Re: FreeBSD and IPMI how-to (was Re: su problem)

2012-06-15 Thread Chuck Tuffli 
On Thu, Jun 14, 2012 at 6:27 PM, Matthew X. Economou
 wrote:
...
> Would some kind soul point me to a howto for configuring IPMI on
> FreeBSD?  I have a Dell PowerEdge 840 that supports IPMI, but I have
> no idea how to set it up - either in the BIOS or in FreeBSD.  I've
> messed around with ipmitools a little, but I haven't gotten it to
> work.

We have HP boxes here with IPMI (mostly v1.5), and by and large, there
isn't much FreeBSD configuration. The set of things I do for serial
over LAN are the same as for a regular serial console:

1) create /boot.config with the line
-D -S115200

2) create /boot/loader.conf with the lines
boot_multicons="YES"
comconsole_speed="115200"
console="comconsole,vidconsole"

3) change /etc/ttys to allow a login over the console. something similar to
ttyu0   "/usr/libexec/getty std.115200" vt100   on secure

The rest of the configuration is in the BIOS and tends to be vendor
specific. Once this is configured, you can use something like ipmitool
to control power (chassis power on, chassis power reset, ...) and get
a serial console (sol activate). HTH.

---chuck
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: FreeBSD and IPMI how-to (was Re: su problem)

2012-06-15 Thread Daniel Braniss 
> Hi, all,
> 
> 
> Am 15.06.2012 um 03:27 schrieb Matthew X. Economou:
> > Daniel Braniss writes:
> > 
> >> just for the record, serial on 8.x works fine! the device naming
> >> has changed from sio to uart, and maybe some features. We use it
> >> on all our servers, even redirecting it where possible via
> >> ILO,IMPI,DRAC.  and is great for debuging or saving long trips :-)
> > 
> > Would some kind soul point me to a howto for configuring IPMI on
> > FreeBSD?  I have a Dell PowerEdge 840 that supports IPMI, but I have
> > no idea how to set it up - either in the BIOS or in FreeBSD.  I've
> > messed around with ipmitools a little, but I haven't gotten it to
> > work.
> > > Did you
> > kldload ipmi
> ?
> > What's the output of
> > dmesg>  kldstat
> > after loading the module?
> > With the module loaded, you should be able to get something like this:
> > devel# ipmitool sensor
> Ambient  | 23.500 | degrees C  | ok| na| 1.000   =  | 
> 6.000 | 37.000| 42.000| na
> Systemboard  | 32.000 | degrees C  | ok| na| na  =  | 
> na| 60.000| 65.000| na
> CPU1 | 49.000 | degrees C  | ok| na| na  =  | 
> na| 93.000| 97.000| na
> CPU2 | 48.000 | degrees C  | ok| na| na  =  | 
> na| 93.000| 97.000| na
> ...
[...]

the ipmi kernel module allows interfacing/communicating with the 'local 
system', which is nice,
unless the kernel went bonkers.

You can - after some configuring(*) - connect from another host via something 
like:
 ipmitool -A MD5 -H  -U root -I lanplus sol 
activate
and get the remote host console, or do a power cycle:
 ipmitool -A MD5 -H   -U root power cycle


danny
*: you need configure/enable the bios/drac.



___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: FreeBSD and IPMI how-to (was Re: su problem)

2012-06-15 Thread Randy Bush 
i want two things from ipmi, reset and kva console.  freebsd ipmitool
gives me the first, and i already had an apc controlled power bar.

randy
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: FreeBSD and IPMI how-to (was Re: su problem)

2012-06-15 Thread Steven Hartland 

Daniel Braniss writes:

Would some kind soul point me to a howto for configuring IPMI on
FreeBSD?  I have a Dell PowerEdge 840 that supports IPMI, but I have
no idea how to set it up - either in the BIOS or in FreeBSD.  I've
messed around with ipmitools a little, but I haven't gotten it to
work.


http://blog.multiplay.co.uk/2011/06/ipmi-under-freebsd-is-easy/

   Regards
   Steve


This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. 


In the event of misdirection, illegible or incomplete transmission please 
telephone +44 845 868 1337
or return the E.mail to postmas...@multiplay.co.uk.

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: FreeBSD and IPMI how-to (was Re: su problem)

2012-06-15 Thread Bob Bishop 
Hi,

On 15 Jun 2012, at 02:27, Matthew X. Economou wrote:

> Would some kind soul point me to a howto for configuring IPMI on
> FreeBSD?  I have a Dell PowerEdge 840 that supports IPMI, but I have
> no idea how to set it up - either in the BIOS or in FreeBSD.  I've
> messed around with ipmitools a little, but I haven't gotten it to
> work.

To get things like remote management and serial over LAN working, the config 
has to be right on both the OS and the platform. Others have addressed the 
FreeBSD end; configuration of the platform is documented here:

http://support.dell.com/support/edocs/software/smbmcmu

but you'll have to figure out which version is applicable to your box. When you 
have ipmitool working, the output of `ipmitool mc info' may help with that. 
Also, it seems like your box implements IPMI v1.5, which is rather less 
friendly than v2.

--
Bob Bishop
r...@gid.co.uk




___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: FreeBSD and IPMI how-to (was Re: su problem)

2012-06-14 Thread Patrick M. Hausen 
Hi, all,


Am 15.06.2012 um 03:27 schrieb Matthew X. Economou:
> Daniel Braniss writes:
> 
>> just for the record, serial on 8.x works fine! the device naming
>> has changed from sio to uart, and maybe some features. We use it
>> on all our servers, even redirecting it where possible via
>> ILO,IMPI,DRAC.  and is great for debuging or saving long trips :-)
> 
> Would some kind soul point me to a howto for configuring IPMI on
> FreeBSD?  I have a Dell PowerEdge 840 that supports IPMI, but I have
> no idea how to set it up - either in the BIOS or in FreeBSD.  I've
> messed around with ipmitools a little, but I haven't gotten it to
> work.


Did you

kldload ipmi
?

What's the output of

dmesg
kldstat

after loading the module?

With the module loaded, you should be able to get something like this:

devel# ipmitool sensor
Ambient  | 23.500 | degrees C  | ok| na| 1.000 | 
6.000 | 37.000| 42.000| na
Systemboard  | 32.000 | degrees C  | ok| na| na| na 
   | 60.000| 65.000| na
CPU1 | 49.000 | degrees C  | ok| na| na| na 
   | 93.000| 97.000| na
CPU2 | 48.000 | degrees C  | ok| na| na| na 
   | 93.000| 97.000| na
...
FAN1 SYS | 6120.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN2 SYS | 6480.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN3 SYS | 6000.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN4 SYS | 6480.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN5 SYS | 6120.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN6 SYS | 6480.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN7 SYS | 6120.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN8 SYS | 6480.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN9 SYS | 6240.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN10 SYS| 6720.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN11 SYS| 6240.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
FAN12 SYS| 6720.000   | RPM| ok| na| 1920.000  | na 
   | na| na| na
PSU1 Power   | 100.000| Watts  | ok| na| na| na 
   | na| na| na
PSU2 Power   | 96.000 | Watts  | ok| na| na| na 
   | na| na| na
Total Power  | 196.000| Watts  | ok| na| na| na 
   | na| na| na
Total Power Out  | 172.000| Watts  | ok| na| na| na 
   | na| na| na
...


