su problem

> Sami Halabi <[hidden email]> wrote:
>  > I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
>  > once done, i created regular accounts, in wheel group.
>  >
>  > first all was okay, but suddenly i found my self blocked out, because i
>  > can't ssh as root, and i can't su either, when i su i get this:
>  > %su -
>  > Password:
>  >
>  > and it stuck in that state whitout givving me root shell #.
>
> What's the output from "id"?  Does it include "0(wheel)"?
>
> And are you 100% sure that you know the correct root password?
> If you don't, you will have to drive to the machine and fix
> it from the console, I'm afraid.  There's no other way, unless
> you discover a yet-unknown local root exploit.  ;-)
>
> Best regards
>   Oliver
>
>
> --
> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
> Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
> secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
> chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
>
> FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd
>
> With Perl you can manipulate text, interact with programs, talk over
> networks, drive Web pages, perform arbitrary precision arithmetic,
> and write programs that look like Snoopy swearing.
>

>
>
> On Sat, Jun 9, 2012 at 3:35 AM, Oliver Fromme <[hidden email]>wrote:
>
>> Sami Halabi <[hidden email]> wrote:
>>  > I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
>>  > once done, i created regular accounts, in wheel group.
>>  >
>>  > first all was okay, but suddenly i found my self blocked out, because i
>>  > can't ssh as root, and i can't su either, when i su i get this:
>>  > %su -
>>  > Password:
>>  >
>>  > and it stuck in that state whitout givving me root shell #.
>>
>> What's the output from "id"?  Does it include "0(wheel)"?
>>
>> And are you 100% sure that you know the correct root password?
>> If you don't, you will have to drive to the machine and fix
>> it from the console, I'm afraid.  There's no other way, unless
>> you discover a yet-unknown local root exploit.  ;-)
>>
>> Best regards
>>   Oliver
>>
>>
>> --
>> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
>> Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
>> secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
>> chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
>>
>> FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd
>>
>> With Perl you can manipulate text, interact with programs, talk over
>> networks, drive Web pages, perform arbitrary precision arithmetic,
>> and write programs that look like Snoopy swearing.
>>
>
>
>
> Please see ,
>
>
> http://www.freebsd.org/cgi/man.cgi?query=login.access&sektion=5&apropos=0&manpath=FreeBSD+9.0-RELEASE
>
> http://www.freebsd.org/cgi/man.cgi?query=login&apropos=0&sektion=0&manpath=FreeBSD+9.0-RELEASE&arch=default&format=html
>
> http://www.freebsd.org/cgi/man.cgi?query=telnetd&sektion=8&apropos=0&manpath=FreeBSD+9.0-RELEASE
>
> http://www.freebsd.org/cgi/man.cgi?query=login.conf&sektion=5&apropos=0&manpath=FreeBSD+9.0-RELEASE
>
> and , define remote login capability , otherwise the system will not
> permit remote root login because of it has dangerous security vulnerability
> .
>
> Thank you very much .
>
>
> Mehmet Erol Sanliturk
>
>
>
>
>
>
>

> On Sat, Jun 09, 2012 at 03:21:29PM +0300, Sami Halabi wrote:
> > Hi,
> >
> > %id
> > uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel)
> > %
> >
> > i have another account also id 1002 - sody2, also in group wheel.
> > i can ssh using user sody/sody2, however su doesn't work if i do: su
> sody2,
> > when i logged in with user sody.
> > it seems that su is broken somehow....
> >
> > any ideas?
>
> You might want to check the output of "id" after you've done that, then.
>
> > ...
>
> Peace,
> david
> --
> David H. Wolfskill                              [hidden email]
> Depriving a girl or boy of an opportunity for education is evil.
>
> See http://www.catwhisker.org/~david/publickey.gpg for my public key.
>

> On Sat, Jun 09, 2012 at 03:32:44PM +0300, Sami Halabi wrote:
> > Hmm.. I don't get shell to send any commands, its just go a newline and
> > stuck there until i hit CTRL-C and go back.
> > waiting for long time doesn't work either....
>
> ^T can sometimes provide clues as to the resource for which the process
> is waiting.
>
> Peace,
> david
> --
> David H. Wolfskill                              [hidden email]
> Depriving a girl or boy of an opportunity for education is evil.
>
> See http://www.catwhisker.org/~david/publickey.gpg for my public key.
>

> Hi,
> I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
> once done, i created regular accounts, in wheel group.
>
> first all was okay, but suddenly i found my self blocked out, because i
> can't ssh as root, and i can't su either, when i su i get this:
> %su -
> Password:
>
> and it stuck in that state whitout givving me root shell #.
>
> any ideas how to solve this problem? the system is in the servers farm  
> and
> i need to drive 3 hours each direction, so if there is remote solution i
> would appreciate it.
>
>
> %more /etc/group
> # $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith  
> Exp $
> #
> wheel:*:0:root,sody
> .
> .
> .
> sody:*:1001:
>
> Thanks in advance,
>

