Bug 469791

Thanks for report, I doubt the problem is in coreutils and su. Could you please provide strace of the of the failing command (I guess it could be PAM authentication restriction but I want to be sure before reassigning or closing).

Created attachment 322398 [details]
strace for su

strace for su

I've tried building generic su from source, seems its nothing to do with the su code itself its getspnam thats broken ?


/etc/shadow first 3 lines.

root:$6$7VrkEcKw$EiuWyOjq3uPNAr/lmFm5Ki6T7uL61vINJMVwPIA8OIT/Vgq.jL1mzf0TsjbZS42RoNBBKqClJc.OlIaGgFlDh0:14187:0:99999:7:::
bin:*:14185:0:99999:7:::
daemon:*:14185:0:99999:7:::



Su built from source.

[waiman@jonspcc src]$ ./su
pw->pw_name=root
sp=(null)
Correct=x
Password:



static bool
correct_password (const struct passwd *pw)
{
  char *unencrypted, *encrypted, *correct;
#if HAVE_GETSPNAM && HAVE_STRUCT_SPWD_SP_PWDP
  /* Shadow passwd stuff for SVR3 and maybe other systems.  */
  struct spwd *sp = getspnam (pw->pw_name);

  endspent ();
  if (sp)
    correct = sp->sp_pwdp;
  else
#endif
    correct = pw->pw_passwd;

printf("pw->pw_name=%s\nsp=%s\nCorrect=%s\n",pw->pw_name,sp,correct); fflush(stdout);
  if (getuid () == 0 || !correct || correct[0] == '\0')
    return true;

  unencrypted = getpass (_("Password:"));
  if (!unencrypted)
    {
      error (0, 0, _("getpass: cannot open /dev/tty"));
      return false;
    }
  encrypted = crypt (unencrypted, correct);
  memset (unencrypted, 0, strlen (unencrypted));
  return STREQ (encrypted, correct);
}

Could you please attach the content of /etc/pam.d/su and the output of id command?

getspnam = shadow-utils ... shadow-utils = pvrabec ... adding to cc - Peter, what do you think about that issue?

[root@jonspcc src]# cat /etc/pam.d/su
#%PAM-1.0
auth            sufficient      pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth           sufficient      pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth           required        pam_wheel.so use_uid
auth            include         system-auth
account         sufficient      pam_succeed_if.so uid = 0 use_uid quiet
account         include         system-auth
password        include         system-auth
session         include         system-auth
session         optional        pam_xauth.so

From root
[root@jonspcc ~]# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)


From user
[waiman@jonspcc ~]$ id
uid=502(waiman) gid=502(waiman) groups=502(waiman)

/etc/passwd last 4 lines
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
avahi-autoipd:x:495:491:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
jon:x:501:501::/home/jon:/bin/bash
waiman:x:502:502::/home/waiman:/bin/bash

[root@jonspcc ~]# uname -a
Linux jonspcc 2.6.26.6-79.fc9.i686 #1 SMP Fri Oct 17 14:52:14 EDT 2008 i686 athlon i386 GNU/Linux



The machine is a virgin install of fc9 with yum update ran a few times, default settings for yum.

Did you try to add yourself to group wheel?
# gpasswd -a waiman wheel

No difference !   From a simple users perspective (mine!) I should be able to useradd from root, then login and use su without additional steps - its always worked out that way for me before :-)


[waiman@jonspcc ~]$ id
uid=502(waiman) gid=502(waiman) groups=10(wheel),502(waiman)
[waiman@jonspcc ~]$ su
Password:
su: incorrect password
[waiman@jonspcc ~]$

Created attachment 322711 [details]
pam.d/su with debug options

Please try the attached /etc/pam.d/su with debug options and attach the appropriate part of /var/log/secure of successful and unsuccessful login.

Thanks for the attached files, i've tried them but get nothing related to su in /var/log/secure, just the login report from sshd.

Its time for me to flush this machine and start again, thanks everyone for your help and time, its time to close this bug and move on. I assume its just me thats suffering this and only on one machine so its probably something i've broken !

Thanks again, looking forward to fc10.

Jon