Kind regards,
Patrickj
-- 
punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe
Tel. 0721 9109 0 * Fax 0721 9109 100
i...@punkt.de   http://www.punkt.de
Gf: Jürgen Egeling  AG Mannheim 108285



___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: FreeBSD and IPMI how-to (was Re: su problem)

2012-06-14 Thread Sean Bruno 
On Thu, 2012-06-14 at 18:27 -0700, Matthew X. Economou wrote:
> Daniel Braniss writes:
> 
> > just for the record, serial on 8.x works fine! the device naming
> > has changed from sio to uart, and maybe some features. We use it
> > on all our servers, even redirecting it where possible via
> > ILO,IMPI,DRAC.  and is great for debuging or saving long trips :-)
> 
> Would some kind soul point me to a howto for configuring IPMI on
> FreeBSD?  I have a Dell PowerEdge 840 that supports IPMI, but I have
> no idea how to set it up - either in the BIOS or in FreeBSD.  I've
> messed around with ipmitools a little, but I haven't gotten it to
> work.
> 
> Best wishes,
> Matthew
> 


I would start with installing the ipmitool port.  Other may suggest
freeipmi and openipmi for great justice.

try poking around with "sudo ipmitool shell" and see if you can figure
out what's going on.

Sean

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

FreeBSD and IPMI how-to (was Re: su problem)

2012-06-14 Thread Matthew X. Economou 
Daniel Braniss writes:

> just for the record, serial on 8.x works fine! the device naming
> has changed from sio to uart, and maybe some features. We use it
> on all our servers, even redirecting it where possible via
> ILO,IMPI,DRAC.  and is great for debuging or saving long trips :-)

Would some kind soul point me to a howto for configuring IPMI on
FreeBSD?  I have a Dell PowerEdge 840 that supports IPMI, but I have
no idea how to set it up - either in the BIOS or in FreeBSD.  I've
messed around with ipmitools a little, but I haven't gotten it to
work.

Best wishes,
Matthew

-- 
I FIGHT FOR THE USERS



smime.p7s
Description: S/MIME cryptographic signature

Re: su problem

2012-06-14 Thread Daniel Braniss 
> 
> 
> On 6/10/12 1:52 PM, Daniel Braniss wrote:
> >> Sami Halabi  wrote:
> >>  > Hi Oliver,
> >>  > I saw you had similar problem for console on 2010
> >>  > 
> >> http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stab=le-8-td3950684.html
> >>
> >> No, I don't think that the problem is related.  My problem
> >> was with the serial console, while you don't have a serial
> >> console attached at all (at least you didn't mention it).
> >>
> >>  > but the thread wasn't ended by recommendation or conclusions by you.
> >>  >
> >>  > did you solve that problem then?
> >>
> >> No, I came to the conclusion that the serial console support
> >> in FreeBSD 8 was broken somehow.  So I removed the console
> >> cable; it's running with an old VGA CRT as the console for
> >> now.  Fortunately I require console access very seldom, so
> >> I don't have to drive to that machine often.  It's still
> >> annoying, but I didn't find a better solution; downgrading
> >> to 7.x isn't an option.
> >>
> > just for the record, serial on 8.x works fine! the device naming has changed
> > from sio to uart, and maybe some features. We use it on all our servers, 
> > even
> > redirecting it where possible via ILO,IMPI,DRAC.  and is great for debuging
> > or saving long trips :-)
> > 
> > WARNING: control access to these devices, specialy since root can login
> > on the console!
> > 
> > danny
> >
> 
> Daniel, would you kindly elaborate on the DRAC console redirection thingy ?
> 
> We're using Dells here and I loathe having to use their web interface
> and the java app to get a console shell.

you need the drac module - sometimes it's optional, but if you can access it 
via the web
you probably have it.

you will have to:
set the bios to allow serial over ethernet, I can't remember off heart 
at the 
moment.
configure /boot/loader.conf:
console="comconsole,vidconsole"
comconsole_speed="38400"-- the speed is what you set it 
in the bios
configure /boot/device.hints:
hint.uart.0.flags="0x10"-- or .1. depending on the bios 
settings

install from ports sysutils/ipmitools
connect the ethernet port
and finaly:
ipmitool -A MD5 -H c  -U root -I lanplus sol activate

danny



___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-12 Thread Sami Halabi 
%su -m root -c 'cd /etc/ssh/ && sed -i .bak -e "s/PermitRootLogin
no/PermitRootLogin yes/"'
Password:
load: 0.00  cmd: su 42619 [ttydcd] 3.20r 0.00u 0.00s 0% 2088k

:(
I think there is no good solution but driving to the machine itself...

Sami

On Tue, Jun 12, 2012 at 4:10 PM, Damien Fleuriot  wrote:

> On 6/12/12 3:00 PM, Oliver Fromme wrote:
> > Damien Fleuriot  wrote:
> >  > Ok so, I've read all the replies so far and I'm a bit perplexed.
> >  >
> >  > Sami, before you drive 3 hours to and 3 hours fro, kindly log in as
> sody
> >  > over SSH, then try "login" to connect *locally* as the root user.
> >
> > That won't work.  Unless you've disabled the "securetty" check
> > in /etc/pam.d/login, but it is there for a reason.
> >
> > Best regards
> >Oliver
> >
>
>
> Aw :(
>
>
> With a bit of luck, anything that would just start a command without
> trying for an actual shell ?
>
> Perhaps su -m root -c 'cd /etc/ssh/ && sed -i .bak -e "s/PermitRootLogin
> no/PermitRootLogin yes/"' ?
>
> That way he could toggle remote root logins.
> ___
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-12 Thread Damien Fleuriot 
On 6/12/12 3:00 PM, Oliver Fromme wrote:
> Damien Fleuriot  wrote:
>  > Ok so, I've read all the replies so far and I'm a bit perplexed.
>  > 
>  > Sami, before you drive 3 hours to and 3 hours fro, kindly log in as sody
>  > over SSH, then try "login" to connect *locally* as the root user.
> 
> That won't work.  Unless you've disabled the "securetty" check
> in /etc/pam.d/login, but it is there for a reason.
> 
> Best regards
>Oliver
> 


Aw :(


With a bit of luck, anything that would just start a command without
trying for an actual shell ?

Perhaps su -m root -c 'cd /etc/ssh/ && sed -i .bak -e "s/PermitRootLogin
no/PermitRootLogin yes/"' ?

That way he could toggle remote root logins.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-12 Thread Oliver Fromme 
Damien Fleuriot  wrote:
 > Ok so, I've read all the replies so far and I'm a bit perplexed.
 > 
 > Sami, before you drive 3 hours to and 3 hours fro, kindly log in as sody
 > over SSH, then try "login" to connect *locally* as the root user.

That won't work.  Unless you've disabled the "securetty" check
in /etc/pam.d/login, but it is there for a reason.

Best regards
   Oliver


-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

"It combines all the worst aspects of C and Lisp:  a billion different
sublanguages in one monolithic executable.  It combines the power of C
with the readability of PostScript."
-- Jamie Zawinski, when asked: "What's wrong with perl?"
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-12 Thread Damien Fleuriot 

On 6/9/12 9:55 AM, Sami Halabi wrote:
> Hi,
> I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
> once done, i created regular accounts, in wheel group.
> 
> first all was okay, but suddenly i found my self blocked out, because i
> can't ssh as root, and i can't su either, when i su i get this:
> %su -
> Password:
> 
> and it stuck in that state whitout givving me root shell #.
> 
> any ideas how to solve this problem? the system is in the servers farm and
> i need to drive 3 hours each direction, so if there is remote solution i
> would appreciate it.
> 
> 
> %more /etc/group
> # $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith Exp $
> #
> wheel:*:0:root,sody
> .
> .
> .
> sody:*:1001:
> 
> Thanks in advance,
> 

Ok so, I've read all the replies so far and I'm a bit perplexed.


Sami, before you drive 3 hours to and 3 hours fro, kindly log in as sody
over SSH, then try "login" to connect *locally* as the root user.


If that works, you'll at least have recovered root access and will be
able to install sudo, which should help you a great deal.