> On Sat, 09 Jun 2012 09:55:28 +0200, Sami Halabi <[hidden email]>
> wrote:
>
>  Hi,
>> I Just finished upgrade from FBSD-8.1-R fresh system to FBSD-8.3-p2.
>> once done, i created regular accounts, in wheel group.
>>
>> first all was okay, but suddenly i found my self blocked out, because i
>> can't ssh as root, and i can't su either, when i su i get this:
>> %su -
>> Password:
>>
>> and it stuck in that state whitout givving me root shell #.
>>
>> any ideas how to solve this problem? the system is in the servers farm and
>> i need to drive 3 hours each direction, so if there is remote solution i
>> would appreciate it.
>>
>>
>> %more /etc/group
>> # $FreeBSD: src/etc/group,v 1.35.10.2.2.1 2012/03/03 06:15:13 kensmith
>> Exp $
>> #
>> wheel:*:0:root,sody
>> .
>> .
>> .
>> sody:*:1001:
>>
>> Thanks in advance,
>>
>>
> It does not solve your problem now, but if it is a couple of hours away
> arrange some remote serial console access.
>
> Ronald.
> ______________________________**_________________
> [hidden email] mailing list
> http://lists.freebsd.org/**mailman/listinfo/freebsd-**stable<http://lists.freebsd.org/mailman/listinfo/freebsd-stable>
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@**freebsd.org<[hidden email]>
> "
>

> On Sat, Jun 09, 2012 at 03:47:07PM +0300, Sami Halabi wrote:
> > %su -
> > Password:
> > load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k
> > ...
> > load: 0.00  cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k
> > ...
>
> Well, that wasn't as helpful as it might have been, then -- though it
> does clearly indicate that the process isn't waiting on (say) keyboard
> input.
>
> Have you checked messages (e.g., /var/log/messages)?
>
> Also, while you're logged in as your primary account, the output of "id
> sody2" may be useful.
>
> The other thing that comes to mind is that it may be useful for you to
> login (as "sody") twice (i.e., from 2 different xterms, or using a
> "terminal mux" program such as tmux(1) (in ports; sysutils/tmux) so from
> one session, you can try "su sody2" and from the other, you can issue
> commands such as "top" or "ps lwt ttydcd" to see what processes are
> running on the (apparently stalled) session.
>
> It's also possible that there's something wrong with the login shell
> initialization scripts used for sody2.  The above commands may help
> identify that case.
>
> Peace,
> david
> --
> David H. Wolfskill                              [hidden email]
> Depriving a girl or boy of an opportunity for education is evil.
>
> See http://www.catwhisker.org/~david/publickey.gpg for my public key.
>

> Sami Halabi <[hidden email]> wrote:
>  > %id
>  > uid=1001(sody) gid=1001(sody) groups=1001(sody),0(wheel)
>  > %
>  >
>  > i have another account also id 1002 - sody2, also in group wheel.
>  > i can ssh using user sody/sody2, however su doesn't work if i do: su
> sody2,
>  > when i logged in with user sody.
>  > it seems that su is broken somehow....
>
> Something is definitely broken.  Maybe the suid-root bit was
> accidentally removed from the su binary?  What is the output
> from "ls -l /usr/bin/su"?
>
> Best regards
>   Oliver
>
>
> --
> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
> Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
> secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
> chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart
>
> FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd
>
> "If you think C++ is not overly complicated, just what is a protected
> abstract virtual base pure virtual private destructor, and when was the
> last time you needed one?"
>        -- Tom Cargil, C++ Journal
>

> %su -
> Password:
> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 4.81r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 5.34r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 5.72r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 6.21r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 6.67r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 7.14r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 7.53r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 7.89r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 8.14r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k
> load: 0.00  cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k
>
>
> Thanks,
> Sami

> On Sat, 2012-06-09 at 15:47 +0300, Sami Halabi wrote:
> > %su -
> > Password:
> > load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 3.99r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 4.81r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 5.34r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 5.72r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 6.21r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 6.67r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 7.14r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 7.53r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 7.89r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 8.14r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 8.35r 0.00u 0.00s 0% 2092k
> > load: 0.00  cmd: su 30588 [ttydcd] 8.53r 0.00u 0.00s 0% 2092k
> >
> >
> > Thanks,
> > Sami
>
> Since the wait is "ttydcd", try "stty clocal" before doing the "su"
> command.  I don't know why su would be waiting for dcd (modem carrier)
> but setting clocal mode should eliminate that wait.
>
> -- Ian
>
>
>

> 09.06.2012 19:47, Sami Halabi пишет:
> > %su -
> > Password:
> > load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
>
> Perpaps, your system had no keyboard attached at boot time;
> or for some other reason it booted with /dev/console being serial console
> instead of vidconsole. su locks trying to access serial console
> that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
> Hence, it waits for CD on the first serial port (miserably and hopelessly).
>
> You can check if it's true with "sysctl kern.console" command.
> You could ask someone to boot the system with keyboard attached -
> no need to type anything, though. The system should detect it
> and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
> And "su" won't lock.
>
> Eugene Grosbein
>

