BAD SU RESOLVED
Alexander Hall wrote: phil wrote: Alexander Hall wrote: Nick Guenther wrote: On Sun, Nov 29, 2009 at 4:51 PM, phil wrote: Hello I have some strange behavior with su in openbsd 4.6, I have two users root and test, test user is in wheel group with usermod -G wheel test, when i try to be root with su - I have the sorry message and in the /var/log/authlog I have : BAD SU test to root on /dev/ttyp0 I'm sure about the root password, cat from /etc/group show me that test user is in wheel group. If I remove the test user and recreate it whith adduser and specify to add test user in the wheel group I have the same behavior If I try to get root privilege with su root - I have the same result. What I do wrong or missing. Hmm. Try the obvious first: what does groups say about your test user? Also, the new group does not apply to an already logged in user. Use id(1) to see if you are who you seem to be. I do some more test, if I use the test user directly on the main console everythink is ok I can connect with test user and I can do an su - and be root If I do the same think from a linux term after ssh t...@bazard I can connect with user test but I cannot be gain root privilege with an su - If I run id from linux term after an ssh t...@bazard I have this : $ id uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel) $ If I run id directly from main console I have the same thing : $ id uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel) $ Phil Then I must say I _really_ think you have an issue typing the password, as in different keyboard layout or so. I'm really Sorry, You right, I'm stupid. I have a fr keyboard and I'm under vmware, I don't no why my Fr keyboard in vmware console cannot use the Alt Gr key. Really Sorry Phil
Re: BAD SU
On Sun, Nov 29, 2009 at 6:54 PM, Nick Guenther wrote: > On Sun, Nov 29, 2009 at 6:43 PM, Brad Tilley wrote: >> On Sun, Nov 29, 2009 at 6:28 PM, Brad Tilley wrote: >> >>> I see the same on 4.6-release. The initial user I added during install >>> can su and sudo >> >> Just to be clear, 'sudo su' works for newly added users who are in the >> wheel group, but su by itself does not. Apologies for the confusion. >> >> Brad >> >> > > That's funny, because I followed your directions and I can't > reproduce. I'm running 4.6 GENERIC -release. You did relogin after > changing the passwords and groups right? It's official. I'm an idiot. Was using the user passwd with su. Forgive me. su works fine.
Re: BAD SU
On Sun, Nov 29, 2009 at 6:54 PM, Nick Guenther wrote: > On Sun, Nov 29, 2009 at 6:43 PM, Brad Tilley wrote: >> On Sun, Nov 29, 2009 at 6:28 PM, Brad Tilley wrote: >> >>> I see the same on 4.6-release. The initial user I added during install >>> can su and sudo >> >> Just to be clear, 'sudo su' works for newly added users who are in the >> wheel group, but su by itself does not. Apologies for the confusion. >> >> Brad > > That's funny, because I followed your directions and I can't > reproduce. I'm running 4.6 GENERIC -release. You did relogin after > changing the passwords and groups right? Yes, when I type su as user test, I get "Sorry" outputted to the console and I see "BAD SU test to root on /dev/ttyC0" in /var/log/authlog. I'm doing this locally on a laptop. When I type sudo su as user test, I get a root shell. In /etc/sudoers I have the %wheel line for no password uncommented. Brad
Re: BAD SU
On Sun, Nov 29, 2009 at 6:43 PM, Brad Tilley wrote: > On Sun, Nov 29, 2009 at 6:28 PM, Brad Tilley wrote: > >> I see the same on 4.6-release. The initial user I added during install >> can su and sudo > > Just to be clear, 'sudo su' works for newly added users who are in the > wheel group, but su by itself does not. Apologies for the confusion. > > Brad > > That's funny, because I followed your directions and I can't reproduce. I'm running 4.6 GENERIC -release. You did relogin after changing the passwords and groups right?
Re: BAD SU
phil wrote: > Alexander Hall wrote: >> Nick Guenther wrote: >> >>> On Sun, Nov 29, 2009 at 4:51 PM, phil wrote: >>> >>>> Hello >>>> >>>> I have some strange behavior with su in openbsd 4.6, >>>> I have two users root and test, test user is in wheel group with >>>> usermod -G >>>> wheel test, when i try to be root with su - >>>> I have the sorry message and in the /var/log/authlog I have : >>>> BAD SU test to root on /dev/ttyp0 >>>> >>>> I'm sure about the root password, cat from /etc/group show me that >>>> test user >>>> is in wheel group. >>>> If I remove the test user and recreate it whith adduser and specify >>>> to add >>>> test user in the wheel group I have the same behavior >>>> If I try to get root privilege with su root - I have the same result. >>>> >>>> What I do wrong or missing. >>>> >>>> >>> Hmm. Try the obvious first: what does groups say about your test user? >>> >> >> Also, the new group does not apply to an already logged in user. Use >> id(1) to see if you are who you seem to be. >> >> > I do some more test, if I use the test user directly on the main console > everythink is ok > I can connect with test user and I can do an su - and be root > > If I do the same think from a linux term after ssh t...@bazard I can > connect with user test but I cannot be gain root privilege with an su - > > If I run id from linux term after an ssh t...@bazard I have this : > $ id > uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel) > $ > If I run id directly from main console I have the same thing : > $ id > uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel) > $ > > Phil Then I must say I _really_ think you have an issue typing the password, as in different keyboard layout or so.