Of course there's still the matter of finding what's wrong with your
machine, afterwards.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-12 Thread Damien Fleuriot 


On 6/10/12 1:52 PM, Daniel Braniss wrote:
>> Sami Halabi  wrote:
>>  > Hi Oliver,
>>  > I saw you had similar problem for console on 2010
>>  > 
>> http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stab=le-8-td3950684.html
>>
>> No, I don't think that the problem is related.  My problem
>> was with the serial console, while you don't have a serial
>> console attached at all (at least you didn't mention it).
>>
>>  > but the thread wasn't ended by recommendation or conclusions by you.
>>  >
>>  > did you solve that problem then?
>>
>> No, I came to the conclusion that the serial console support
>> in FreeBSD 8 was broken somehow.  So I removed the console
>> cable; it's running with an old VGA CRT as the console for
>> now.  Fortunately I require console access very seldom, so
>> I don't have to drive to that machine often.  It's still
>> annoying, but I didn't find a better solution; downgrading
>> to 7.x isn't an option.
>>
> just for the record, serial on 8.x works fine! the device naming has changed
> from sio to uart, and maybe some features. We use it on all our servers, even
> redirecting it where possible via ILO,IMPI,DRAC.  and is great for debuging
> or saving long trips :-)
> 
> WARNING: control access to these devices, specialy since root can login
> on the console!
> 
> danny
>

Daniel, would you kindly elaborate on the DRAC console redirection thingy ?

We're using Dells here and I loathe having to use their web interface
and the java app to get a console shell.

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-12 Thread Oliver Pinter 
truss, ktrace

the sody user is member of wheel?

On 6/12/12, Ronald Klop  wrote:
> On Mon, 11 Jun 2012 15:53:34 +0200, Sami Halabi  wrote:
>
>> Hi,
>> I opened 2 terminals with user sody.
>> in first i hit "su -", and supplied password, it was stcuked.
>> in the other I did:
>>
>> %ps xau | grep su
>> sody  39830  0.0  0.0  9124  1500   0  S+4:51PM   0:00.00 grep su
>> root  39812  0.0  0.0 21732  2088   1  I 4:49PM   0:00.00 su -
>> root  39813  0.0  0.0 21732  2108   1  I+4:49PM   0:00.00 su -
>> %procstat -kk 39812
>>   PIDTID COMM TDNAME   KSTACK
>> %procstat -kk 39813
>>   PIDTID COMM TDNAME   KSTACK
>> %
>>
>
> Mmmm, I'm out of options than. Maybe somebody else has a good idea.
>
> Ronald.
>
>
>>
>> Sami
>>
>> On Mon, Jun 11, 2012 at 11:14 AM, Ronald Klop
>> wrote:
>>
>>> On Sat, 09 Jun 2012 18:42:27 +0200, Eugene Grosbein 
>>> wrote:
>>>
>>>  09.06.2012 19:47, Sami Halabi пишет:

> %su -
> Password:
> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
>

 Perpaps, your system had no keyboard attached at boot time;
 or for some other reason it booted with /dev/console being serial
 console
 instead of vidconsole. su locks trying to access serial console
 that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
 Hence, it waits for CD on the first serial port (miserably and
 hopelessly).

 You can check if it's true with "sysctl kern.console" command.
 You could ask someone to boot the system with keyboard attached -
 no need to type anything, though. The system should detect it
 and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
 And "su" won't lock.

 Eugene Grosbein

>>>
>>>
>>> Can you see what su is doing with procstat -kk ?
>>>
>>> __**_
>>> freebsd-stable@freebsd.org mailing list
>>> http://lists.freebsd.org/**mailman/listinfo/freebsd-**stable
>>> To unsubscribe, send any mail to
>>> "freebsd-stable-unsubscribe@**freebsd.org
>>> "
>>>
>>
>>
> ___
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
>
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-12 Thread Ronald Klop 

On Mon, 11 Jun 2012 15:53:34 +0200, Sami Halabi  wrote:


Hi,
I opened 2 terminals with user sody.
in first i hit "su -", and supplied password, it was stcuked.
in the other I did:

%ps xau | grep su
sody  39830  0.0  0.0  9124  1500   0  S+4:51PM   0:00.00 grep su
root  39812  0.0  0.0 21732  2088   1  I 4:49PM   0:00.00 su -
root  39813  0.0  0.0 21732  2108   1  I+4:49PM   0:00.00 su -
%procstat -kk 39812
  PIDTID COMM TDNAME   KSTACK
%procstat -kk 39813
  PIDTID COMM TDNAME   KSTACK
%



Mmmm, I'm out of options than. Maybe somebody else has a good idea.

Ronald.




Sami

On Mon, Jun 11, 2012 at 11:14 AM, Ronald Klop
wrote:


On Sat, 09 Jun 2012 18:42:27 +0200, Eugene Grosbein 
wrote:

 09.06.2012 19:47, Sami Halabi пишет:



%su -
Password:
load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k



Perpaps, your system had no keyboard attached at boot time;
or for some other reason it booted with /dev/console being serial  
console

instead of vidconsole. su locks trying to access serial console
that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
Hence, it waits for CD on the first serial port (miserably and
hopelessly).

You can check if it's true with "sysctl kern.console" command.
You could ask someone to boot the system with keyboard attached -
no need to type anything, though. The system should detect it
and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
And "su" won't lock.

Eugene Grosbein




Can you see what su is doing with procstat -kk ?

__**_
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/**mailman/listinfo/freebsd-**stable
To unsubscribe, send any mail to  
"freebsd-stable-unsubscribe@**freebsd.org

"





___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-11 Thread Sami Halabi 
Hi,
I opened 2 terminals with user sody.
in first i hit "su -", and supplied password, it was stcuked.
in the other I did:

%ps xau | grep su
sody  39830  0.0  0.0  9124  1500   0  S+4:51PM   0:00.00 grep su
root  39812  0.0  0.0 21732  2088   1  I 4:49PM   0:00.00 su -
root  39813  0.0  0.0 21732  2108   1  I+4:49PM   0:00.00 su -
%procstat -kk 39812
  PIDTID COMM TDNAME   KSTACK
%procstat -kk 39813
  PIDTID COMM TDNAME   KSTACK
%


Sami

On Mon, Jun 11, 2012 at 11:14 AM, Ronald Klop
wrote:

> On Sat, 09 Jun 2012 18:42:27 +0200, Eugene Grosbein 
> wrote:
>
>  09.06.2012 19:47, Sami Halabi пишет:
>>
>>> %su -
>>> Password:
>>> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
>>>
>>
>> Perpaps, your system had no keyboard attached at boot time;
>> or for some other reason it booted with /dev/console being serial console
>> instead of vidconsole. su locks trying to access serial console
>> that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
>> Hence, it waits for CD on the first serial port (miserably and
>> hopelessly).
>>
>> You can check if it's true with "sysctl kern.console" command.
>> You could ask someone to boot the system with keyboard attached -
>> no need to type anything, though. The system should detect it
>> and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
>> And "su" won't lock.
>>
>> Eugene Grosbein
>>
>
>
> Can you see what su is doing with procstat -kk ?
>
> __**_
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/**mailman/listinfo/freebsd-**stable
> To unsubscribe, send any mail to 
> "freebsd-stable-unsubscribe@**freebsd.org
> "
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-11 Thread Ronald Klop 
On Sat, 09 Jun 2012 18:42:27 +0200, Eugene Grosbein   
wrote:



09.06.2012 19:47, Sami Halabi пишет:

%su -
Password:
load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k


Perpaps, your system had no keyboard attached at boot time;
or for some other reason it booted with /dev/console being serial console
instead of vidconsole. su locks trying to access serial console
that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
Hence, it waits for CD on the first serial port (miserably and  
hopelessly).


You can check if it's true with "sysctl kern.console" command.
You could ask someone to boot the system with keyboard attached -
no need to type anything, though. The system should detect it
and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
And "su" won't lock.

