On Thursday 18 December 2008 09:03:54 KES wrote: > Здравствуйте, Mel. > > Вы писали 18 декабря 2008 г., 9:05:35: > > M> On Wednesday 17 December 2008 21:02:07 KES wrote: > >> Здравствуйте, Mel. > >> > >> Вы писали 17 декабря 2008 г., 9:11:19: > >> > >> M> On Sunday 14 December 2008 16:11:17 KES wrote: > >> >> Здравствуйте, Polytropon. > >> >> > >> >> Вы писали 14 декабря 2008 г., 15:11:35: > >> >> > >> >> P> On Sun, 14 Dec 2008 12:58:55 +0100 (CET), Wojciech Puchar > >> >> > >> >> P> <woj...@wojtek.tensor.gdynia.pl> wrote: > >> >> >> > su: Sorry > >> >> >> > > >> >> >> > > >> >> >> > kes# pw user mod svn -s /bin/bash > >> >> >> > kes# pw user show svn > >> >> >> > svn:*:1005:1005::0:0:SVN user:/nonexistent:/bin/bash > >> >> >> > kes# /usr/local/etc/rc.d/svnserve start > >> >> >> > Starting svnserve. > >> >> >> > su: Sorry > >> >> >> > >> >> >> try to change directory to existent > >> >> > >> >> P> (1) What's /bin/bash? Check existing shell. > >> >> > >> >> P> (2) As you said: Check existing directory. > >> >> > >> >> P> (3) Regarding su, check for wheel group inclusion. > >> >> > >> >> home# uname -a > >> >> FreeBSD home.kes.net.ua 7.0-STABLE FreeBSD 7.0-STABLE #0: Tue Aug 12 > >> >> 02:11:24 EEST 2008 > >> >> k...@kes.net.ua:/usr/obj/usr/src/sys/KES_KERN_v7 i386 home# pw user > >> >> show svn > >> >> svn:*:1003:1002::0:0:SVN user:/nonexistent:/usr/sbin/nologin > >> >> > >> >> As you can see on 'home' machine svn user has no valid shell also it > >> >> has not valid home directory and it is not included into wheel group > >> >> > >> >> But svnserve is started and works fine. With same settings svnserve > >> >> does not work on > >> >> kes# uname -a > >> >> FreeBSD kes.net.ua 7.1-PRERELEASE FreeBSD 7.1-PRERELEASE #: Sun Nov > >> >> 23 17:19:12 EET 2008 > >> >> k...@home.kes.net.ua:/usr/obj/usr/src/sys/KES_KERN_v7 i386 > >> > >> M> echo 'rc_debug="YES"'>>/etc/rc.conf > >> M> /usr/local/etc/rc.d/svnserve start > >> > >> M> Show output from /var/log/messages. > >> > >> kes# kes# /usr/local/etc/rc.d/svnserve start > >> /usr/local/etc/rc.d/svnserve: DEBUG: checkyesno: svnserve_enable is set > >> to YES. Starting svnserve. > >> /usr/local/etc/rc.d/svnserve: DEBUG: run_rc_command: doit: su -m svn -c > >> 'sh -c "/usr/local/bin/svnserve -d --listen-port=3690 --foreground -r > >> /var/db/trunk"' su: Sorry > > M> Does this command work from the command line? > M> If not, does it work if called as su -fm rather then su -m? > M> If that does not work, does the primary group svn is supposed to be in > exist? > > > kes# su -m svn -c 'sh -c "/usr/local/bin/svnserve -d --listen-port=3690 > --foreground -r /var/db/trunk"' su: Sorry > kes# su -fm svn -c 'sh -c "/usr/local/bin/svnserve -d --listen-port=3690 > --foreground -r /var/db/trunk"' su: Sorry > kes# pw group show svn > svn:*:1005: > kes# cat /etc/group | grep svn > svn:*:1005: > kes# pw user show svn > svn:*:1005:1005::0:0:SVN user:/nonexistent:/bin/bash > > As you see it does not work also with -fm option > > > Also I notice next differences between FreeBDS 7.0 and 7.1 (detail below) > Notice that on both system account is locked, has no valid shell and > home directory > on FreeBSD 7.0 when I try to login with svn user it says: This account is > currently not available. on FreeBSD 7.1 when I try to login with svn user > it says: su: Sorry Maybe there is a problem with su on FreeBSD 7.1? > > > > home# pw user show svn > svn:*:1003:1002::0:0:SVN user:/nonexistent:/usr/sbin/nologin > home# su svn > This account is currently not available. > > > kes# pw user show svn > svn:*:1005:1005::0:0:SVN user:/nonexistent:/bin/bash > kes# su svn > su: Sorry > kes# pw user mod svn -s /usr/bin/nologin > kes# pw user show svn > svn:*:1005:1005::0:0:SVN user:/nonexistent:/usr/bin/nologin > kes# su svn > su: Sorry
The problem is elsewhere. Probably in pam(3) on the faulty machine. The only change to su.c from 7.0 to 7.1 is fixing a compiler warning. There are 3 instances where su exits with "Sorry". All occasions are logged to syslog. Can you dig those log entries up? -- Mel Problem with today's modular software: they start with the modules and never get to the software part. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"