passwords not recognized when su'ing from a terminal
Andreas Bernauer
fedora at lysium.de
Fri Jul 20 10:25:38 UTC 2007
Alain Cochard wrote on Fri, Jul 20 2007 at 11:59 (+0200):
> Just a few days ago, I stopped being able to 'su' or 'su some_user'
> from a terminal: the passwords are no longer accepted. Same problem
> to unlock a session (need to enter the password).
>
> I can still login OK (as root or any user) from the initial login
> screen or when switching user, or from a virtual terminal.
> That is what appears in my /var/log/secure file when I try to 'su -'
> from a terminal from my account (cochard):
>
> Jul 19 10:56:49 pcinvit10 su: pam_unix(su-l:auth): authentication
> failure; logname=cochard uid=500 euid=500 tty=pts/12 ruser=cochard
> rhost= user=root
> So I'm stuck here. Thanks in advance for any piece of advice for
> investigating further.
You may not have noticed, but the problem seems to be that PAM is denying
access. Check the file /etc/pam.d/su to see why it may be doing this.
My su-file looks like the one attached and is from FC6.
You may also want to turn on some 'debug' option flag in the pam modules. However,
there is no general debug interface to PAM (unfortunately).
Cheers,
Andreas.
--
http://www.lysium.de/blog
-------------- next part --------------
#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required pam_wheel.so use_uid
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20070720/f0c1e5c9/attachment-0002.bin
More information about the users
mailing list