Re: [gentoo-user] Can't login with a normal user
Abraham Marín Pérez escribió: 4) The file system is mounted noexec. (So, make sure that you filesystem is currently mounted exec.) As stated earlier, there is no noexec flag: /dev/sda2 on / type ext3 (rw,noatime) Just blind-shooting but still here are my 0.02$... could it be possible that you had the noexec flag enabled by default somewhere and hence it's being used even without typing it explicitly in /etc/fstab?? On the other hand, it might be helpful to check if ordinary users can execute any other program or it's just a shell problem (you can check this through cron, for example). HTH, Abraham Sorry, Thunderbird hadn't downloaded latest mail when I wrote this, so I didn't know the problem was already solved at the moment... Abraham -- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
4) The file system is mounted noexec. (So, make sure that you filesystem is currently mounted exec.) As stated earlier, there is no noexec flag: /dev/sda2 on / type ext3 (rw,noatime) Just blind-shooting but still here are my 0.02$... could it be possible that you had the noexec flag enabled by default somewhere and hence it's being used even without typing it explicitly in /etc/fstab?? On the other hand, it might be helpful to check if ordinary users can execute any other program or it's just a shell problem (you can check this through cron, for example). HTH, Abraham -- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
On Tue, 19 Jun 2007 14:30:39 -0500 "Boyd Stephen Smith Jr." <[EMAIL PROTECTED]> wrote: > My locally installed man page doesn't provide any other explanations for that > return code, so I'm still betting it's one of those things. However, someone > more skilled than I might be able to spend some time digging through libc > and/or the kernel to determine an alternative cause. Well, you win... I looked at least once at `ls -ld /*' and saw nothing out of the ordinary. Then, I just checked again and there it was, /lib64 had the permission '000'. Guess I should've checked more thorough, especially when you mentioned path_resolution(2), sorry. But at last everything works again, thanks everyone! Jan-Hendrik Zab -- | Jan-Hendrik Zab | +49 (0)1773392888 | http://www.v3ng34nce.org -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Jan-Hendrik Zab wrote: >> On my system: >> $ ls -ld / >> drwxr-xr-x 23 root root 664 2007-06-11 20:27 / > > That's due to the ZSH settings/command. So, we are sure that /bin/zsh is not being run from a chrooted environment or something? - -- Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica Free Music: http://www.buanzo.com.ar/files/buanzo-ultimamente.ogg Consulting and Secure Mail Hosting: http://www.buanzo.com.ar/pro/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGeDYhAlpOsGhXcE0RCnYGAJ45ONGCkistMuvB+nZecaBMrFGSSwCcDx1R As8nkYU+x8PwHdMWoMaJI24= =8Jzs -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
On Tuesday 19 June 2007 14:03:20 Jan-Hendrik Zab wrote: > I really dislike this problem :D /me agrees. My locally installed man page doesn't provide any other explanations for that return code, so I'm still betting it's one of those things. However, someone more skilled than I might be able to spend some time digging through libc and/or the kernel to determine an alternative cause. Does you dmesg show any kernel faults/backtraces? Sometimes they can muck up things enough to cause "weird errors" but not enough to crash the system. If so, I'd recommend capturing it and rebooting. Then, report the fault as a bug. -- Boyd Stephen Smith Jr. ,= ,-_-. =. [EMAIL PROTECTED] ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.org/ \_/ signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Can't login with a normal user
On Tue, 19 Jun 2007 13:17:57 -0500 "Boyd Stephen Smith Jr." <[EMAIL PROTECTED]> wrote: [snip] > According to http://www.die.net/doc/linux/man/man2/execve.2.html EACCES is > only returned by this function for a few reasons: > > 1) Search permission is denied on a component of the path prefix of filename > or the name of a script interpreter. (See also path_resolution(2).) > > (So, make sure /bin and / are executable by uid 1000.) Both /bin and / have 'drwxr-xr-x' permissions and /bin/zsh has the same, of course without 'd'. > 2) The file or a script interpreter is not a regular file. > > (So, make sure /bin/zsh is not a symlink, evidently that doesn't work.) [EMAIL PROTECTED]:/usr] # file /bin/zsh /bin/zsh: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), stripped So, it is a normal executable file. > 3) Execute permission is denied for the file or a script or ELF interpreter. > > (So, make sure that /bin/zsh and /lib/ld-linux.so* are executable. > If /bin/zsh is a script make sure the interpreter listed after #! is > executable. Proceed recursively if THAT is a script.) /lib64/ld-linux-x86-64.so.2 is a symlink to /lib64/ld-2.5.so which can be executed, /bin/zsh is /linked/ to the symlink and their permission are IMHO correct: -rwxr-xr-x 1 