On Wed, Jun 17, 2020 at 09:26:19AM -0500, Bruce Dubbs wrote: > On 6/17/20 9:19 AM, Ken Moffat wrote: > > I've now completed, and booted, a build of the new-style LFS. I'm > > loggied in (and using ssh to write this post). Both my normal > > users (ken, lfs), as well as root can login - so the passwords are > > correct. > > > > But only root can su, so I'm not going to be able to build anything > > after I've built X and run 'startx'. > > > > If I try to su, either to root or to another user, I get: > > > > ken@plexi /sources/scripts/lfs-dev/git$ su - lfs > > Password: > > su: Authentication failure > > > > And /var/log/auth.log shows > > > > Jun 17 14:48:04 plexi su[14069]: Authentication failed for root > > Jun 17 14:48:04 plexi su[14069]: FAILED su for root by ken > > Jun 17 14:48:04 plexi su[14069]: - /dev/tty2 ken:rootJun 17 14:49:10 plexi > > su[14077]: Authentication failed for root > > Jun 17 14:49:10 plexi su[14077]: FAILED su for root by lfs > > Jun 17 14:49:10 plexi su[14077]: - /dev/tty2 lfs:root > > [...] > > Jun 17 14:50:19 plexi su[14086]: Authentication failed for root > > Jun 17 14:50:19 plexi su[14086]: FAILED su for root by ken > > Jun 17 14:50:19 plexi su[14086]: - /dev/tty3 ken:root > > Jun 17 15:01:05 plexi su[14206]: Authentication failed for lfs > > Jun 17 15:01:05 plexi su[14206]: FAILED su for lfs by ken > > Jun 17 15:01:05 plexi su[14206]: - /dev/tty5 ken:lfs > > Jun 17 15:02:48 plexi su[14207]: Successful su for ken by root > > Jun 17 15:02:48 plexi su[14207]: + /dev/tty2 root:ken > > > > At this point I don't have PAM installed. 'su' is from shadow-4.8.1. > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > Looking at shadow, I've made two changes since my last successful > > build: > > > > First, I applied the change to make the first user 1000 (until now I > > had omitted that) > > > > sed -i 's/1000/999/' etc/useradd > > > > Second, I changed the sed to force SHA512 to match the book (just > > reformatting) and git shows the following for my change: > > > > -sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \ > > - -e 's@/var/spool/mail@/var/mail@' etc/login.defs 2>$KM_LOG > > +sed -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \ > > + -e 's@/var/spool/mail@/var/mail@' \ > > + -i etc/login.defs 2>$KM_LOG > > > > I'm at a loss to know where I should be looking. Any suggestions, > > please ? > > I'm still a little behind you. I have not built PAM yet, but have you > rebuilt shadow after PAM? > > -- Bruce > Hi Bruce, I have not installed PAM at this point.
ĸen -- He died at the console, of hunger and thirst. Next day he was buried, face-down, nine-edge first. - the perfect programmer -- http://lists.linuxfromscratch.org/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page Do not top post on this list. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? http://en.wikipedia.org/wiki/Posting_style