Eugene Grosbein



Can you see what su is doing with procstat -kk ?
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Brian W. 
Anything in the /var/log files give you a clue?
On Jun 10, 2012 10:29 AM, "Sami Halabi"  wrote:

> But how do I solve the problem?
>
> On Sun, Jun 10, 2012 at 7:17 PM, Eugene Grosbein 
> wrote:
>
> > 10.06.2012 01:45, Sami Halabi пишет:
> > > Hi,
> > >
> > > %sysctl kern.console
> > > kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom,
> > >
> > > %tail /var/log/messages
> > > Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
> > > Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
> > > Jun  7 20:18:04 vps16 kernel: ugen0.2:  at usbus0
> > > Jun  7 20:18:04 vps16 kernel: ukbd0:  > > 0/0, rev 1.10/2.50, addr 2> on usbus0
> > > Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
> > > Jun  7 20:18:05 vps16 kernel: uhid0:  > > 0/0, rev 1.10/2.50, addr 2> on usbus0
> > > Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
> > > Jun  7 20:21:19 vps16 kernel: ugen0.2:  at usbus0
> > > (disconnected)
> > > Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2
> > (disconnected)
> > > Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2
> > (disconnected)
> > > %
> > >
> > > the system was loaded with keyboard and disconnected later if i
> > understand
> > > the logs...
> > >
> > > New ideas are appreciated, and thanks in advance,
> > > Sami
> >
> > I still believe your problem concerns serial console:
> > su writes to it, indirectly - it notes root login through syslogd
> > that writes the message to /dev/console and locks in your case, locking
> su.
> >
> > Eugene Grosbein
> >
>
>
>
> --
> Sami Halabi
> Information Systems Engineer
> NMS Projects Expert
> FreeBSD SysAdmin Expert
> ___
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
>
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Sami Halabi 
I'll try to reboot the machine when I go to the farm during this week, and
i'll report.

Thanks for all who tried to help.

Sami


On Sun, Jun 10, 2012 at 9:29 PM, Eugene Grosbein  wrote:

> 10.06.2012 18:57, Sami Halabi пишет:
> > Well,in8.1 & 8.2it worked fine for me, in 8.3 i got this problem.
>
> Have you asked someone to power cycle the box?
> The problem may go away if it was caused by unusual actions at boot...
>
> Eugene Grosbein
>
>


-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Eugene Grosbein 
10.06.2012 18:57, Sami Halabi пишет:
> Well,in8.1 & 8.2it worked fine for me, in 8.3 i got this problem.

Have you asked someone to power cycle the box?
The problem may go away if it was caused by unusual actions at boot...

Eugene Grosbein

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Eugene Grosbein 
11.06.2012 01:21, Sami Halabi пишет:
> Hi,
> 
> %grep console /etc/syslog.conf
> *.err;kern.warning;auth.notice;mail.crit/dev/console
> # uncomment this to log all writes to /dev/console to /var/log/console.log
> #console.info    
> /var/log/console.log
> %
> 
> %kenv | grep console
> comconsole_speed="9600"
> console="vidconsole"
> %
> 
> does this makes us sure with the problem?

No, this is against my proposition: console="vidconsole"
states that /dev/console is not serial port but VGA output that cannot lock...
Sorry, no other thoughts yet...
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Sami Halabi 
Hi,

%grep console /etc/syslog.conf
*.err;kern.warning;auth.notice;mail.crit/dev/console
# uncomment this to log all writes to /dev/console to /var/log/console.log
#console.info   /var/log/console.log
%

%kenv | grep console
comconsole_speed="9600"
console="vidconsole"
%

does this makes us sure with the problem?

Sami

On Sun, Jun 10, 2012 at 8:58 PM, Eugene Grosbein  wrote:

> 11.06.2012 00:28, Sami Halabi пишет:
> > But how do I solve the problem?
>
> First you know for sure if it's true.
> Please show output of "grep console /etc/syslog.conf" and "kenv | grep
> console".
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Eugene Grosbein 
11.06.2012 00:28, Sami Halabi пишет:
> But how do I solve the problem?

First you know for sure if it's true.
Please show output of "grep console /etc/syslog.conf" and "kenv | grep console".
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Sami Halabi 
But how do I solve the problem?

On Sun, Jun 10, 2012 at 7:17 PM, Eugene Grosbein  wrote:

> 10.06.2012 01:45, Sami Halabi пишет:
> > Hi,
> >
> > %sysctl kern.console
> > kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom,
> >
> > %tail /var/log/messages
> > Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
> > Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
> > Jun  7 20:18:04 vps16 kernel: ugen0.2:  at usbus0
> > Jun  7 20:18:04 vps16 kernel: ukbd0:  > 0/0, rev 1.10/2.50, addr 2> on usbus0
> > Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
> > Jun  7 20:18:05 vps16 kernel: uhid0:  > 0/0, rev 1.10/2.50, addr 2> on usbus0
> > Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
> > Jun  7 20:21:19 vps16 kernel: ugen0.2:  at usbus0
> > (disconnected)
> > Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2
> (disconnected)
> > Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2
> (disconnected)
> > %
> >
> > the system was loaded with keyboard and disconnected later if i
> understand
> > the logs...
> >
> > New ideas are appreciated, and thanks in advance,
> > Sami
>
> I still believe your problem concerns serial console:
> su writes to it, indirectly - it notes root login through syslogd
> that writes the message to /dev/console and locks in your case, locking su.
>
> Eugene Grosbein
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Eugene Grosbein 
10.06.2012 01:45, Sami Halabi пишет:
> Hi,
> 
> %sysctl kern.console
> kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom,
> 
> %tail /var/log/messages
> Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
> Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
> Jun  7 20:18:04 vps16 kernel: ugen0.2:  at usbus0
> Jun  7 20:18:04 vps16 kernel: ukbd0:  0/0, rev 1.10/2.50, addr 2> on usbus0
> Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
> Jun  7 20:18:05 vps16 kernel: uhid0:  0/0, rev 1.10/2.50, addr 2> on usbus0
> Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
> Jun  7 20:21:19 vps16 kernel: ugen0.2:  at usbus0
> (disconnected)
> Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected)
> Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected)
> %
> 
> the system was loaded with keyboard and disconnected later if i understand
> the logs...
> 
> New ideas are appreciated, and thanks in advance,
> Sami

I still believe your problem concerns serial console:
su writes to it, indirectly - it notes root login through syslogd
that writes the message to /dev/console and locks in your case, locking su.

Eugene Grosbein
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Sami Halabi 
Well,in8.1 & 8.2it worked fine for me, in 8.3 i got this problem.

On Sun, Jun 10, 2012 at 2:52 PM, Daniel Braniss  wrote:

> > Sami Halabi  wrote:
> >  > Hi Oliver,
> >  > I saw you had similar problem for console on 2010
> >  >
> http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stab=le-8-td3950684.html
> >
> > No, I don't think that the problem is related.  My problem
> > was with the serial console, while you don't have a serial
> > console attached at all (at least you didn't mention it).
> >
> >  > but the thread wasn't ended by recommendation or conclusions by you.
> >  >
> >  > did you solve that problem then?
> >
> > No, I came to the conclusion that the serial console support
> > in FreeBSD 8 was broken somehow.  So I removed the console
> > cable; it's running with an old VGA CRT as the console for
> > now.  Fortunately I require console access very seldom, so
> > I don't have to drive to that machine often.  It's still
> > annoying, but I didn't find a better solution; downgrading
> > to 7.x isn't an option.
> >
> just for the record, serial on 8.x works fine! the device naming has
> changed
> from sio to uart, and maybe some features. We use it on all our servers,
> even
> redirecting it where possible via ILO,IMPI,DRAC.  and is great for debuging
> or saving long trips :-)
>
> WARNING: control access to these devices, specialy since root can login
> on the console!
>
> danny
>
>
>


-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Daniel Braniss 
> Sami Halabi  wrote:
>  > Hi Oliver,
>  > I saw you had similar problem for console on 2010
>  > 
> http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stab=le-8-td3950684.html
> 
> No, I don't think that the problem is related.  My problem
> was with the serial console, while you don't have a serial
> console attached at all (at least you didn't mention it).
> 
>  > but the thread wasn't ended by recommendation or conclusions by you.
>  >
>  > did you solve that problem then?
> 
> No, I came to the conclusion that the serial console support
> in FreeBSD 8 was broken somehow.  So I removed the console
> cable; it's running with an old VGA CRT as the console for
> now.  Fortunately I require console access very seldom, so
> I don't have to drive to that machine often.  It's still
> annoying, but I didn't find a better solution; downgrading
> to 7.x isn't an option.
>
just for the record, serial on 8.x works fine! the device naming has changed
from sio to uart, and maybe some features. We use it on all our servers, even
redirecting it where possible via ILO,IMPI,DRAC.  and is great for debuging
or saving long trips :-)

WARNING: control access to these devices, specialy since root can login
on the console!

danny


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Oliver Fromme 
Sami Halabi  wrote:
 > Hi Oliver,
 > I saw you had similar problem for console on 2010
 > http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stable-8-td3950684.html

No, I don't think that the problem is related.  My problem
was with the serial console, while you don't have a serial
console attached at all (at least you didn't mention it).