root root 137226 2007-06-17 16:20 /lib64/ld-2.5.so* lrwxrwxrwx 1 root root 9 2007-06-17 16:21 /lib64/ld-linux-x86-64.so.2 -> ld-2.5.so* > (Also, is it possible that you don't have the right /lib/ld-linux.so? See > the > above link for some detail [the paragraph just above RETURN VALUE]. ldd > should be able to show you which one you need.) Well, I think it's the right one. See above. > 4) The file system is mounted noexec. > > (So, make sure that you filesystem is currently mounted exec.) As stated earlier, there is no noexec flag: /dev/sda2 on / type ext3 (rw,noatime) > If all of those check out, I think you'll have to "use the source, luke". > > > Permissions of '/': > > > > drwxr-xr-x 20 root root 4096 2007-06-17 16:21 // > > That looks a little weird, but only because of the extra '/'. > > On my system: > $ ls -ld / > drwxr-xr-x 23 root root 664 2007-06-11 20:27 / That's due to the ZSH settings/command. PS. I really dislike this problem :D Jan-Hendrik Zab -- | Jan-Hendrik Zab | +49 (0)1773392888 | http://www.v3ng34nce.org -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
On Tuesday 19 June 2007 12:27:10 Jan-Hendrik Zab wrote: > 'strace -f su - jonsnow': > > [pid 4117] execve("/bin/zsh", ["-su"], [/* 6 vars */]) = > -1 EACCES (Permission denied) Note that the trace clearly shows that /bin/zsh isn't returning an error code (in which case pid 4117 would immediately die) but rather the execve call is returning an error code and the fork()ed copy of su continues executing (writes an error to stderr and then dies). According to http://www.die.net/doc/linux/man/man2/execve.2.html EACCES is only returned by this function for a few reasons: 1) Search permission is denied on a component of the path prefix of filename or the name of a script interpreter. (See also path_resolution(2).) (So, make sure /bin and / are executable by uid 1000.) 2) The file or a script interpreter is not a regular file. (So, make sure /bin/zsh is not a symlink, evidently that doesn't work.) 3) Execute permission is denied for the file or a script or ELF interpreter. (So, make sure that /bin/zsh and /lib/ld-linux.so* are executable. If /bin/zsh is a script make sure the interpreter listed after #! is executable. Proceed recursively if THAT is a script.) (Also, is it possible that you don't have the right /lib/ld-linux.so? See the above link for some detail [the paragraph just above RETURN VALUE]. ldd should be able to show you which one you need.) 4) The file system is mounted noexec. (So, make sure that you filesystem is currently mounted exec.) If all of those check out, I think you'll have to "use the source, luke". > Permissions of '/': > > drwxr-xr-x 20 root root 4096 2007-06-17 16:21 // That looks a little weird, but only because of the extra '/'. On my system: $ ls -ld / drwxr-xr-x 23 root root 664 2007-06-11 20:27 / -- Boyd Stephen Smith Jr. ,= ,-_-. =. [EMAIL PROTECTED] ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.org/ \_/ signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Can't login with a normal user
Hi, My friend had a problem, similar to yours. He could not login as normal user. In his system something happened and the permission of /usr/bin /bin and in some other directories changed to dr-x-- Restoring their permissions to drwxr-xr-x sovled his problem. I do not know, this could help you or not, just guessing. Regards, István -- IT szolgáltatások, alkalmazásszolgáltatás http://www.osbusiness.hu -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
On Tue, 19 Jun 2007 18:34:15 +0200 Hans-Werner Hilse <[EMAIL PROTECTED]> wrote: > > The permissions of /bin seem to be okay: > > > > drwxr-xr-x 2 root root 4096 2007-06-19 14:53 bin/ > > Hm, and / ? > > I think PAM is alright, the log messages you posted indicate that a > session _was_ opened, so it fails right after that happened. So if > permissions on / are fine, too, I'd try strace'ing a login, just as I > suggested earlier. 'strace -f su - jonsnow': http://v3ng34nce.org/debug.out Sorry, forgot to send the link due to some necessary work in the garden ;-) Permissions of '/': drwxr-xr-x 20 root root 4096 2007-06-17 16:21 // Jan-Hendrik Zab -- | Jan-Hendrik Zab | +49 (0)1773392888 | http://www.v3ng34nce.org -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
Am Dienstag, 19. Juni 2007 schrieb Jan-Hendrik Zab: > On Tue, 19 Jun 2007 17:58:17 +0200 > > Dirk Heinrichs <[EMAIL PROTECTED]> wrote: > > Did you try to fsck the / fs? > > Yes, I did. There were no problems at all. Would have been too easy :-) > Claws appends that automatically ('-- ') and it's not only the right > string but also displayed correctly on my laptop. OK. > O_o Dunno why it > should be different in KMail? Hmm, maybe it's confused because of the two separators. It cuts off after the second one, which seems to be added be the mailing list manager. Didn't see that in the first reply. Sorry. Kmail does indeed strange things, as you can see below: > Jan-Hendrik Zab > -- > > | Jan-Hendrik Zab > | +49 (0)1773392888 > | http://www.v3ng34nce.org Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Can't login with a normal user
