>
Reply-To: dima@unixfreak.org
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id: <20000905030700.237891F18@static.unixfreak.org>

[Charset iso-8859-1 unsupported, filtering to ASCII...]
> Hello,
> Forgive me as this is my first time in the mailing list.
> 
> I recently had to r epair my NetBSD system when I was moving my /usr partion
> to another disk.
> 
> Now, every time I "su" to an account (except from root) I get a "BAD SU"
> error in the syslogs.
> 
> I can su from root to another account (this does not require a password),
> but not from any account other than root.
> 
> I have checked the passwords, I can log in ok directly to accounts from the
> console.

Just a thought: when you moved the filesystem, were all the file modes
preserved?  Since 'su' needs to run setuid to root, if the modes were
somehow corrupted, it will not work.  Try re-setting the modes (it
should be 4555, so `chmod 4555 /usr/bin/su` should do it).  Also make
sure that 'root' owns the su binary.

Hope this helps

-- 
Dima Dorfman <dima@unixfreak.org>
Finger dima@unixfreak.org for my public PGP key.

"When in doubt, use brute force."
	-- Ken Thompson