 > but the thread wasn't ended by recommendation or conclusions by you.
 > 
 > did you solve that problem then?

No, I came to the conclusion that the serial console support
in FreeBSD 8 was broken somehow.  So I removed the console
cable; it's running with an old VGA CRT as the console for
now.  Fortunately I require console access very seldom, so
I don't have to drive to that machine often.  It's still
annoying, but I didn't find a better solution; downgrading
to 7.x isn't an option.

Best regards
   Oliver


-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

"... there are two ways of constructing a software design:  One way
is to make it so simple that there are _obviously_ no deficiencies and
the other way is to make it so complicated that there are no _obvious_
deficiencies."-- C.A.R. Hoare, ACM Turing Award Lecture, 1980
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-10 Thread Sami Halabi 
Hi Oliver,
I saw you had similar problem for console on 2010
http://freebsd.1045724.n5.nabble.com/Serial-console-problems-with-stable-8-td3950684.html


but the thread wasn't ended by recommendation or conclusions by you.

did you solve that problem then?

it seems i have something similr.
look at the logs:
%tail /var/log/messages
Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
Jun  7 20:18:04 vps16 kernel: ugen0.2:  at usbus0
Jun  7 20:18:04 vps16 kernel: ukbd0:  on usbus0
Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
Jun  7 20:18:05 vps16 kernel: uhid0:  on usbus0
Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
Jun  7 20:21:19 vps16 kernel: ugen0.2:  at usbus0
(disconnected)
Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected)
Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected)

i had a keyboard attached but then removed after the system went up.

Thanks in advance,
Sami

On Sat, Jun 9, 2012 at 5:43 PM,  wrote:

> Sami Halabi  wrote:
>  > %id
>  > uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel)
>  > %
>  >
>  > i have another account also id 1002 - sody2, also in group wheel.
>  > i can ssh using user sody/sody2, however su doesn't work if i do: su
> sody2,
>  > when i logged in with user sody.
>  > it seems that su is broken somehow
>
> Something is definitely broken.  Maybe the suid-root bit was
> accidentally removed from the su binary?  What is the output
> from "ls -l /usr/bin/su"?
>
> Best regards
>   Oliver
>
>
> --
> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
> Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
> secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
> chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
>
> FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd
>
> "If you think C++ is not overly complicated, just what is a protected
> abstract virtual base pure virtual private destructor, and when was the
> last time you needed one?"
>-- Tom Cargil, C++ Journal
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
unfortunatlly its not installed by default and i didn't have the chance to
install it because i locked out quickly :(
Sami

On Sun, Jun 10, 2012 at 12:11 AM, Andrey Zonov  wrote:

> sudo is not installed?
>
>
> On 6/10/12 12:22 AM, Sami Halabi wrote:
>
>> I already posted that:
>>
>> %ls -l /usr/bin/su
>> -r-sr-xr-x  1 root  wheel  16944 Jun  7 19:47 /usr/bin/su
>> %
>>
>> Sami
>>
>> On Sat, Jun 9, 2012 at 10:57 PM, Mark Saad
>>  wrote:
>>
>>
>>>
>>>
>>> On Jun 9, 2012, at 2:45 PM, Sami Halabi  wrote:
>>>
>>>  Hi,

 %sysctl kern.console
 kern.console: ttyv0,dcons,/dcons,ttyv0,uart,**ucom,

 %tail /var/log/messages
 Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
 Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
 Jun  7 20:18:04 vps16 kernel: ugen0.2:  at usbus0
 Jun  7 20:18:04 vps16 kernel: ukbd0:>>> 0/0, rev 1.10/2.50, addr 2>  on usbus0
 Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
 Jun  7 20:18:05 vps16 kernel: uhid0:>>> 0/0, rev 1.10/2.50, addr 2>  on usbus0
 Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
 Jun  7 20:21:19 vps16 kernel: ugen0.2:  at usbus0
 (disconnected)
 Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2

>>> (disconnected)
>>>
 Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2

>>> (disconnected)
>>>
 %

 the system was loaded with keyboard and disconnected later if i

>>> understand
>>>
 the logs...

 New ideas are appreciated, and thanks in advance,
 Sami

 On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein

>>> wrote:
>>>

  09.06.2012 19:47, Sami Halabi пишет:
>
>> %su -
>> Password:
>> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
>>
>
> Perpaps, your system had no keyboard attached at boot time;
> or for some other reason it booted with /dev/console being serial
>
 console
>>>
 instead of vidconsole. su locks trying to access serial console
> that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
> Hence, it waits for CD on the first serial port (miserably and
>
 hopelessly).
>>>

> You can check if it's true with "sysctl kern.console" command.
> You could ask someone to boot the system with keyboard attached -
> no need to type anything, though. The system should detect it
> and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
> And "su" won't lock.
>
> Eugene Grosbein
>
>


 --
 Sami Halabi
 Information Systems Engineer
 NMS Projects Expert
 FreeBSD SysAdmin Expert
 __**_
 freebsd-stable@freebsd.org mailing list
 http://lists.freebsd.org/**mailman/listinfo/freebsd-**stable
 To unsubscribe, send any mail to "freebsd-stable-unsubscribe@**
 freebsd.org 

>>> "
>>>
>>> Check the permissions on the su binary it could be missing the suid but.
>>>
>>> ---
>>> Mark saad | mark.s...@longcount.org
>>>
>>> __**_
>>> freebsd-stable@freebsd.org mailing list
>>> http://lists.freebsd.org/**mailman/listinfo/freebsd-**stable
>>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@**
>>> freebsd.org "
>>>
>>>
>>
>>
>>
>
> --
> Andrey Zonov
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Andrey Zonov 

sudo is not installed?

On 6/10/12 12:22 AM, Sami Halabi wrote:

I already posted that:

%ls -l /usr/bin/su
-r-sr-xr-x  1 root  wheel  16944 Jun  7 19:47 /usr/bin/su
%

Sami

On Sat, Jun 9, 2012 at 10:57 PM, Mark Saad  wrote:





On Jun 9, 2012, at 2:45 PM, Sami Halabi  wrote:


Hi,

%sysctl kern.console
kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom,

%tail /var/log/messages
Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
Jun  7 20:18:04 vps16 kernel: ugen0.2:  at usbus0
Jun  7 20:18:04 vps16 kernel: ukbd0:  on usbus0
Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
Jun  7 20:18:05 vps16 kernel: uhid0:  on usbus0
Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
Jun  7 20:21:19 vps16 kernel: ugen0.2:  at usbus0
(disconnected)
Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2

(disconnected)

Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2

(disconnected)

%

the system was loaded with keyboard and disconnected later if i

understand

the logs...