Re: BAD SU
On Sun, Nov 29, 2009 at 6:28 PM, Brad Tilley wrote: > I see the same on 4.6-release. The initial user I added during install > can su and sudo Just to be clear, 'sudo su' works for newly added users who are in the wheel group, but su by itself does not. Apologies for the confusion. Brad
Re: BAD SU
Alexander Hall wrote: Nick Guenther wrote: On Sun, Nov 29, 2009 at 4:51 PM, phil wrote: Hello I have some strange behavior with su in openbsd 4.6, I have two users root and test, test user is in wheel group with usermod -G wheel test, when i try to be root with su - I have the sorry message and in the /var/log/authlog I have : BAD SU test to root on /dev/ttyp0 I'm sure about the root password, cat from /etc/group show me that test user is in wheel group. If I remove the test user and recreate it whith adduser and specify to add test user in the wheel group I have the same behavior If I try to get root privilege with su root - I have the same result. What I do wrong or missing. Hmm. Try the obvious first: what does groups say about your test user? Also, the new group does not apply to an already logged in user. Use id(1) to see if you are who you seem to be. I do some more test, if I use the test user directly on the main console everythink is ok I can connect with test user and I can do an su - and be root If I do the same think from a linux term after ssh t...@bazard I can connect with user test but I cannot be gain root privilege with an su - If I run id from linux term after an ssh t...@bazard I have this : $ id uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel) $ If I run id directly from main console I have the same thing : $ id uid=1000(test) gid=1000(test) groups=1000(test), 0(wheel) $ Phil
Re: BAD SU
On Sun, Nov 29, 2009 at 4:51 PM, phil wrote: > Hello > > I have some strange behavior with su in openbsd 4.6, > I have two users root and test, test user is in wheel group with usermod -G > wheel test, when i try to be root with su - > I have the sorry message and in the /var/log/authlog I have : > BAD SU test to root on /dev/ttyp0 > > I'm sure about the root password, cat from /etc/group show me that test user > is in wheel group. > If I remove the test user and recreate it whith adduser and specify to add > test user in the wheel group I have the same behavior > If I try to get root privilege with su root - I have the same result. > > What I do wrong or missing. > > Phil I see the same on 4.6-release. The initial user I added during install can su and sudo OK, but users I add now cannot. 4.6-current works OK, no problems. Here's how I tested on release: useradd -m test usermod -G wheel test grep /etc/group (to see that test is indeed in the wheel group, he is) I tried a couple of different user names (Just in case it was something specific to test) and they all behave the same. id shows test as uid 1001 gid 10 groups 10 and 0 Brad
Re: BAD SU
Nick Guenther wrote: > On Sun, Nov 29, 2009 at 4:51 PM, phil wrote: >> Hello >> >> I have some strange behavior with su in openbsd 4.6, >> I have two users root and test, test user is in wheel group with usermod -G >> wheel test, when i try to be root with su - >> I have the sorry message and in the /var/log/authlog I have : >> BAD SU test to root on /dev/ttyp0 >> >> I'm sure about the root password, cat from /etc/group show me that test user >> is in wheel group. >> If I remove the test user and recreate it whith adduser and specify to add >> test user in the wheel group I have the same behavior >> If I try to get root privilege with su root - I have the same result. >> >> What I do wrong or missing. >> > > Hmm. Try the obvious first: what does groups say about your test user? Also, the new group does not apply to an already logged in user. Use id(1) to see if you are who you seem to be.
Re: BAD SU
Nick Guenther wrote: On Sun, Nov 29, 2009 at 4:51 PM, phil wrote: Hello I have some strange behavior with su in openbsd 4.6, I have two users root and test, test user is in wheel group with usermod -G wheel test, when i try to be root with su - I have the sorry message and in the /var/log/authlog I have : BAD SU test to root on /dev/ttyp0 I'm sure about the root password, cat from /etc/group show me that test user is in wheel group. If I remove the test user and recreate it whith adduser and specify to add test user in the wheel group I have the same behavior If I try to get root privilege with su root - I have the same result. What I do wrong or missing. Hmm. Try the obvious first: what does groups say about your test user? User test is in test group like this test:*:1000: and for /etc/passwd like this test:*:1000:1000:test:/home/test:/bin/ksh groupinfo test say : name test passwd * gid 1000 members if I check wheel group test is in wheel group : name wheel passwd * gid 0 members root test If I check test user I have this : login test passwd HASH KEY uid 1000 group test wheel change NEVER . What can I check ? because everythink seems OK Phil
Re: BAD SU
On Sun, Nov 29, 2009 at 4:51 PM, phil wrote: > Hello > > I have some strange behavior with su in openbsd 4.6, > I have two users root and test, test user is in wheel group with usermod -G > wheel test, when i try to be root with su - > I have the sorry message and in the /var/log/authlog I have : > BAD SU test to root on /dev/ttyp0 > > I'm sure about the root password, cat from /etc/group show me that test user > is in wheel group. > If I remove the test user and recreate it whith adduser and specify to add > test user in the wheel group I have the same behavior > If I try to get root privilege with su root - I have the same result. > > What I do wrong or missing. > Hmm. Try the obvious first: what does groups say about your test user?
BAD SU
Hello I have some strange behavior with su in openbsd 4.6, I have two users root and test, test user is in wheel group with usermod -G wheel test, when i try to be root with su - I have the sorry message and in the /var/log/authlog I have : BAD SU test to root on /dev/ttyp0 I'm sure about the root password, cat from /etc/group show me that test user is in wheel group. If I remove the test user and recreate it whith adduser and specify to add test user in the wheel group I have the same behavior If I try to get root privilege with su root - I have the same result. What I do wrong or missing. Phil