Bug 476363
Summary: | neither su nor sudo works in Fedora 10 | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | zachary charlop-powers <ohreallyfool> | ||||||||||||||
Component: | pam | Assignee: | Tomas Mraz <tmraz> | ||||||||||||||
Status: | CLOSED CANTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||||||||
Severity: | high | Docs Contact: | |||||||||||||||
Priority: | low | ||||||||||||||||
Version: | 10 | CC: | tmraz | ||||||||||||||
Target Milestone: | --- | ||||||||||||||||
Target Release: | --- | ||||||||||||||||
Hardware: | i386 | ||||||||||||||||
OS: | Linux | ||||||||||||||||
Whiteboard: | |||||||||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||||||||
Doc Text: | Story Points: | --- | |||||||||||||||
Clone Of: | Environment: | ||||||||||||||||
Last Closed: | 2009-03-09 15:59:41 UTC | Type: | --- | ||||||||||||||
Regression: | --- | Mount Type: | --- | ||||||||||||||
Documentation: | --- | CRM: | |||||||||||||||
Verified Versions: | Category: | --- | |||||||||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||||||||
Embargoed: | |||||||||||||||||
Attachments: |
|
Description
zachary charlop-powers
2008-12-13 16:54:07 UTC
What do you see related in /var/log/secure and /var/log/messages? What is in your /etc/pam.d/system-auth, /etc/pam.d/su and /etc/pam.d/sudo? Created attachment 326952 [details]
/etc/pam.d/system-auth
Created attachment 326953 [details]
/etc/pam.d/su
Created attachment 326954 [details]
/etc/pam.d/sudo
Created attachment 326955 [details]
/var/log/messages
Created attachment 326956 [details]
/var/log/secure
Created attachment 326957 [details]
/var/log/secure-20081214
i am not familiar with the /pam.d files but a cursory look at them makes me think they are okay. in the /var/log/secure-20081214 file I see a number of error messages to sudo and the error is a timestamp error. You can also see that when I have used a GUI to use a program with root priveleges (yumex, livna-config-display) the output will say something like this: -- pam_timestamp(yumex:auth): timestamp file `/var/run/sudo/zachcp/unknown:root' is only 19 seconds old, allowing access to yumex for user zachcp Additionally there is a recurrent error message around unix_chpwd: --Dec 12 12:10:40 localhost sudo: zachcp : pam_acct_mgmt: 7 ; TTY=pts/2 ; PWD=/home/zachcp ; USER=root ; COMMAND=/usr/bin/yum nmr4us --Dec 12 12:10:41 localhost sudo: pam_unix(sudo:account): read unix_chkpwd output error 0: Success Perhaps you have a suggestion but do you think ther would be a way to upate the timestamp on my '/var/run/sudo/zachcp/unknown' file? Perhaps "touch /var/run/sudo/zachcp/unknown" ? thanks also, FYI, this machine was not a clean install of Fedora 10. I was running rawhide and continually updated. Su was working until one of the updates, however. To the best that I noticed, PAM and NSS updates were in the packeages updated right before my permissions issue started. The message about timestamp is just an informational message. But the unix_chkpwd message indicates a problem. What 'rpm -V pam' prints? Run it as root of course. Also is the problem still there if you temporarily switch SELinux to permissive mode by 'setenforce 0' ? [root@localhost ~]# rpm -V pam ....L... c /etc/pam.d/system-auth S.5....T c /etc/security/limits.conf I will try the SELinux trick next Did changing SELinux mode to permissive help? Could you try to install the pam package from: http://people.redhat.com/tmraz/testing/ and report what you see in /var/log/secure when you try su and sudo? Thanks Tom, Changing SELinux did not help. I was unable to do much with the computer without root capability. I was also having a few other (related?) glitches in system performance. As I mentioned, this had been an incremental update of Rawhide, so I decided for a clean install at which point everything worked fine. OK closing. |