New ideas are appreciated, and thanks in advance,
Sami

On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein

wrote:



09.06.2012 19:47, Sami Halabi пишет:

%su -
Password:
load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k


Perpaps, your system had no keyboard attached at boot time;
or for some other reason it booted with /dev/console being serial

console

instead of vidconsole. su locks trying to access serial console
that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
Hence, it waits for CD on the first serial port (miserably and

hopelessly).


You can check if it's true with "sysctl kern.console" command.
You could ask someone to boot the system with keyboard attached -
no need to type anything, though. The system should detect it
and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
And "su" won't lock.

Eugene Grosbein





--
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org

"

Check the permissions on the su binary it could be missing the suid but.

---
Mark saad | mark.s...@longcount.org

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"








--
Andrey Zonov
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Mel Flynn 
On 9-6-2012 18:42, Eugene Grosbein wrote:
> 09.06.2012 19:47, Sami Halabi пишет:
>> %su -
>> Password:
>> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
> 
> Perpaps, your system had no keyboard attached at boot time;
> or for some other reason it booted with /dev/console being serial console
> instead of vidconsole. su locks trying to access serial console
> that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
> Hence, it waits for CD on the first serial port (miserably and hopelessly).
> 
> You can check if it's true with "sysctl kern.console" command.
> You could ask someone to boot the system with keyboard attached -
> no need to type anything, though. The system should detect it
> and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
> And "su" won't lock.

Just to get this clear - are you connected via ssh and want to use su?
If so, I fail to see why the keyboard would be in play as you need a
pty, not a vty.
Secondly, your logs mention a kbd2 that is disconnected, so where's
kbd1. And finally, why did the person that connected and disconnected
the keyboard leave a root login open?

-- 
Mel
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
I already posted that:

%ls -l /usr/bin/su
-r-sr-xr-x  1 root  wheel  16944 Jun  7 19:47 /usr/bin/su
%

Sami

On Sat, Jun 9, 2012 at 10:57 PM, Mark Saad  wrote:

>
>
>
> On Jun 9, 2012, at 2:45 PM, Sami Halabi  wrote:
>
> > Hi,
> >
> > %sysctl kern.console
> > kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom,
> >
> > %tail /var/log/messages
> > Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
> > Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
> > Jun  7 20:18:04 vps16 kernel: ugen0.2:  at usbus0
> > Jun  7 20:18:04 vps16 kernel: ukbd0:  > 0/0, rev 1.10/2.50, addr 2> on usbus0
> > Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
> > Jun  7 20:18:05 vps16 kernel: uhid0:  > 0/0, rev 1.10/2.50, addr 2> on usbus0
> > Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
> > Jun  7 20:21:19 vps16 kernel: ugen0.2:  at usbus0
> > (disconnected)
> > Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2
> (disconnected)
> > Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2
> (disconnected)
> > %
> >
> > the system was loaded with keyboard and disconnected later if i
> understand
> > the logs...
> >
> > New ideas are appreciated, and thanks in advance,
> > Sami
> >
> > On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein 
> wrote:
> >
> >> 09.06.2012 19:47, Sami Halabi пишет:
> >>> %su -
> >>> Password:
> >>> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
> >>
> >> Perpaps, your system had no keyboard attached at boot time;
> >> or for some other reason it booted with /dev/console being serial
> console
> >> instead of vidconsole. su locks trying to access serial console
> >> that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
> >> Hence, it waits for CD on the first serial port (miserably and
> hopelessly).
> >>
> >> You can check if it's true with "sysctl kern.console" command.
> >> You could ask someone to boot the system with keyboard attached -
> >> no need to type anything, though. The system should detect it
> >> and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
> >> And "su" won't lock.
> >>
> >> Eugene Grosbein
> >>
> >
> >
> >
> > --
> > Sami Halabi
> > Information Systems Engineer
> > NMS Projects Expert
> > FreeBSD SysAdmin Expert
> > ___
> > freebsd-stable@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org
> "
>
> Check the permissions on the su binary it could be missing the suid but.
>
> ---
> Mark saad | mark.s...@longcount.org
>
> ___
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Mark Saad 



On Jun 9, 2012, at 2:45 PM, Sami Halabi  wrote:

> Hi,
> 
> %sysctl kern.console
> kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom,
> 
> %tail /var/log/messages
> Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
> Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
> Jun  7 20:18:04 vps16 kernel: ugen0.2:  at usbus0
> Jun  7 20:18:04 vps16 kernel: ukbd0:  0/0, rev 1.10/2.50, addr 2> on usbus0
> Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
> Jun  7 20:18:05 vps16 kernel: uhid0:  0/0, rev 1.10/2.50, addr 2> on usbus0
> Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
> Jun  7 20:21:19 vps16 kernel: ugen0.2:  at usbus0
> (disconnected)
> Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected)
> Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected)
> %
> 
> the system was loaded with keyboard and disconnected later if i understand
> the logs...
> 
> New ideas are appreciated, and thanks in advance,
> Sami
> 
> On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein  wrote:
> 
>> 09.06.2012 19:47, Sami Halabi пишет:
>>> %su -
>>> Password:
>>> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
>> 
>> Perpaps, your system had no keyboard attached at boot time;
>> or for some other reason it booted with /dev/console being serial console
>> instead of vidconsole. su locks trying to access serial console
>> that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
>> Hence, it waits for CD on the first serial port (miserably and hopelessly).
>> 
>> You can check if it's true with "sysctl kern.console" command.
>> You could ask someone to boot the system with keyboard attached -
>> no need to type anything, though. The system should detect it
>> and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
>> And "su" won't lock.
>> 
>> Eugene Grosbein
>> 
> 
> 
> 
> -- 
> Sami Halabi
> Information Systems Engineer
> NMS Projects Expert
> FreeBSD SysAdmin Expert
> ___
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org" 

Check the permissions on the su binary it could be missing the suid but.

---
Mark saad | mark.s...@longcount.org

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
Hi,

%sysctl kern.console
kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom,

%tail /var/log/messages
Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
Jun  7 20:18:04 vps16 kernel: ugen0.2:  at usbus0
Jun  7 20:18:04 vps16 kernel: ukbd0:  on usbus0
Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
Jun  7 20:18:05 vps16 kernel: uhid0:  on usbus0
Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
Jun  7 20:21:19 vps16 kernel: ugen0.2:  at usbus0
(disconnected)
Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected)
Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected)
%

the system was loaded with keyboard and disconnected later if i understand
the logs...

New ideas are appreciated, and thanks in advance,
Sami

On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein  wrote:

> 09.06.2012 19:47, Sami Halabi пишет:
> > %su -
> > Password:
> > load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
>
> Perpaps, your system had no keyboard attached at boot time;
> or for some other reason it booted with /dev/console being serial console
> instead of vidconsole. su locks trying to access serial console
> that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
> Hence, it waits for CD on the first serial port (miserably and hopelessly).
>
> You can check if it's true with "sysctl kern.console" command.
> You could ask someone to boot the system with keyboard attached -
> no need to type anything, though. The system should detect it
> and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
> And "su" won't lock.
>
> Eugene Grosbein
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
%stty clocal
%su -
Password:
load: 0.00  cmd: su 34023 [ttydcd] 0.72r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 34023 [ttydcd] 0.99r 0.00u 0.00s 0% 2092k

I tried stty -clocal also but didn't work

:(

any other ideas?


On Sat, Jun 9, 2012 at 6:43 PM, Ian Lepore wrote:

> On Sat, 2012-06-09 at 15:47 +0300, Sami Halabi wrote:
> > %su -
> > Password:
> > load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 4.81r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 5.34r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 5.72r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 6.21r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 6.67r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 7.14r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 7.53r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 7.89r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 8.14r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k
> >
> >
> > Thanks,
> > Sami
>
> Since the wait is "ttydcd", try "stty clocal" before doing the "su"
> command.  I don't know why su would be waiting for dcd (modem carrier)
> but setting clocal mode should eliminate that wait.
>
> -- Ian
>
>
>


-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Eugene Grosbein 
09.06.2012 19:47, Sami Halabi пишет:
> %su -
> Password:
> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k

Perpaps, your system had no keyboard attached at boot time;
or for some other reason it booted with /dev/console being serial console
instead of vidconsole. su locks trying to access serial console
that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
Hence, it waits for CD on the first serial port (miserably and hopelessly).