Hi, On Tue, 19 Jun 2007 16:39:19 +0200 Jan-Hendrik Zab <[EMAIL PROTECTED]> wrote: > The permissions of /bin seem to be okay: > > drwxr-xr-x 2 root root 4096 2007-06-19 14:53 bin/ Hm, and / ? I think PAM is alright, the log messages you posted indicate that a session _was_ opened, so it fails right after that happened. So if permissions on / are fine, too, I'd try strace'ing a login, just as I suggested earlier. -hwh -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
On Tue, 19 Jun 2007 17:58:17 +0200 Dirk Heinrichs <[EMAIL PROTECTED]> wrote: > Did you try to fsck the / fs? Yes, I did. There were no problems at all. > > -- > > Sig. should be separated with "-- ", not "--". Claws appends that automatically ('-- ') and it's not only the right string but also displayed correctly on my laptop. O_o Dunno why it should be different in KMail? Jan-Hendrik Zab -- | Jan-Hendrik Zab | +49 (0)1773392888 | http://www.v3ng34nce.org -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
Hi, Did you try to fsck the / fs? > -- Sig. should be separated with "-- ", not "--". signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Can't login with a normal user
On Tue, 19 Jun 2007 15:20:31 +0200 Hans-Werner Hilse <[EMAIL PROTECTED]> wrote: > - noexec partition (unlikely, since more or less nothing would work), or > - PAM getting angry, maybe because your /etc/shells doesn't contain the > shells? > > If it's none of these, check the system log. PAM should monitor the > reason. If that doesn't tell anything, try running "strace -f su - youruser" There is no noexec flag on the partition and /etc/shells is okay as well. But when I try to log in on the terminal the following is written into the error log (with ssh only the last two): Jun 19 16:09:15 [login] pam_tally(login:account): option deny=0 allowed in auth phase only Jun 19 16:09:15 [login] pam_tally(login:account): unknown option: no_magic_root Jun 19 16:09:15 [login] pam_unix(login:session): session opened for user jonsnow by LOGIN(uid=0) Jun 19 16:09:15 [login] pam_unix(login:session): session closed for user jonsnow The corresponding entries (to the first two lines are) in /etc/pam.d/login. auth required pam_tally.so file=/var/log/faillog onerr=succeed no_magic_root accountrequired pam_tally.so deny=0 file=/var/log/faillog onerr=succeed no_magic_root I tried to remove the options to test if it had some effect but just the first two lines vanished and I still couldn't log in. Additionally, the pam files seem to be the same as on my file server. The permissions of /bin seem to be okay: drwxr-xr-x 2 root root 4096 2007-06-19 14:53 bin/ Jan-Hendrik Zab -- | Jan-Hendrik Zab | +49 (0)1773392888 | http://www.v3ng34nce.org -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
Hi, On Tue, 19 Jun 2007 14:53:44 +0200 Jan-Hendrik Zab <[EMAIL PROTECTED]> wrote: > Hey, > for a few days now I'm unable to log in to my PC[0] with a normal user > (root works just fine). The following error is printed: > > /bin/zsh: Permission denied - noexec partition (unlikely, since more or less nothing would work), or - PAM getting angry, maybe because your /etc/shells doesn't contain the shells? If it's none of these, check the system log. PAM should monitor the reason. If that doesn't tell anything, try running "strace -f su - youruser" -hwh -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't login with a normal user
Jan-Hendrik Zab escribió: Hey, for a few days now I'm unable to log in to my PC[0] with a normal user (root works just fine). The following error is printed: /bin/zsh: Permission denied The same happens when I try it with a user that has /bin/bash as the default shell. The permissions for both files are: -rwxr-xr-x 2 root root Furthermore, it occurs regardless if I try to log in directly at the terminal or per SSH. I've no clue how to get rid of this problem or even how it manifested itself in the first place. So any help would be very appreciated! Regards, Jan-Hendrik Zab [0] - Running a ~amd64 Gentoo. IMHO, the problem is it can't get the bash program to execute. Permissions on bash binary seem ok to me, maybe a problem with /bin's permissions? HTH, Abraham -- -- [EMAIL PROTECTED] mailing list
[gentoo-user] Can't login with a normal user
Hey, for a few days now I'm unable to log in to my PC[0] with a normal user (root works just fine). The following error is printed: /bin/zsh: Permission denied The same happens when I try it with a user that has /bin/bash as the default shell. The permissions for both files are: -rwxr-xr-x 2 root root Furthermore, it occurs regardless if I try to log in directly at the terminal or per SSH. I've no clue how to get rid of this problem or even how it manifested itself in the first place. So any help would be very appreciated! Regards, Jan-Hendrik Zab [0] - Running a ~amd64 Gentoo. -- | Jan-Hendrik Zab | +49 (0)1773392888 | http://www.v3ng34nce.org -- [EMAIL PROTECTED] mailing list