> Hi,
>
> %sysctl kern.console
> kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom,
>
> %tail /var/log/messages
> Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
> Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
> Jun  7 20:18:04 vps16 kernel: ugen0.2: <vendor 0x09da> at usbus0
> Jun  7 20:18:04 vps16 kernel: ukbd0: <vendor 0x09da USB Keyboard, class
> 0/0, rev 1.10/2.50, addr 2> on usbus0
> Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
> Jun  7 20:18:05 vps16 kernel: uhid0: <vendor 0x09da USB Keyboard, class
> 0/0, rev 1.10/2.50, addr 2> on usbus0
> Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
> Jun  7 20:21:19 vps16 kernel: ugen0.2: <vendor 0x09da> at usbus0
> (disconnected)
> Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2 (disconnected)
> Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2 (disconnected)
> %
>
> the system was loaded with keyboard and disconnected later if i understand
> the logs...
>
> New ideas are appreciated, and thanks in advance,
> Sami
>
> On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein <[hidden email]> wrote:
>
>> 09.06.2012 19:47, Sami Halabi пишет:
>>> %su -
>>> Password:
>>> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
>>
>> Perpaps, your system had no keyboard attached at boot time;
>> or for some other reason it booted with /dev/console being serial console
>> instead of vidconsole. su locks trying to access serial console
>> that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
>> Hence, it waits for CD on the first serial port (miserably and hopelessly).
>>
>> You can check if it's true with "sysctl kern.console" command.
>> You could ask someone to boot the system with keyboard attached -
>> no need to type anything, though. The system should detect it
>> and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
>> And "su" won't lock.
>>
>> Eugene Grosbein
>>
>
>
>
> --
> Sami Halabi
> Information Systems Engineer
> NMS Projects Expert
> FreeBSD SysAdmin Expert
> _______________________________________________
> [hidden email] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "[hidden email]"

>
>
>
> On Jun 9, 2012, at 2:45 PM, Sami Halabi <[hidden email]> wrote:
>
> > Hi,
> >
> > %sysctl kern.console
> > kern.console: ttyv0,dcons,/dcons,ttyv0,uart,ucom,
> >
> > %tail /var/log/messages
> > Jun  7 19:54:35 vps16 kernel: Trying to mount root from ufs:/dev/da0s1a
> > Jun  7 19:54:36 vps16 kernel: bge0: link state changed to UP
> > Jun  7 20:18:04 vps16 kernel: ugen0.2: <vendor 0x09da> at usbus0
> > Jun  7 20:18:04 vps16 kernel: ukbd0: <vendor 0x09da USB Keyboard, class
> > 0/0, rev 1.10/2.50, addr 2> on usbus0
> > Jun  7 20:18:04 vps16 kernel: kbd2 at ukbd0
> > Jun  7 20:18:05 vps16 kernel: uhid0: <vendor 0x09da USB Keyboard, class
> > 0/0, rev 1.10/2.50, addr 2> on usbus0
> > Jun  7 20:19:37 vps16 login: ROOT LOGIN (root) ON ttyv1
> > Jun  7 20:21:19 vps16 kernel: ugen0.2: <vendor 0x09da> at usbus0
> > (disconnected)
> > Jun  7 20:21:19 vps16 kernel: ukbd0: at uhub0, port 1, addr 2
> (disconnected)
> > Jun  7 20:21:19 vps16 kernel: uhid0: at uhub0, port 1, addr 2
> (disconnected)
> > %
> >
> > the system was loaded with keyboard and disconnected later if i
> understand
> > the logs...
> >
> > New ideas are appreciated, and thanks in advance,
> > Sami
> >
> > On Sat, Jun 9, 2012 at 7:42 PM, Eugene Grosbein <[hidden email]>
> wrote:
> >
> >> 09.06.2012 19:47, Sami Halabi пишет:
> >>> %su -
> >>> Password:
> >>> load: 0.00  cmd: su 30588 [ttydcd] 0.91r 0.00u 0.00s 0% 2092k
> >>
> >> Perpaps, your system had no keyboard attached at boot time;
> >> or for some other reason it booted with /dev/console being serial
> console
> >> instead of vidconsole. su locks trying to access serial console
> >> that is /dev/ttyd0 by default and has Carrier Detect flag enabled.
> >> Hence, it waits for CD on the first serial port (miserably and
> hopelessly).
> >>
> >> You can check if it's true with "sysctl kern.console" command.
> >> You could ask someone to boot the system with keyboard attached -
> >> no need to type anything, though. The system should detect it
> >> and assingn /dev/ttyv0 as /dev/console instead of /dev/ttyd0.
> >> And "su" won't lock.
> >>
> >> Eugene Grosbein
> >>
> >
> >
> >
> > --
> > Sami Halabi
> > Information Systems Engineer
> > NMS Projects Expert
> > FreeBSD SysAdmin Expert
> > _______________________________________________
> > [hidden email] mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > To unsubscribe, send any mail to "[hidden email]
> "
>
> Check the permissions on the su binary it could be missing the suid but.
>
> ---
> Mark saad | [hidden email]
>
> _______________________________________________
> [hidden email] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "[hidden email]"
>