You can check if it's true with "sysctl kern.console" command.
You could ask someone to boot the system with keyboard attached -
no need to type anything, though. The system should detect it
and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
And "su" won't lock.

Eugene Grosbein
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Ian Lepore 
On Sat, 2012-06-09 at 15:47 +0300, Sami Halabi wrote:
> %su -
> Password:
> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 4.81r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 5.34r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 5.72r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 6.21r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 6.67r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 7.14r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 7.53r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 7.89r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 8.14r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k
> 
> 
> Thanks,
> Sami

Since the wait is "ttydcd", try "stty clocal" before doing the "su"
command.  I don't know why su would be waiting for dcd (modem carrier)
but setting clocal mode should eliminate that wait.

-- Ian


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
Hi,
%ls -l /usr/bin/su
-r-sr-xr-x  1 root  wheel  16944 Jun  7 19:47 /usr/bin/su
%

I don't think this realtred to suid bit, because if so it would give
permission denied error...

Sami

On Sat, Jun 9, 2012 at 5:43 PM, Oliver Fromme wrote:

> Sami Halabi  wrote:
>  > %id
>  > uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel)
>  > %
>  >
>  > i have another account also id 1002 - sody2, also in group wheel.
>  > i can ssh using user sody/sody2, however su doesn't work if i do: su
> sody2,
>  > when i logged in with user sody.
>  > it seems that su is broken somehow
>
> Something is definitely broken.  Maybe the suid-root bit was
> accidentally removed from the su binary?  What is the output
> from "ls -l /usr/bin/su"?
>
> Best regards
>   Oliver
>
>
> --
> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
> Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
> secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
> chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
>
> FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd
>
> "If you think C++ is not overly complicated, just what is a protected
> abstract virtual base pure virtual private destructor, and when was the
> last time you needed one?"
>-- Tom Cargil, C++ Journal
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Oliver Fromme 
Sami Halabi  wrote:
 > %id
 > uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel)
 > %
 > 
 > i have another account also id 1002 - sody2, also in group wheel.
 > i can ssh using user sody/sody2, however su doesn't work if i do: su sody2,
 > when i logged in with user sody.
 > it seems that su is broken somehow

Something is definitely broken.  Maybe the suid-root bit was
accidentally removed from the su binary?  What is the output
from "ls -l /usr/bin/su"?

Best regards
   Oliver


-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

"If you think C++ is not overly complicated, just what is a protected
abstract virtual base pure virtual private destructor, and when was the
last time you needed one?"
-- Tom Cargil, C++ Journal
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Adam Strohl 

On 6/9/2012 20:33, Sami Halabi wrote:

its the same as /var/log/messages


I assume you mean there is nothing there because it's not the same thing 
(yes dmesg stuff should get logged into syslog but your system obviously 
isn't working right so ...).


Past that I've been skimming this thread since you posted and I can't 
think of anything here that would resolve this except that it might be 
worth a try to have someone ctrl-alt-del it (requires no FreeBSD 
knowledge, passwords, etc by the person doing it and should gracefully 
reboot the server).   Its a total Hail Mary [pass] though [and probably 
won't work].


It might lock you out entirely, too.

P.S.
Beyond this incident obviously setting up a remote console is ideal, 
IPMI is very worth it, but my guess is you'd have it setup if your MB 
had it.  If you don't have an IPMI module and you happen to have another 
box there cross-patching their serial consoles to each other so if one 
goes down you can serial via the other one (ie; server1's com1 to 
server2's com2, and server2's com1 to server1's com2).  You need to set 
this up as root though so no help now.


--
Adam Strohl
http://www.ateamsystems.com/
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
its the same as /var/log/messages

On Sat, Jun 9, 2012 at 4:32 PM, Adam Strohl
wrote:

> On 6/9/2012 20:29, Sami Halabi wrote:
>
>> Hi,
>> /var/log/messages - no new logs
>>
>
> Sorry if this has been asked, anything in dmesg?
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Adam Strohl 

On 6/9/2012 20:29, Sami Halabi wrote:

Hi,
/var/log/messages - no new logs


Sorry if this has been asked, anything in dmesg?
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
Hi,
/var/log/messages - no new logs

%id sody2
uid=1002(sody2) gid=1002(sody2) groups=1002(sody2),0(wheel)
%

i did top on one session and followed it after I issued "su -"
the only new process issued is "su" and it stays there even after I supply
the password...

This is really strange, it never happend to me in earlier releases

even "su sody2" worked, but stopped after a while...

Help me please...

Sami

On Sat, Jun 9, 2012 at 4:05 PM, David Wolfskill wrote:

> On Sat, Jun 09, 2012 at 03:47:07PM +0300, Sami Halabi wrote:
> > %su -
> > Password:
> > load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k
> > ...
> > load: 0.00  cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k
> > ...
>
> Well, that wasn't as helpful as it might have been, then -- though it
> does clearly indicate that the process isn't waiting on (say) keyboard
> input.
>
> Have you checked messages (e.g., /var/log/messages)?
>
> Also, while you're logged in as your primary account, the output of "id
> sody2" may be useful.
>
> The other thing that comes to mind is that it may be useful for you to
> login (as "sody") twice (i.e., from 2 different xterms, or using a
> "terminal mux" program such as tmux(1) (in ports; sysutils/tmux) so from
> one session, you can try "su sody2" and from the other, you can issue
> commands such as "top" or "ps lwt ttydcd" to see what processes are
> running on the (apparently stalled) session.
>
> It's also possible that there's something wrong with the login shell
> initialization scripts used for sody2.  The above commands may help
> identify that case.
>
> Peace,
> david
> --
> David H. Wolfskill  da...@catwhisker.org
> Depriving a girl or boy of an opportunity for education is evil.
>
> See http://www.catwhisker.org/~david/publickey.gpg for my public key.
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
is it possible to set serial console over ip? or i need null cable?

On Sat, Jun 9, 2012 at 3:58 PM, Ronald Klop wrote:

> On Sat, 09 Jun 2012 09:55:28 +0200, Sami Halabi 
> wrote:
>
>  Hi,
>> I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
>> once done, i created regular accounts, in wheel group.
>>
>> first all was okay, but suddenly i found my self blocked out, because i
>> can't ssh as root, and i can't su either, when i su i get this:
>> %su -
>> Password:
>>
>> and it stuck in that state whitout givving me root shell #.
>>
>> any ideas how to solve this problem? the system is in the servers farm and
>> i need to drive 3 hours each direction, so if there is remote solution i
>> would appreciate it.
>>
>>
>> %more /etc/group
>> # $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith
>> Exp $
>> #
>> wheel:*:0:root,sody
>> .
>> .
>> .
>> sody:*:1001:
>>
>> Thanks in advance,
>>
>>
> It does not solve your problem now, but if it is a couple of hours away
> arrange some remote serial console access.
>
> Ronald.
> __**_
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/**mailman/listinfo/freebsd-**stable
> To unsubscribe, send any mail to 
> "freebsd-stable-unsubscribe@**freebsd.org
> "
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Ronald Klop 

On Sat, 09 Jun 2012 09:55:28 +0200, Sami Halabi  wrote:


Hi,
I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
once done, i created regular accounts, in wheel group.

first all was okay, but suddenly i found my self blocked out, because i
can't ssh as root, and i can't su either, when i su i get this:
%su -
Password:

and it stuck in that state whitout givving me root shell #.

any ideas how to solve this problem? the system is in the servers farm  
and

i need to drive 3 hours each direction, so if there is remote solution i
would appreciate it.


%more /etc/group
# $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith  
Exp $

#
wheel:*:0:root,sody
.
.
.
sody:*:1001:

Thanks in advance,



It does not solve your problem now, but if it is a couple of hours away  
arrange some remote serial console access.


Ronald.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
%su -
Password:
load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 4.81r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 5.34r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 5.72r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 6.21r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 6.67r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 7.14r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 7.53r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 7.89r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 8.14r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k
load: 0.00  cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k


Thanks,
Sami

On Sat, Jun 9, 2012 at 3:36 PM, David Wolfskill wrote:

> On Sat, Jun 09, 2012 at 03:32:44PM +0300, Sami Halabi wrote:
> > Hmm.. I don't get shell to send any commands, its just go a newline and
> > stuck there until i hit CTRL-C and go back.
> > waiting for long time doesn't work either
>
> ^T can sometimes provide clues as to the resource for which the process
> is waiting.
>
> Peace,
> david
> --
> David H. Wolfskill  da...@catwhisker.org
> Depriving a girl or boy of an opportunity for education is evil.
>
> See http://www.catwhisker.org/~david/publickey.gpg for my public key.
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
Hmm.. I don't get shell to send any commands, its just go a newline and
stuck there until i hit CTRL-C and go back.
waiting for long time doesn't work either

Sami

On Sat, Jun 9, 2012 at 3:24 PM, David Wolfskill wrote:

> On Sat, Jun 09, 2012 at 03:21:29PM +0300, Sami Halabi wrote:
> > Hi,
> >
> > %id
> > uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel)
> > %
> >
> > i have another account also id 1002 - sody2, also in group wheel.
> > i can ssh using user sody/sody2, however su doesn't work if i do: su
> sody2,
> > when i logged in with user sody.
> > it seems that su is broken somehow
> >
> > any ideas?
>
> You might want to check the output of "id" after you've done that, then.
>
> > ...
>
> Peace,
> david
> --
> David H. Wolfskill  da...@catwhisker.org
> Depriving a girl or boy of an opportunity for education is evil.
>
> See http://www.catwhisker.org/~david/publickey.gpg for my public key.
>



-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Sami Halabi 
Hi,

%id
uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel)
%

i have another account also id 1002 - sody2, also in group wheel.
i can ssh using user sody/sody2, however su doesn't work if i do: su sody2,
when i logged in with user sody.
it seems that su is broken somehow

any ideas?

Thanks,
Sami

On Sat, Jun 9, 2012 at 2:07 PM, Mehmet Erol Sanliturk <
m.e.sanlit...@gmail.com> wrote:

>
>
> On Sat, Jun 9, 2012 at 3:35 AM, Oliver Fromme wrote:
>
>> Sami Halabi  wrote:
>>  > I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
>>  > once done, i created regular accounts, in wheel group.
>>  >
>>  > first all was okay, but suddenly i found my self blocked out, because i
>>  > can't ssh as root, and i can't su either, when i su i get this:
>>  > %su -
>>  > Password:
>>  >
>>  > and it stuck in that state whitout givving me root shell #.
>>
>> What's the output from "id"?  Does it include "0(wheel)"?
>>
>> And are you 100% sure that you know the correct root password?
>> If you don't, you will have to drive to the machine and fix
>> it from the console, I'm afraid.  There's no other way, unless
>> you discover a yet-unknown local root exploit.  ;-)
>>
>> Best regards
>>   Oliver
>>
>>
>> --
>> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
>> Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
>> secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
>> chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
>>
>> FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd
>>
>> With Perl you can manipulate text, interact with programs, talk over
>> networks, drive Web pages, perform arbitrary precision arithmetic,
>> and write programs that look like Snoopy swearing.
>>
>
>
>
> Please see ,
>
>
> http://www.freebsd.org/cgi/man.cgi?query=login.access&sektion=5&apropos=0&manpath=FreeBSD+9.0-RELEASE
>
> http://www.freebsd.org/cgi/man.cgi?query=login&apropos=0&sektion=0&manpath=FreeBSD+9.0-RELEASE&arch=default&format=html
>
> http://www.freebsd.org/cgi/man.cgi?query=telnetd&sektion=8&apropos=0&manpath=FreeBSD+9.0-RELEASE
>
> http://www.freebsd.org/cgi/man.cgi?query=login.conf&sektion=5&apropos=0&manpath=FreeBSD+9.0-RELEASE
>
> and , define remote login capability , otherwise the system will not
> permit remote root login because of it has dangerous security vulnerability
> .
>
> Thank you very much .
>
>
> Mehmet Erol Sanliturk
>
>
>
>
>
>
>


-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Mehmet Erol Sanliturk 
On Sat, Jun 9, 2012 at 3:35 AM, Oliver Fromme wrote:

> Sami Halabi  wrote:
>  > I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
>  > once done, i created regular accounts, in wheel group.
>  >
>  > first all was okay, but suddenly i found my self blocked out, because i
>  > can't ssh as root, and i can't su either, when i su i get this:
>  > %su -
>  > Password:
>  >
>  > and it stuck in that state whitout givving me root shell #.
>
> What's the output from "id"?  Does it include "0(wheel)"?
>
> And are you 100% sure that you know the correct root password?
> If you don't, you will have to drive to the machine and fix
> it from the console, I'm afraid.  There's no other way, unless
> you discover a yet-unknown local root exploit.  ;-)
>
> Best regards
>   Oliver
>
>
> --
> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
> Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
> secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
> chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
>
> FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd
>
> With Perl you can manipulate text, interact with programs, talk over
> networks, drive Web pages, perform arbitrary precision arithmetic,
> and write programs that look like Snoopy swearing.
>



Please see ,

http://www.freebsd.org/cgi/man.cgi?query=login.access&sektion=5&apropos=0&manpath=FreeBSD+9.0-RELEASE
http://www.freebsd.org/cgi/man.cgi?query=login&apropos=0&sektion=0&manpath=FreeBSD+9.0-RELEASE&arch=default&format=html
http://www.freebsd.org/cgi/man.cgi?query=telnetd&sektion=8&apropos=0&manpath=FreeBSD+9.0-RELEASE
http://www.freebsd.org/cgi/man.cgi?query=login.conf&sektion=5&apropos=0&manpath=FreeBSD+9.0-RELEASE

and , define remote login capability , otherwise the system will not permit
remote root login because of it has dangerous security vulnerability .

Thank you very much .


Mehmet Erol Sanliturk
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: su problem

2012-06-09 Thread Oliver Fromme 
Sami Halabi  wrote:
 > I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
 > once done, i created regular accounts, in wheel group.
 > 
 > first all was okay, but suddenly i found my self blocked out, because i
 > can't ssh as root, and i can't su either, when i su i get this:
 > %su -
 > Password:
 > 
 > and it stuck in that state whitout givving me root shell #.

What's the output from "id"?  Does it include "0(wheel)"?

And are you 100% sure that you know the correct root password?
If you don't, you will have to drive to the machine and fix
it from the console, I'm afraid.  There's no other way, unless
you discover a yet-unknown local root exploit.  ;-)

Best regards
   Oliver


-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

With Perl you can manipulate text, interact with programs, talk over
networks, drive Web pages, perform arbitrary precision arithmetic,
and write programs that look like Snoopy swearing.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

su problem

2012-06-09 Thread Sami Halabi 
Hi,
I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
once done, i created regular accounts, in wheel group.

first all was okay, but suddenly i found my self blocked out, because i
can't ssh as root, and i can't su either, when i su i get this:
%su -
Password:

and it stuck in that state whitout givving me root shell #.

any ideas how to solve this problem? the system is in the servers farm and
i need to drive 3 hours each direction, so if there is remote solution i
would appreciate it.


%more /etc/group
# $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith Exp $
#
wheel:*:0:root,sody
.
.
.
sody:*:1001:

Thanks in advance,

-- 
Sami Halabi
Information Systems Engineer
NMS Projects Expert
FreeBSD SysAdmin Expert
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"